Technology

The AI Control Gap: Why Partners Are Now on the Front Line

Mar 24, 2026 By CultureAI Team In CultureAI

For channel partners, AI has quickly moved from a future conversation to a current customer problem. Clients are already using AI across their organisations, often faster than governance can keep up. What’s emerging is not just another technology trend, but a new class of risk that customers cannot fully see or control. Our latest research, based on insights from senior security leaders in highly regulated industries, highlights the scale of the issue.

Read Post

CultureAI

Read more about The AI Control Gap: Why Partners Are Now on the Front Line

Spring 2026 GenAI Code Security Update: Despite Claims, AI Models Are Still Failing Security

Mar 24, 2026 By Felix Brombacher In Veracode

The last six months have been nothing short of revolutionary for AI-powered coding. OpenAI‘s “Code Red” release brought us GPT-5.1 and 5.2. Google unveiled Gemini 3 with its touted “unprecedented reasoning capabilities.” Anthropic rolled out Claude 4.5 and 4.6, powering the increasingly ubiquitous Claude Code features. Enterprise adoption of tools like OpenClaw has exploded, with developers praising unprecedented productivity gains.

Read Post

Veracode

Read more about Spring 2026 GenAI Code Security Update: Despite Claims, AI Models Are Still Failing Security

WebPromptTrap - New Indirect Prompt Injection Vulnerability in BrowserOS

Mar 24, 2026 By Dr. Guy Waizel In Cato Networks

Cato researchers have discovered a new indirect prompt injection exploit pattern workflow in BrowserOS (an open-source agentic AI browser). We named it “WebPromptTrap” because the prompt originates from untrusted web content and it traps users into approving an authorization step through a trusted-looking AI summary.

Read Post

Cato Networks

Read more about WebPromptTrap - New Indirect Prompt Injection Vulnerability in BrowserOS

Ep 35: RSAC FOMO? Dojo AI Demo

Mar 24, 2026 By Sumo Logic, Inc. In Sumo Logic

As we gear up for RSA Conference, we give viewers a sneak peek at Sumo Logic's SOC analyst agent, which turns a 45-minute analyst investigation into a five-minute AI-powered sprint. We walk through live demos showing how the agent automatically generates queries, maps threats to MITRE ATT&CK, and hands you recommended remediation actions all without making you switch tabs or tools. We also show off MCP integration that lets teams collaborate on active investigations right from Slack, because no one should be chained to their war room when there's dinner to be had.

View Video

Sumo Logic

Read more about Ep 35: RSAC FOMO? Dojo AI Demo

Agentic Context Security Platform Protecto is Now Available on Google Cloud Marketplace

Mar 24, 2026 By Protecto In Protecto

Enterprise Agentic AI adoption faces a critical barrier: sensitive data exposure. AI agents perform tasks only as well as the context provided to them. However, context is precisely where enterprise data enters the workflow, introducing significant risk. Organizations need to deploy AI applications while maintaining strict data security, regulatory compliance, and privacy. This challenge stalls production deployments across enterprises, especially in healthcare and financial services.

Read Post

Protecto

Read more about Agentic Context Security Platform Protecto is Now Available on Google Cloud Marketplace

The AI Malware Surge: Behavior, Attribution, and Defensive Readiness

Mar 24, 2026 By Arctic Wolf Labs In Arctic Wolf

Over the last year, AI-assisted malware development has evolved from an experimental practice into a common part of the attacker toolkit. In a rolling window from February 2025 to February 2026, Arctic Wolf Labs observed over 22,000 distinct files triggering AI-focused YARA rules across multiple malware repositories. These files included AI-generated code, large language model (LLM)-style scaffolding, runtime AI API integration, and DeepSeek-derived artifacts.

Read Post

Arctic Wolf

Read more about The AI Malware Surge: Behavior, Attribution, and Defensive Readiness

The Future of Superintelligent Security Operations Starts with Data Built for AI

Mar 24, 2026 By Jeff Green In Arctic Wolf

Every major shift in security operations starts with a shift in the underlying platform. The AI era is no different. As artificial intelligence moves from novelty to necessity, the real dividing line in cybersecurity will not be which vendor can add AI features the fastest. It will be which platforms are built on the right foundation to make AI useful in real operations and trustworthy when the stakes are high. That foundation is data, but not in the simplistic sense the market often uses the term.

Read Post

Arctic Wolf

Read more about The Future of Superintelligent Security Operations Starts with Data Built for AI

Best Practices for Implementing AI Agents

Mar 24, 2026 By Martin Kraemer In KnowBe4

On March 9th, Codewall.ai disclosed how it had hacked McKinsey & Company’s AI platform called Lilli, a purpose-built system for 43,000+ employees to analyze documents, chat, and access decades of proprietary research. The researchers unleashed an AI agent which quickly scanned 200 endpoints, identified 22 that did not require authentication, and one that wrote user search queries into a database including non-parameterized JSON keys which were concatenated directly into SQL.

Read Post

KnowBe4

Read more about Best Practices for Implementing AI Agents

I Didn't Revoke my API Keys Because Claude Called Me An Idiot

Mar 24, 2026 By Javvad Malik In KnowBe4

I need to confess something. A few days ago whilst vibe coding at 2am (which can end up burning through tokens like they are going out of fashion) I accidentally pasted my API key directly into a Claude chat instead of the terminal window I had open. Claude told me off. It felt like a full, proper, disappointed parent tone; the AI equivalent of 'I'm not angry, just disappointed', except it absolutely was angry. There may have been paragraphs.

Read Post

KnowBe4

Read more about I Didn't Revoke my API Keys Because Claude Called Me An Idiot

Fortifying Your SaaS: A CISO's Guide to Secure Embedded Analytics

Mar 24, 2026 By SecuritySenses In SecuritySenses

In the competitive SaaS landscape, differentiation is key. Product leaders are constantly searching for the next feature that will not only attract new customers but also increase the stickiness of their platform. Enter embedded analytics. The ability to provide users with interactive, real-time data visualizations directly within your application is no longer a luxury; it's an expectation. But as we rush to empower our customers with data, are we inadvertently opening a new front in the cybersecurity war? For every visually stunning dashboard, there's a potential attack vector waiting to be exploited. The question then becomes not if you should implement embedded analytics, but how you can do so without compromising your security posture. This guide will walk you through the critical security considerations, from data isolation to API security, ensuring your next product enhancement doesn't become your next data breach headline.

Read Post