Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today, Apono is joining 1Password. This is a major step forward for the company we set out to build, the customers who helped shape it, and the future of access governance. When we started Apono, we set out to eliminate the friction that access management creates between security and engineering teams. Access in the cloud was dynamic, but the systems meant to govern it were not. Widespread standing access became an accepted cost of doing business. Engineers waited on tickets.

You approved the AI tools. You funded the infrastructure. Now your teams want to deploy AI agents, and the ask sounds reasonable: automate the research workflow, connect the agent to the CRM, let it draft and send. The productivity case is clear. What is less clear is who owns the security exposure when that agent starts moving data across systems it was never explicitly authorized to touch. The answer, increasingly, is you.

Organizations are rapidly deploying autonomous and semi-autonomous AI agents that can make decisions, execute tasks and interact directly with systems without constant human oversight. That shift is driving investment, with the global agentic AI in cybersecurity market projected to grow to $322.39 billion by 2033. The surge represents enormous gains in efficiency and agility — and also signals a dramatic increase in risk.

You can add verified AI skills to your LinkedIn profile. Certifications proving you know how to use the latest tools. This shows progress, but it is only half the problem. While we are getting very good at verifying what people know, we still have almost no way to verify how they behave. In hiring, we obsess over skills and experience, and ponder cultural fit. We run background checks. We validate credentials.

Database access is one of the largest blind spots in enterprise security. Credentials are often shared, insecurely stored or transmitted without monitoring. KeeperDB is a modern, multi-protocol database client that addresses these gaps by supporting PostgreSQL, MySQL, Microsoft SQL Server and other major protocols from a unified interface.

Egnyte is excited to partner with StackAI—an enterprise AI platform trusted by organizations across financial services, life sciences, construction, and more—to bring AI-powered workflow automation directly to your content environment. For organizations that rely on Egnyte to store, govern, and share business-critical documents, this integration means you can now put that content to work with AI, without sacrificing security or governance.

Every control framework makes a silent assumption. It assumes someone did it. A file changed: someone ran a script. A service account was created: someone provisioned it. A configuration drifted from baseline: someone pushed a change, applied a patch, or made a mistake. The entire architecture of CIS Controls, like most security frameworks, is built on the premise that human intent sits somewhere upstream of every action.

AigentX, our autonomous web-application penetration testing agent, ran black-box against OWASP crAPI and confirmed 35 exploitable findings, 15 of them Critical, including a chain that turns a free signup account into uid=0(root) and a permanently forged admin identity. Every finding below carries a request, a response, and a reproduction. The full report is one click away. Most “AI found N vulnerabilities” write-ups never let you check the work. This one does.

The one thing security teams are not short of is data. A day in the life of a security expert is filled with scanners, dashboards, pentest reports, tickets, and compliance checklists. But despite all this data, the one staggering question that every security team would literally trade their last brain cell for (or their entire month’s screen time for) is “What is pentesting (risk) moving towards?”

Security teams today face a widening gap between the speed of modern software delivery and the cadence of traditional pentesting. Most teams ship weekly, but a full manual pentest only happens periodically and is gated by resource availability.