SOC teams keep asking how the AI SOC differs from traditional SOAR. Here's what Morpheus does differently—from integration maintenance to false negatives.
The post We Keep Hearing the Same Question: Morpheus (AI SOC) vs. Traditional SOAR appeared first on D3 Security.
The post We Keep Hearing the Same Question: Morpheus (AI SOC) vs. Traditional SOAR appeared first on Security Boulevard.
With any security framework, be it ISO 27001, FedRAMP, or CMMC, the goal is not to secure “your business.” It’s to secure sensitive and controlled information that your business handles. This is a fundamentally important way of looking at your security. Why does this matter? It’s all about borders. Where do you draw the line […]
The post CMMC Enclave Strategy vs Full Environment Compliance appeared first on Security Boulevard.
A new species of squid. pretends to be a plant:
Scientists have filmed a never-before-seen species of deep-sea squid burying itself upside down in the seafloor—a behavior never documented in cephalopods. They captured the bizarre scene while studying the depths of the Clarion-Clipperton Zone (CCZ), an abyssal plain in the Pacific Ocean targeted for deep-sea mining.
The team described the encounter in a study published Nov. 25 in the journal Ecology, writing that the animal appears to be an undescribed species of whiplash squid. At a depth of roughly 13,450 feet (4,100 meters), the squid had buried almost its entire body in sediment and was hanging upside down, with its siphon and two long ...
The post Friday Squid Blogging: New Squid Species Discovered appeared first on Security Boulevard.
How Does Agentic AI Revolutionize Healthcare Security? Are you prepared to explore the transformative power of Agentic AI in securing the healthcare industry? The intersection of artificial intelligence and cybersecurity has opened doors to innovative methodologies. This sector is under constant scrutiny due to the sensitive nature of its data. While we delve deeper into […]
The post How is Agentic AI changing healthcare security appeared first on Entro.
The post How is Agentic AI changing healthcare security appeared first on Security Boulevard.
How Are Non-Human Identities Shaping Cloud Security? What does it take to bridge the gap between security and R&D teams when managing non-human identities in cloud environments? Non-human identities (NHIs) are pivotal in modern cybersecurity frameworks, acting as machine identities that ensure secure interaction between different technological entities. Understanding their role and maintaining effective security […]
The post What future trends will define Agentic AI governance appeared first on Entro.
The post What future trends will define Agentic AI governance appeared first on Security Boulevard.
Why Are Non-Human Identities Crucial for Cloud Security? Does your organization fully understand the importance of Non-Human Identities (NHIs) in cybersecurity? With a crucial component of cloud security, managing these machine identities effectively can be the key to minimizing risks and ensuring robust access management. Where systems and services interact automatically, establishing a comprehensive strategy […]
The post Can Agentic AI ensure full IAM compliance appeared first on Entro.
The post Can Agentic AI ensure full IAM compliance appeared first on Security Boulevard.
Are You Overlooking Non-Human Identities in Cloud Security? Machine identities have emerged as critical components that require immediate attention and robust management. Where organizations increasingly rely on digital transformations and cloud environments, the security of Non-Human Identities (NHIs) and their secrets vaults cannot be overstated. The management of machine identities, often called NHIs, combines encrypted […]
The post How secure are secrets vaults in cloud environments appeared first on Entro.
The post How secure are secrets vaults in cloud environments appeared first on Security Boulevard.
Session 11A: Blockchain Security 2
Authors, Creators & Presenters: Qiyang Song (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences), Heqing Huang (Institute of Information Engineering, Chinese Academy of Sciences), Xiaoqi Jia (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences), Yuanbo Xie (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences), Jiahao Cao (Institute for Network Sciences and Cyberspace, Tsinghua University)
PAPER
Silence False Alarms: Identifying Anti-Reentrancy Patterns on Ethereum to Refine Smart Contract Reentrancy Detection
Reentrancy vulnerabilities in Ethereum smart contracts have caused significant financial losses, prompting the creation of several automated reentrancy detectors. However, these detectors frequently yield a high rate of false positives due to coarse detection rules, often misclassifying contracts protected by anti-reentrancy patterns as vulnerable. Thus, there is a critical need for the development of specialized automated tools to assist these detectors in accurately identifying anti-reentrancy patterns. While existing code analysis techniques show promise for this specific task, they still face significant challenges in recognizing anti-reentrancy patterns. These challenges are primarily due to the complex and varied features of anti-reentrancy patterns, compounded by insufficient prior knowledge about these features. This paper introduces AutoAR, an automated recognition system designed to explore and identify prevalent anti-reentrancy patterns in Ethereum contracts. AutoAR utilizes a specialized graph representation, RentPDG, combined with a data filtration approach, to effectively capture anti-reentrancy-related semantics from a large pool of contracts. Based on RentPDGs extracted from these contracts, AutoAR employs a recognition model that integrates a graph auto-encoder with a clustering technique, specifically tailored for precise anti-reentrancy pattern identification. Experimental results show AutoAR can assist existing detectors in identifying 12 prevalent anti-reentrancy patterns with 89% accuracy, and when integrated into the detection workflow, it significantly reduces false positives by over 85%.
ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.
Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the Organizations' YouTube Channel.
The post NDSS 2025 – Silence False Alarms appeared first on Security Boulevard.
As we look back on 2025, AI and open source have fundamentally changed how software is built. Generative AI, automated pipelines, and ubiquitous open source have dramatically increased developer velocity and expanded what teams can deliver — while shifting risk into the everyday decisions developers make as code is written, generated, and assembled.
The post The Great Shift: Cybersecurity Predictions for 2026 and the New Era of Threat Intelligence appeared first on Security Boulevard.
People rush to AI bots for their most sensitive tasks these days without security leading the way. The Moltbot frenzy reminds us we just wrote about this recently – the difference between AI security noise and high-impact threats. AI Security Lessons from the MoltBot Incident For folks who jumped in early and got the Github […]
The post More AI security noise – chatbots going rogue appeared first on Security Boulevard.
via the comic artistry and dry wit of Randall Munroe, creator of XKCD
The post Randall Munroe’s XKCD ‘Conic Sections’ appeared first on Security Boulevard.
Jan 30, 2026 - Alan Fagan - Quick Facts: AI Compliance ToolsManual tracking often falls short: Spreadsheets cannot track the millions of API calls and prompts generated by modern AI systems.Real-time is required: The best AI compliance tools monitor live traffic, not just static policy documents.Framework mapping matters: Firetail automatically maps activity to the OWASP LLM Top 10, NIST AI RMF.Context is king: Generic security tools miss the context of AI interactions; dedicated tools understand prompts, responses, and model behavior.FireTail automates the process: FireTail bridges the gap between written policy and technical reality by enforcing compliance rules at the model level.If you are still managing your AI compliance with a spreadsheet in 2026, you are already behind.A year or two ago, you might have gotten away with a manual "AI inventory" sent around to department heads. But as technical threats like prompt injection and data exfiltration become the primary focus for security auditors, the era of "check-the-box" compliance is over. Today, AI compliance isn’t about promising you have control; it’s about proving technical defense in real-time.The market is flooded with platforms promising to solve this, but many are just document repositories in disguise. They store your written policies but have zero visibility into your actual AI traffic. To protect the organization and satisfy the requirements of a modern technical audit, you need AI compliance tools that monitor what is actually happening at the API layer.This guide outlines exactly what security and compliance leaders need to look for when evaluating these solutions to ensure they can scale securely while meeting frameworks like the OWASP Top 10 and MITRE ATLAS.Why Are Dedicated AI Compliance Tools Necessary?You might be asking, "Can’t our existing GRC (Governance, Risk, and Compliance) platform handle this?"Usually, the answer is no.Traditional GRC tools are designed for static assets. They track servers, laptops, employee IDs, and software licenses. They are excellent at verifying that a laptop has antivirus installed or that a server is patched.AI is different. It is dynamic.A model that was compliant yesterday might drift today. A prompt sent by an employee might violate GDPR safeguards in seconds by including a customer's credit card number. Standard GRC tools do not see the context of these interactions. They don’t see the prompts, the responses, or the retrieval-augmented generation (RAG) data flows.Dedicated AI compliance tools are built to handle three specific challenges that legacy tools miss:The speed of AI adoption: Shadow AI apps pop up faster than IT can approve them.The complexity of models: LLMs behave non-deterministically, meaning the same input can sometimes result in different (and potentially risky) outputs.Regulatory fragmentation: Different regions (EU, US, Asia) have different rules for the same underlying tech, requiring automated "translation" of risk controls.Mapping AI Activity to the OWASP LLM Top 10The OWASP Top 10 for LLM Applications has become the gold standard for technical AI compliance. If your compliance tool isn't automatically auditing against these vulnerabilities, you have a massive blind spot.When evaluating AI compliance tools, ensure they provide specific visibility into these core risks identified by the OWASP expert team:LLM01: Prompt InjectionThis is the most common vulnerability, occurring when crafted inputs manipulate the LLM’s behavior. Direct injections come from the user, while Indirect injections occur when the LLM processes external content (like a malicious webpage or document). These attacks can bypass safety filters, steal data, or force the model to perform unauthorized actions.LLM02: Sensitive Information DisclosureLLMs can inadvertently reveal confidential data, such as PII, financial details, or proprietary business logic, through their outputs. This risk is highest when sensitive data is used in the model's training set or when the application doesn't have sufficient filters to catch sensitive data before it reaches the end user.LLM03: Supply ChainThe LLM "supply chain" includes third-party pre-trained models, datasets, and software plugins. Vulnerabilities can arise from poisoned datasets on public hubs, outdated Python libraries, or compromised "LoRA" adapters. Organizations must vet every component of their AI stack just as they would traditional software.LLM04: Data and Model PoisoningThis involves the manipulation of training data or embedding data to introduce backdoors, biases, or vulnerabilities. By "poisoning" the data the model learns from, an attacker can create a "sleeper agent" model that behaves normally until triggered by a specific prompt to execute a malicious command.LLM05: Improper Output HandlingThis vulnerability occurs when an application blindly accepts LLM output without proper validation or sanitization. Because LLM output can be influenced by prompt injection, failing to treat it as untrusted content can lead to serious downstream attacks like Cross-Site Scripting (XSS), CSRF, or Remote Code Execution (RCE) on backend systems.LLM06: Excessive AgencyAs we move toward "AI Agents," this risk has become critical. It occurs when an LLM is granted too much functionality, too many permissions, or too much autonomy to call external tools and plugins. Without "human-in-the-loop" oversight, a model hallucination or a malicious prompt could trigger irreversible actions in your database or email systems.LLM07: System Prompt LeakageSystem prompts are the hidden instructions used to guide a model's behavior. If an attacker can force the LLM to reveal these instructions, they can uncover sensitive business logic, security guardrails, or even secrets like API keys that were incorrectly placed in the prompt language.LLM08: Vector and Embedding WeaknessesThis new category for 2025 focuses on Retrieval-Augmented Generation (RAG). Weaknesses in how vectors are generated, stored, or retrieved can allow attackers to inject harmful content into the "knowledge base" or perform "inversion attacks" to recover sensitive source information from the vector database.LLM09: MisinformationMisinformation (including "hallucinations") occurs when an LLM produces false or misleading information that appears highly credible. If users or applications place excessive trust in this unverified content, it can lead to reputational damage, legal liability, and dangerous errors in critical decision-making processes.LLM10: Unbounded ConsumptionLarge Language Models are resource-intensive. This category covers "Denial of Service" as well as "Denial of Wallet" (DoW) attacks, where an attacker triggers excessive inferences to skyrocket cloud costs. It also includes "Model Extraction," where attackers query the API repeatedly to steal the model’s intellectual property by training a "shadow model" on its outputs.Operationalizing Risk Management with MITRE ATLASWhile OWASP focuses on vulnerabilities, MITRE ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems) focuses on the "how" of an attack. It provides a roadmap of adversary tactics.Effective AI risk management in 2026 requires mapping your AI logs directly to MITRE ATLAS tactics. This allows your security team to see the "big picture" of a breach. For example:Reconnaissance: Is an unknown entity probing your API to understand the model's logic?Model Evasion: Is someone trying to trick the AI into providing restricted information?Exfiltration: Is data being moved out of your secure environment via an AI interaction?When your compliance tool uses MITRE ATLAS, it speaks the same language as your Security Operations Center (SOC).How Do AI Compliance Tools Automate Framework Mapping?Nobody wants to manually map every API call to a specific paragraph in the NIST AI RMF or the EU AI Act. It is a full-time job that never ends.Look for tools that do this automatically. When a user queries an LLM, the system should instantly log that activity against your active frameworks. If a specific behavior violates a control like sending PII to a public model the tool should flag it as a compliance violation immediately.This automation is critical for passing audits. Instead of scrambling to find evidence, you simply export a report showing how every interaction mapped to the required standard.How Should AI Compliance Tools Integrate with Security Stacks?Do not buy a tool that creates a data silo.Your AI compliance solution should talk to your existing infrastructure. It needs to feed logs into your SIEM (like Splunk or Datadog), verify users through your Identity Provider (like Okta or Azure AD), and fit into your current workflows.If the tool requires a completely separate login and dashboard that nobody checks, it will fail. Security teams do not need more screens; they need better data on the screens they already use.Why Real-Time API Visibility is the Foundation of ComplianceYou cannot comply with what you cannot see. Because almost all AI usage flows through APIs, AI compliance tools must function as API security layers.Any tool that relies on employees voluntarily reporting their AI usage will fail. You need a solution that sits in the flow of traffic to detect:Who is using AI? (Identity-based tracking)Which models are being queried? (Identifying unauthorized "Shadow AI")What data is being sent? (Payload inspection)If your tool doesn't offer network-level or API-level visibility, it’s just a guessing game. You need to know if a developer is sending proprietary code to a public LLM the moment it happens, not weeks later during a manual audit.How Does FireTail Solve the Compliance Puzzle?At FireTail, we believe compliance shouldn't be a separate "administrative" task. It should be baked into the security operations you run every day.FireTail isn't just a dashboard; it’s an active layer of visibility and control.We Map to Reality: We don't just ask what you think is running. We show you the actual API calls and model usage, mapped directly to frameworks like OWASP LLM Top 10 and MITRE Atlas.We Catch the Drift: If a model’s behavior changes or a user starts sending sensitive data, we catch it in real-time, not during a quarterly review.We Automate the Evidence: FireTail creates the logs and traces you need to hand to an auditor, proving that your controls are working.In 2026, compliance is about being able to move fast without breaking things. The right tools give you the brakes and the steering you need to drive AI adoption safely.Ready to automate your AI compliance? See how FireTail maps your real-time usage to the frameworks that matter. Get a demo today.FAQs: AI Compliance ToolsWhat are AI compliance tools?AI compliance tools monitor and document how AI systems are used to meet regulatory and internal requirements, and FireTail does this by mapping real-time AI activity to compliance frameworks.Why do I need a specific tool for AI compliance? Traditional GRC tools cannot see AI prompts and responses in real time, while FireTail provides the visibility needed to audit AI behavior as it happens.How does MITRE ATLAS help with automated AI governance?MITRE ATLAS helps organizations understand attacker tactics. By mapping AI activity to this framework, FireTail allow security teams to treat AI governance as a part of their standard security operations.Can AI compliance tools detect Shadow AI? Effective AI compliance tools detect unauthorized AI usage. FireTail identifies unapproved AI applications across your environment.How does automation help with AI compliance? Automation reduces manual tracking by mapping AI activity to compliance requirements in real time, which FireTail handles automatically.What is prompt injection in AI security?Prompt injection is an attack where someone tricks an LLM into ignoring its original instructions to perform unauthorized actions. FireTail helps detect these "poisoned" prompts in real-time to prevent data breaches.
The post AI Compliance Tools: What to Look For – FireTail Blog appeared first on Security Boulevard.
Discover the best B2B healthcare SaaS SSO solutions for 2026. Compare SAML, OIDC, pricing, and features for secure hospital logins.
The post Top 10 B2B Healthcare SaaS SSO Solutions in 2026 appeared first on Security Boulevard.
Quality assurance teams across modern software development face a new reality. AI enabled applications do not behave like traditional systems. Outputs shift based on context....Read More
The post Agentic AI for Test Workflows. Why Our QA Team Built It and How Testing Changed as a Result appeared first on ISHIR | Custom AI Software Development Dallas Fort-Worth Texas.
The post Agentic AI for Test Workflows. Why Our QA Team Built It and How Testing Changed as a Result appeared first on Security Boulevard.
Passwordless authentication reduces risk and friction in online learning. See how passwordless login protects accounts, boosts access, and supports student services.
The post Why Passwordless Authentication Is Critical for Online Learning & Student Services appeared first on Security Boulevard.
Learn how to debug and fix invalid security token errors in Enterprise SSO, SAML, and CIAM systems. Practical tips for CTOs and VPs of Engineering.
The post How to Resolve Invalid Security Token Issues appeared first on Security Boulevard.
A deep dive into the evolution of identity management and cardspace technology. Learn how modern enterprise sso and ciam solutions replace legacy frameworks.
The post Exploring Identity Management and CardSpace Technology appeared first on Security Boulevard.
Explore the security of passkey synchronization. Learn how end-to-end encryption and cloud providers keep passwordless authentication secure across devices.
The post Are Passkeys Safely Synced Across Multiple Devices? appeared first on Security Boulevard.
With organizations becoming more digitally interconnected, threat actors are placing greater emphasis on manipulating people instead of breaching systems directly. One of the most deceptive and damaging tactics is helpdesk impersonation — a form of social engineering in which attackers pose as legitimate users or trusted personnel to manipulate support staff into granting unauthorized access. […]
The post Helpdesk Impersonation: A High-Risk Social Engineering Attack first appeared on StrongBox IT.
The post Helpdesk Impersonation: A High-Risk Social Engineering Attack appeared first on Security Boulevard.
Key Takeaways When companies run payment systems, those systems operate on infrastructure provided by hosting platforms. That layer includes the servers, networks, and data centers where applications live. The term PCI compliance hosting is commonly used to describe infrastructure environments that have been structured with PCI-related security expectations in mind and that provide documentation and […]
The post Top 5 PCI Compliant Hosting Providers appeared first on Centraleyes.
The post Top 5 PCI Compliant Hosting Providers appeared first on Security Boulevard.
