Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security teams are drowning in findings, but only a fraction of exposures actually put the business at risk. Treating every issue as equal spreads resources thin, slows down remediation, and leaves critical systems exposed. Threat Exposure Management (TEM) changes the equation by forcing teams to focus on the exposures most likely to cause real damage – and to build the operating model that ensures they get fixed.

In order to collect various security-related metrics, Bitsight scans the entire internet, collecting a unique set of data that enables us to carry out a variety of studies that would be extremely difficult for any other company to conduct. One of the metrics that we collect is related to the presence of certain vulnerabilities. For this, we need to take into consideration all possible mitigation strategies that are available and that allow us to reduce the risk.

Industries, governments, and enterprises of all kinds have adopted large language models (LLMs) and generative AI (GenAI) into their operations and workflows, unlocking new possibilities for everything from customer interaction to complex data analysis. But with this innovation comes new challenges for security, observability, and data science teams.

On Monday, September 8th, a highly regarded open source developer, ~qix, was compromised via a phishing email. ~qix is an author and maintainer behind a large number of popular npm packages and found himself caught by this attack after responding to a message from the email address of support help. This resulted in the attacker taking over his npm account and having access to publish malicious versions of packages to which Qix had privileged access.

AI agents (utilizing LLMs and RAG) are being used within SOCs and SIEMS to both help identify attacks and assist analysts with working more efficiently; however, I’ve done a little bit of research one sunny British afternoon and found that these agents can be abused by attackers and made to go rogue. They can be made to modify the details of an attack, hide attacks altogether, or create fictitious events to cause a distraction while the real target is attacked instead.

As the summer winds down and conversation around AI Security heats up, the Snyk team is in full swing planning mode for a double-header this October—with the return of DevSecCon’s Flagship conference, focusing this year on Securing the Shift to AI Native, and serving as the founding partner of the inaugural AI Security Summit.

Future hacks won’t trigger alarms or leave traces. No security measures will be violated. The systems are functioning normally – but the loss is real. As automated defenses improve, attackers must target what machines can’t: the business processes. By exploiting flaws in workflow logic, hackers can steal data and funds in a way no one expected. Business logic vulnerabilities are now a serious cybersecurity blind spot, and a leading method for breaching even the most secure systems.