News for today:
- Application security for the AI and post-quantum era. F5 added new capabilities to its F5 Application Delivery and Security Platform, for protecting AI-driven and modern applications. On the AI side: there’s new automatic risk-based WAF capabilities (reducing manual tuning); automated creation, optimization, and validation of guardrail packages to strengthen runtime protections after a vulnerability in an AI model has been identified; and better detection and blocking of malicious and ungoverned AI agents. Only trusted, verifiable AI agents are allowed to interact with applications, ensuring malicious or ungoverned activity is blocked while enabling safe, controlled agentic commerce. With unified governance and consistent policy controls for human, bot, and AI agent interactions, these new capabilities help organizations safeguard revenue from harmful automation and confidently participate in the emerging agentic economy. F5
- AI security capabilities in a box for the AI supercycle. Netskope announced a suite of AI security capabilities – called Netskope One AI Security – focused on protection, visibility, and enablement across the AI ecosystem. Netskope One AI Security provides comprehensive discovery, visibility and real-time control of AI applications, models, agents and tools in use, analyzes their specific risks, and accelerates secure AI adoption across the entire ecosystem, within a fully unified and integrated platform. The suite includes security for MCP transactions, guardrails for AI models, and an AI-based red team, among others. Netskope
- There’s a security gap afflicting AI (yup). HackerOne’s new research confirms once again the lag between AI deployment and security. As AI adoption continues to accelerate, nearly all respondents (94%) report operating more AI/ML systems than a year ago. Yet only 66% say they formally test 61% or more of their AI/ML systems, creating a 28-point AI Security Gap. For organizations operating in that gap, 89% of security leaders reported AI-related attacks or vulnerabilities in the past year. HackerOne
- Securing enterprise use of Comet. CrowdStrike and Perplexity announced an integrative partnership, to link Falcon from CrowdStrike with the Perplexity Comet Enterprise AI-native browser. Through this integration, Comet Enterprise AI interactions will gain an additional layer of real-time data protection delivered through the Falcon platform, providing visibility into sensitive information and enforcing integrated policy controls as employees research, analyze, and make decisions using AI. Enterprise security policies will be applied directly within AI-driven workflows to prevent unauthorized data sharing and exposure of proprietary content – reducing risk without disrupting productivity. CrowdStrike
- A new era of agentic telemetry. The new version of Cribl Search (log management for security and IT ops teams) is built on an agentic architecture, combining machine telemetry with human-generated data and agentic AI – and delivering a 2X acceleration. The product eliminates manual toil and complex query-building, giving organizations investigative depth at AI-speed with a far simpler day‑to‑day operating model. Federated analysis provides agents and humans a single investigation surface over all data, whether it lives in Cribl Search or in existing lakes and object stores. Performance is a key consideration for federated and archival queries, and Cribl has introduced significant enhancements to continuously improve performance since Search was initially introduced. Cribl
- Compare, contrast, and get better. Cye added new group / sub-group comparative capabilities in its cyber exposure platform, so large enterprises can compare and contrast cyber exposure across its companies and business units, and then drive remediation and targeted uplifts. Access a central view of security posture across all subsidiaries, with standardized visibility into critical metrics such as exposure, maturity, and cost of breach in financial terms. Flexible aggregation and trend analysis across variables such as region, industry, or holding structure help identify negative trajectories and weaknesses to determine investment priorities and remediation actions. Cye