Does Anthropic deserve the trust of the cybersecurity community? 2026-03-12 at 08:35 By Help Net Security The cybersecurity industry runs on trust. The belief that when a vendor says they will behave a certain way, they will, that critical CVEs are in fact critical, or when companies say they’re GDPR compliant, they really are. But […]
Does Anthropic deserve the trust of the cybersecurity community? Read More »
Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming 2026-03-10 at 08:30 By Mirko Zorz Pascal Andrei, CSO at Airbus, knows that the aerospace and defense sector is facing a threat environment that is evolving faster than most organizations can track. From sub-tier suppliers quietly becoming entry points for
Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming Read More »
Why phishing still works today 2026-03-06 at 08:30 By Help Net Security In this Help Net Security video, Gal Livschitz, Senior Penetration Tester at Terra Security, explains how phishing has evolved and why employees still fall for it. He outlines how phishing now uses HTTPS, branded pages, and lookalike domains, making attacks harder to spot.
Why phishing still works today Read More »
Engineering trust: A security blueprint for autonomous AI agents 2026-03-05 at 07:06 By Help Net Security AI agents have evolved from just chatbots, answering questions to executing actions using various integrated tools, often autonomously, and as such the traditional security models have become less efficient. I have seen that firsthand as a security lead for
Engineering trust: A security blueprint for autonomous AI agents Read More »
Why workforce identity is still a vulnerability, and what to do about it 2026-03-04 at 07:43 By Help Net Security Most organizations believe they have workforce identity under control. New hires are verified. Accounts are provisioned. Multi-factor authentication is enforced. Audits are passed. Then a breach happens, often through an account that was “properly secured.”
Why workforce identity is still a vulnerability, and what to do about it Read More »
When cyber threats start thinking for themselves 2026-03-02 at 07:30 By Help Net Security In this Help Net Security video, Jason Rivera, Field CISO & Head of Solution Engineering at SimSpace, discusses how autonomous AI agents are changing cyber threats. Drawing on experience in the US Army, NSA, Deloitte, and CrowdStrike, he describes how security
When cyber threats start thinking for themselves Read More »
AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities 2026-02-26 at 07:35 By Mirko Zorz In this Help Net Security interview, Joni Klippert, CEO at StackHawk, discusses what defines DAST coverage in 2026 and why scan completion does not equal security. She explains how AI-driven DAST testing automates attack surface discovery, supports business-logic testing in
AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities Read More »
United Airlines CISO on building resilience when disruption is inevitable 2026-02-09 at 09:09 By Mirko Zorz Aviation runs on complex digital systems built for stability, safety, and long lifecycles. That reality creates a unique cybersecurity challenge for airlines, where disruption can quickly become an operational and public trust crisis. In this Help Net Security interview,
United Airlines CISO on building resilience when disruption is inevitable Read More »
Why boards must prioritize non-human identity governance 2026-02-03 at 08:36 By Help Net Security Boards of Directors (BoDs) do three things exceptionally well when cyber is framed correctly. They set risk appetite, they allocate capital, and they demand evidence that the business can withstand disruption without losing momentum. Why cyber keeps becoming a board topic
Why boards must prioritize non-human identity governance Read More »
Open-source AI pentesting tools are getting uncomfortably good 2026-02-02 at 09:10 By Help Net Security AI has come a long way in the pentesting world. We are now seeing open-source tools that can genuinely mimic how a human tester works, not just fire off scans. I dug into three of them, BugTrace-AI, Shannon, and CAI,
Open-source AI pentesting tools are getting uncomfortably good Read More »
When open science meets real-world cybersecurity 2026-01-27 at 09:44 By Mirko Zorz Scientific research environments are built for openness and collaboration, often prioritizing long-term discovery over traditional enterprise security. In this Help Net Security interview, Matthew Kwiatkowski, CISO at Fermilab, America’s particle physics and accelerator laboratory, discusses where cybersecurity blind spots emerge, why availability can
When open science meets real-world cybersecurity Read More »
The 2026 State of Pentesting: Why delivery and follow-through matter more than ever 2026-01-21 at 07:34 By Help Net Security Penetration testing has evolved significantly over the past several years. While uncovering exploitable vulnerabilities remains the core goal, the real differentiator today is how findings are handled after the testing concludes. The method of reporting,
The 2026 State of Pentesting: Why delivery and follow-through matter more than ever Read More »
How AI agents are turning security inside-out 2026-01-09 at 09:30 By Help Net Security AppSec teams have spent the last decade hardening externally facing applications, API security, software supply chain risk, CI/CD controls, and cloud-native attack paths. But a growing class of security threats is emerging from a largely underestimated and undefended source: internally built
How AI agents are turning security inside-out Read More »
Clipping Scripted Sparrow’s wings: Tracking a global phishing ring 2025-12-18 at 16:12 By Help Net Security Between June 2024 and December 2025, Fortra analysts tracked a persistent business email compromise (BEC) operation that we have now classified as Scripted Sparrow. The group carries out well-crafted highly targeted phishing campaigns that masquerade as professional services firms
Clipping Scripted Sparrow’s wings: Tracking a global phishing ring Read More »
Identifying risky candidates: Practical steps for security leaders 2025-10-16 at 08:32 By Help Net Security Effective insider threat defense begins with candidate vetting. Background checks and reference calls can confirm elements of an applicant’s history, but they rarely surface the deeper risks that can turn into costly problems down the line. Identity verification, credential validation,
Identifying risky candidates: Practical steps for security leaders Read More »
Securing agentic AI with intent-based permissions 2025-10-10 at 08:31 By Help Net Security When seatbelts were first introduced, cars were relatively slow and a seatbelt was enough to keep drivers safe in most accidents. But as vehicles became more powerful, automakers had to add airbags, crumple zones, and (eventually) adaptive driver assistance systems that anticipate
Securing agentic AI with intent-based permissions Read More »
4 ways to use time to level up your security monitoring 2025-10-03 at 09:09 By Help Net Security SIEMs excel at correlating events and firing alerts, but their ingest pipelines can get overwhelmed when scaled. And because most SIEMs rely on general-purpose log storage platforms, even with lower-cost archive tiers, long-term retention at full fidelity
4 ways to use time to level up your security monitoring Read More »
GPT needs to be rewired for security 2025-10-02 at 09:18 By Help Net Security LLMs and agentic systems already shine at everyday productivity, including transcribing and summarizing meetings, extracting action items, prioritizing critical emails, and even planning travel. But in the SOC (where mistakes have real cost), today’s models stumble on work that demands high
GPT needs to be rewired for security Read More »
How attackers poison AI tools and defenses 2025-09-29 at 09:06 By Help Net Security Cyberattackers are using generative AI to draft polished spam, create malicious code and write persuasive phishing lures. They are also learning how to turn AI systems themselves into points of compromise. Recent findings highlight this shift. Researchers from Columbia University and
How attackers poison AI tools and defenses Read More »
Perspective: Why Politics in the Workplace is a Cybersecurity Risk 2025-09-25 at 15:33 By Joshua Goldfarb Bringing politics into professional spaces undermines decision-making, collaboration, and ultimately weakens security teams. The post Perspective: Why Politics in the Workplace is a Cybersecurity Risk appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Perspective: Why Politics in the Workplace is a Cybersecurity Risk Read More »