Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We have launched a new Trust Layer to help enterprises operate more safely and effectively as AI agents and other forms of automation shape the web as we know it. This exciting new era reflects a broader shift in how organisations need to think about digital traffic.

2025 changed the shape of digital risk. In 2026, the impact accelerates. The fastest-growing threats no longer look like traditional attacks. They arrive through apparently legitimate automated access – AI agents, LLM crawlers, and delegated automation interacting directly with revenue-critical systems. They don’t trigger alarms. They quietly extract value, distort pricing logic, and reshape digital economics at scale.

Cybersecurity tools and procedures were designed to provide full defence against predictable threats that followed patterns that would raise alarms. Familiar CAPTCHAs, IP blocks, browser checks, browser fingerprinting, and login restrictions would provide a protective layer for businesses to ensure only genuine users were using their website, or app, or API responsibly. This layer of cybersecurity used to distinguish human from bot.

The web is entering a new phase. Artificial intelligence is beginning to act on behalf of people rather than simply assisting them. AI agents are now browsing, comparing, and buying, taking on the decisions that once sat firmly in human hands. This marks the start of the agentic marketplace, an emerging ecosystem where autonomous systems interact, negotiate, and transact across digital platforms.

Account takeover (ATO) is one of the most consistent and costly threats facing consumer-facing businesses in 2025. And this year, the problem has been supercharged by the Mother of All Breaches (MOAB), a credential leak containing 16 billion username and password combinations. It rarely begins with a breach of your own systems. More often, it starts with someone else’s data leak. Credentials are reused, recompiled, and redeployed across platforms you may not even realise are vulnerable.

We’re proud to announce that Netacea has once again successfully completed our SOC 2 Type II audit, marking our fifth consecutive year achieving this important milestone in data security and trust. SOC 2 compliance isn’t a checkbox exercise. It’s a rigorous, independent validation of how seriously we take the responsibility of protecting customer data. For five years running, Netacea has demonstrated our commitment to operating securely, reliably, and transparently.

What is LLM Scraping? We’re entering a new phase of the Internet, one that is increasingly shaped by generative AI. These systems need data, and lots of it. To meet this hunger, they scrape the web, pulling in everything from news articles and academic journals to product listings, metadata, and user-generated content. This practice, known as large language model (LLM) scraping, has moved far beyond traditional bots indexing public sites.

Botnets have become a core part of the infrastructure in today’s cybercrime ecosystem — not just as enablers of disruption, but as purpose-built networks engineered for profit, stealth, and scalability. Built from large networks of compromised devices and rented out via criminal marketplaces, botnets are now essential as-a-service components of any cyberfraudster’s toolkit. While the concept of a botnet is not new, their construction, use cases, and value have certainly advanced.

Retail fraud is becoming increasingly normalized in the US and UK as ‘refund hacks’ are promoted to consumers by organized crime gangs looking to recruit both knowing and unwitting digital mules. This positioning of fraudulent activity as a ‘refund hack’ deliberately hides its illegal nature. Combined with growing awareness of fraud techniques – both online and offline – it’s driving consumer acceptance of casual fraud. This is bad news for retailers.

Update to attack framework announced to coincide with recognition as an industry standard The Open Worldwide Application Security Project (OWASP) announced today that the Business Logic Attack Definition Framework (BLADE Framework) has become The OWASP BLADE Framework Project. The name change reflects the acceptance of the attack framework as an OWASP project and recognition of the framework as an industry standard.