Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

See how Torq harnesses AI in your SOC to detect, prioritize, and respond to threats faster. Request a Demo 2025 marked a significant shift in the security operations landscape. The industry focus moved beyond simple task automation to full-scale autonomy, driven by the adoption of agentic AI and Hyperautomation. Throughout the year, we documented this transition through technical research, strategic frameworks, and real-world implementation stories.

With 66% of B2B customers now checking for SOC 2 vulnerability compliance before signing contracts, vulnerability assessment and continuous security monitoring are now expected not just during annual audits, but as regular operational exercises.

It’s evident that the cybersecurity industry took notice of the remarkable growth and maturation Acronis achieved in 2025. Through comprehensive analyst evaluations, rigorous third-party testing and user reviews, leading organizations across the cybersecurity spectrum have validated the development of Acronis as a comprehensive leader in cyber protection. A complete list of analyst reports and user review recognitions, as well as test results Acronis accumulated in 2025, includes.

A few years ago, an IP address was enough to identify users online ‒ almost like a physical address that indicated where they were located. Today, however, users no longer rely on a single device or location, making it far more difficult for organizations to recognize who is accessing their systems, from where, and with what level of risk.

If you’re a SonicWall partner, chances are 2025 tested your patience, and your margins. Between high-profile breaches, unexpected price increases, and strategic pivots that created more confusion than clarity, many partners were left absorbing the fallout while working harder for less return. As the security landscape continues to evolve, partners deserve a platform that simplifies operations, protects customers, and supports sustainable growth.

AI agents connect to APIs, execute code, move data, and make decisions with real permissions in live production environments — introducing a new class of security risks. To help organizations stay ahead, the OWASP GenAI Security Project released the OWASP Top 10 for Agentic Applications 2026. In this post, we’ll provide a summary of each agentic AI risk category defined by OWASP, along with actionable next steps to begin securing your agentic AI projects in 2026 and beyond.

As with previous years, we asked identity and fraud experts to reflect on the closing year and share a few predictions for the next. You’ll get unique perspectives from fraud fighters, researchers, and an executive. We asked them about unexpected fraud trends, which tactics will become more valuable, leadership’s changing perceptions, and AI, of course. But we kicked things off with a lighthearted question.

In December 12, 2025, Arctic Wolf began observing intrusions involving malicious SSO logins on FortiGate appliances. Fortinet had previously released an advisory for two critical authentication bypass vulnerabilities (CVE-2025-59718 and CVE-2025-59719) on December 9, 2025. Arctic Wolf had also sent out a security bulletin for the vulnerabilities shortly thereafter.

In 2025, many of the long-standing cloud security concerns remained, but new areas of focus also developed. The significant increase in AI adoption enabled organizations to deliver features faster but also introduced new attack surfaces, such as untrusted or unpredictable user input for large language model (LLM) applications. At the same time, long-lived credentials and vulnerabilities in third-party packages continued to expose cloud environments to risk.

Non-human identities have become one of the most overlooked yet exploited attack surfaces in the modern enterprise. NHIs are entities that interact with systems and services but are not tied to a physical user. As organizations expand across hybrid and multi-cloud environments, thousands of machine-based identities are silently running critical operations, yet most are unmanaged, invisible and vulnerable to abuse.