Reachability makes AI threat modeling worth the trust 2026-06-16 at 09:00 By Mirko Zorz In this interview with Help Net Security, Oscar Andersson, CTO at Oplane, explains why most scanning tools fail. They cry wolf, flagging threats that cannot run in real code. The argument centers on reachability. A finding counts only when someone walks […]
Reachability makes AI threat modeling worth the trust Read More »
OpenAI’s Daybreak uses Codex Security to identify risky attack paths 2026-05-12 at 11:38 By Anamarija Pogorelec OpenAI Daybreak is the company’s cybersecurity initiative focused on building AI-assisted software defense into the development process from the start. It combines OpenAI models, Codex Security, and cyber-focused GPT-5.5 variants to help organizations identify, validate, and prioritize software vulnerabilities.
OpenAI’s Daybreak uses Codex Security to identify risky attack paths Read More »
Your AI agents are moving sensitive data. Do you know where? 2026-03-23 at 09:18 By Mirko Zorz In this Help Net Security interview, Gidi Cohen, CEO at Bonfy.AI, addresses what he sees as the most pressing gap in AI agent security: data-layer risk. While the industry focuses on prompt injection and model behavior, Cohen argues
Your AI agents are moving sensitive data. Do you know where? Read More »
AI isn’t one system, and your threat model shouldn’t be either 2025-12-19 at 09:02 By Mirko Zorz In this Help Net Security interview, Naor Penso, CISO at Cerebras Systems, explains how to threat model modern AI stacks without treating them as a single risk. He discusses why partitioning AI systems by function and impact matters,
AI isn’t one system, and your threat model shouldn’t be either Read More »
AI-driven threats are heading straight for the factory floor 2025-12-09 at 09:07 By Mirko Zorz In this Help Net Security interview, Natalia Oropeza, Chief Cybersecurity Officer at Siemens, discusses how industrial organizations are adapting to a shift in cyber risk driven by AI. She notes that in-house capability, especially for OT response and recovery, is
AI-driven threats are heading straight for the factory floor Read More »
Threat intelligence programs are broken, here is how to fix them 2025-12-03 at 07:12 By Anamarija Pogorelec Security teams often gather large amounts of threat data but still struggle to improve detection or response. Analysts work through long lists of alerts, leaders get unclear insights, and executives see costs that do not lead to better
Threat intelligence programs are broken, here is how to fix them Read More »
Want fewer security fires to fight? Start with threat modeling 2025-06-12 at 09:01 By Mirko Zorz CISOs understand that threat modeling helps teams identify risks early and build safer systems. But outside the security org, the value isn’t always clear. When competing for budget or board attention, threat modeling often loses out to more visible
Want fewer security fires to fight? Start with threat modeling Read More »
Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs 2025-04-23 at 16:13 By Zeljka Zorz MITRE has released the latest version of its ATT&CK framework, which now also includes a new section (“matrix”) to cover the tactics, techniques and procedures (TTPs) used to target VMware ESXi hypervisors. About MITRE ATT&CK MITRE ATT&CK is a regularly
Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs Read More »