Artificial Intelligence (AI) has the potential to revolutionize how businesses operate. But with this exciting advancement come new challenges that cannot be ignored. For proactive security and IT leaders, prioritizing security and privacy in AI can’t simply be a box-checking exercise; it's the key to unlocking the full potential of this wave of innovation.

In the evolving landscape of online ticketing and eCommerce, few technological developments have been as controversial as scalper bots. These automated programs, designed to purchase high-demand items faster and more efficiently than humans could, have transformed the way we buy and sell coveted goods online. During this forthcoming blog series, we are going to explore the fascinating evolution of scalper bots. We will trace their origins, developments, and impacts across several distinct eras.

Elastic Security 8.15 is now available, enhancing our mission to modernize security operations with AI-driven security analytics. Key features include the brand new Automatic Import to streamline data ingestion and onboarding, support for Google’s Gemini 1.5 Pro and Flash large language models (LLMs), a new set of APIs for the Elastic AI Assistant, on-demand file scans for the Elastic Defend integration, and a redesigned way of pivoting between different contexts.

Embedded software development presents unique challenges due to its close integration with hardware, strict real-time requirements, and the need for high reliability and safety. The V-Model, also known as the Verification and Validation model, offers a structured approach that effectively addresses these challenges. This blog post delves into the V-Model's intricacies and elucidates how it enhances the testing of embedded software.

Non-human identities (NHIs) dominate the era of cloud services and SaaS applications. They are the identities that authenticate between different servers, APIs and third party integrations to provide programmatic access to data and services. Non-human identities utilize different protocols, such as OAuth, REST and SSH.

Many developers overlook the risks lurking in third-party packages. Every package you add could harbor vulnerabilities, potentially exposing sensitive user data and granting unauthorized access to your systems. It can lead to severe consequences, including data breaches, system compromises, reputation damage, and disruption of your services. With 80% of projects using at least one vulnerable package – it’s a crucial issue.

The Play ransomware, also known as PlayCrypt, is a ransomware that first emerged in June 2022. The ransomware has been targeting industries such as healthcare and telecommunication as well as a wide range of regions such as Latin America, Europe, and North America. The Play ransomware is known for gaining access to networks through compromised valid accounts or by exploiting specific vulnerabilities. Once inside the network, it uses a big pool of known post-exploitation tools to continue its attack.

According to the FBI, billions of dollars have been lost through Business Email Compromise (BEC) attacks in recent years, so you may well think that there is little in the way of good news. However, it has been revealed this week that police managed to recover more than US $40 million snatched in a recent BEC heist just two days after being told about it.

Welcome to the second part of our two-part special on Gartner’s “4 Ways Generative AI Will Impact CISOs and Their Teams” report! If you’ve missed the first part on model composition, you can read it here. Today, we will explore why security specialism matters in an AI security tool, particularly where AI quality is concerned.

In May, we announced the availability of 1Password software development kits (SDKs) in beta. Those SDKs – available as open-source libraries for Javascript, Python, and Go – are now production-ready.