Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In effect, organizations must now treat sensitive data not only as a privacy concern, but as a national security asset. This is no longer the domain of compliance officers alone—it’s a cross-enterprise challenge that demands executive-level ownership.

On June 23, 2025, the Federal Trade Commission’s sweeping amendments to the Children’s Online Privacy Protection Rule (COPPA) took effect, ushering in more stringent duties for any operator collecting or using children’s data—whether via websites, services, or AI‑powered agents. Companies must achieve full compliance by April 22, 2026 (Finnegan | Leading IP+ Law Firm, Bass, Berry & Sims PLC).

AI is moving through enterprises faster than security teams can track. Over the past year, AI privacy incidents have risen 56%, and most of those stem from tools security never knew were in use. 84% of SaaS tools are purchased outside IT, and 62% of CISOs say fewer than a quarter of AI tools in use have been approved through procurement. That means sensitive, regulated, or confidential data is often flowing to AI services invisibly, sometimes across borders, without governance or guardrails.

Here at Riscosity, we believe in making our users’ lives as easy as possible when using our product. Whether users are running scans, triaging results, or viewing reports, the workflows must be intuitive and a seamless part of users’ own environments. To that end, we have finished rounding out our comprehensive support for ticketing system integrations by adding Asana and Linear into the fold.

PwC recently did an AI agent survey where they found the following: This all sounds great, right? For many reasons it is, but agentic AI creates a challenge of visibility for organizations into how AI agents are communicating with each other and external third-party vendors. Imagine a multitude of AI agents autonomously exchanging data across a complex mesh of third-party vendors and applications.

For a AI software company like Riscosity, which helps organizations secure and govern data flows to third parties, compliance is not just a regulatory requirement—it is central to the value proposition. Recognizing this, Riscosity has launched a dedicated Trust Center at trust.riscosity.com, powered by industry leader Vanta, to streamline how it communicates its compliance posture with current and prospective customers.

Historically, software vendors that detect various types of data in customers’ environments have relied heavily on rudimentary methods for identifying that data. One of the most popular methods for identifying the presence of any particular type of data is using regular expressions and, admittedly, Riscosity started off doing the same several years ago.

According to Security Score Card in 2024 35.5% of breaches were related to third party access. Our software is primarily written in Go and we wanted to share how our engineering team approaches managing dependencies.

We’ve been hearing (and using) a lot of acronyms lately. MCP, A2A, ACP… it’s easy to fall behind. Fortunately for our customers, all of these new standards are API based! Since Riscosity is built to discover, monitor, and govern all HTTP-based data flows, it requires no extra integration or setup to handle MCP, A2A, or ACP traffic.

Here at Riscosity, our team is keenly aware of the ongoing rise of AI adoption that is taking the world by the storm. As a company whose mission is to help organizations gain control over their 3rd party data flows, it is only logical that our capabilities support AI as well. What better time than RSA to announce the latest AI-related innovation that Riscosity has released!