433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Brinqa BYOAI lets organizations use any AI platform with trusted risk data

Brinqa BYOAI (Bring Your Own AI), a capability that enables organizations to connect any AI agent, large language model (LLM), or automation platform to Brinqa’s exposure intelligence layer. As enterprises adopt AI, they need to ensure that AI systems use accurate, up-to-date risk data. BYOAI connects existing AI tools to a common source of exposure intelligence, providing a consistent foundation for analysis and decision-making. For enterprises, the difference between AI that delivers meaningful business outcomes … More → The post Brinqa BYOAI lets organizations use any AI platform with trusted risk data appeared first on Help Net Security.
http://news.poseidon-us.com/TTBP8B

Cequence introduces behavioral bot detection and biometric verification without CAPTCHAs

Cequence Security has announced the launch of Intent Graph and Biometric Check, two new capabilities that extend the behavioral architecture Cequence has built since its inception. They provide enterprises with bot defense that works across web, mobile, API, and agentic AI traffic, without relying on the client-side signals that sophisticated bots have learned to defeat. The architectural divide in bot defense is now unavoidable. While traditional bot defense relies on browser signals such as CAPTCHAs, … More → The post Cequence introduces behavioral bot detection and biometric verification without CAPTCHAs appeared first on Help Net Security.
http://news.poseidon-us.com/TTBP7S

New Secure Code Warrior framework helps CISOs govern AI-driven software development

Secure Code Warrior has introduced its new SCW AI Adoption Model, a practical framework that maps the progression of AI use in software development, from minimal AI assistance to fully autonomous agentic orchestration. The framework helps CISOs assess their organization’s level of AI adoption, identify the training developers need at each stage, and determine the governance controls required as autonomy increases, answering the question every security leader is asking: Where do we start? Gartner’s 2026 … More → The post New Secure Code Warrior framework helps CISOs govern AI-driven software development appeared first on Help Net Security.
http://news.poseidon-us.com/TTBLqD

DigiCert brings independent trust validation to confidential computing environments

DigiCert has announced it is bringing independent trust validation to confidential computing environments, in collaboration with Google Cloud. By applying the proven principles of Public Key Infrastructure (PKI) to cloud infrastructure, DigiCert will provide cryptographic verification that cloud-hosted systems and workloads are authentic, trusted, and untampered. As organizations move more sensitive applications, AI workloads, and critical operations to the cloud, trust in the underlying infrastructure has become a foundational requirement. Particularly in regulated industries, organizations … More → The post DigiCert brings independent trust validation to confidential computing environments appeared first on Help Net Security.
http://news.poseidon-us.com/TTBLpw

Where IT meets OT and railway cybersecurity gets harder

In this interview with Help Net Security, Jorge Aldegunde, Global Head of Railway Services at DNV, talks through what happens when old operational technology meets newer IT in monorail systems. He explains why open networks widened the attack surface, how teams decide whether to patch a signalling flaw without stopping trains, and who carries the liability. Aldegunde covers regulation like CRA and NIS2, training veteran engineers to think about threat actors, and spotting intruders who … More → The post Where IT meets OT and railway cybersecurity gets harder appeared first on Help Net Security.
http://news.poseidon-us.com/TTBLnz

Linux Process Name Masquerading, (Wed, Jun 24th)

In a previous diary, I talked about stack strings[1] with a practical example of them. Since my SEC670 class, I’m even more interested in malware obfuscation techniques. I had a look at process names. When you list running processes on a computer, can you trust what you see? If you're facing a rootkit, malicious processes can be simply hidden (the API calls or commands to list processed have been tampered). But a malicious process can also mimic a non-suspicious name by masquerading their name. This technique (T1036 in the MITRE ATT&CK framework[2]) has been used by attackers in many campaigns. A good example of the Velvet Ant Chinese group[3]. The goal is to hide the “malware” process name by replacing it with something that won’t attract the Security Analyst’s eyes or defeat security controls.
http://news.poseidon-us.com/TTBK09

Praxen: Open-source AI agent behavior verification

Praxen is an open-source tool with a simple job: it checks whether an AI agent does what it claims to do. The tool takes an agent’s declared policy, looks at how the agent operates, and points out every spot where the two drift apart. It is the reference implementation of Agent Behavior Verification, a control model that hands each agent an authorized role and then confirms the controls hold that agent to it. The idea … More → The post Praxen: Open-source AI agent behavior verification appeared first on Help Net Security.
http://news.poseidon-us.com/TTBHh8