Reading view

Are we ready for ChatGPT Health?

How comfortable are you with sharing your medical history with an AI?

I’m certainly not.

OpenAI’s announcement about its new ChatGPT Health program prompted discussions about data privacy and how the company plans to keep the information users submit safe.

ChatGPT Health is a dedicated “health space” inside ChatGPT that lets users connect their medical records and wellness apps so the model can answer health and wellness questions in a more personalized way.

ChatGPT health

OpenAI promises additional, layered protections designed specifically for health, “to keep health conversations protected and compartmentalized.”

First off, it’s important to understand that this is not a diagnostic or treatment system. It’s framed as a support tool to help understand health information and prepare for care.

But this is the part that raised questions and concerns:

“You can securely connect medical records and wellness apps to ground conversations in your own health information, so responses are more relevant and useful to you.”

In other words, ChatGPT Health lets you link medical records and apps such as Apple Health, MyFitnessPal, and others so the system can explain lab results, track trends (e.g., cholesterol), and help you prepare questions for clinicians or compare insurance options based on your health data.

Given our reservations about the state of AI security in general and chatbots in particular, this is a line that I don’t dare cross. For now, however, I don’t even have the option, since only users with ChatGPT Free, Go, Plus, and Pro plans outside of the European Economic Area, Switzerland, and the United Kingdom can sign up for the waitlist.

OpenAI only uses partners and apps in ChatGPT Health that meet OpenAI’s privacy and security requirements, which, by design, shifts a great deal of trust onto ChatGPT Health itself.

Users should realize that health information is very sensitive and as Sara Geoghegan, senior counsel at the Electronic Privacy Information Center told The Record: by sharing their electronic medical records with ChatGPT Health, users in the US could effectively remove the HIPAA protection from those records, which is a serious consideration for anyone sharing medical data.

She added:

“ChatGPT is only bound by its own disclosures and promises, so without any meaningful limitation on that, like regulation or a law, ChatGPT can change the terms of its service at any time.”

Should you decide to try this new feature out, we would advise you to proceed with caution and take the advice to enable 2FA for ChatGPT to heart. OpenAI claims 230 million users already ask ChatGPT health and wellness questions each week. I’d encourage them to do the same.


We don’t just report on data privacy—we help you remove your personal information

Cybersecurity risks should never spread beyond a headline. With Malwarebytes Personal Data Remover, you can scan to find out which sites are exposing your personal information, and then delete that sensitive data from the internet.

  •  

Global AI adoption in 2025 — A widening digital divide

Read the full Global AI Adoption Report.

Global adoption of artificial intelligence continued to rise in the second half of 2025, increasing by 1.2 percentage points compared to the first half of the year, with roughly one in six people worldwide now using generative AI tools, remarkable progress for a technology that only recently entered mainstream use. 

To track this trend, we measure AI diffusion as the share of people worldwide who have used a generative AI product during the reported period. This measure is derived from aggregated and anonymized Microsoft telemetry and then adjusted to reflect differences in OS and device-market share, internet penetration, and country population. Additional details on the methodology are available in our AI Diffusion technical paper.[1]

No single metric is perfect, and this one is no exception. Through the Microsoft AI Economy Institute, we continue to refine how we measure AI diffusion globally, including how adoption varies across countries in ways that best advance priorities such as scientific discovery and productivity gains. For this report, we rely on the strongest cross-country measure available today, and we expect to complement it over time with additional indicators as they emerge and mature. 

Despite progress in AI adoption, the data shows a widening divide: adoption in the Global North grew nearly twice as fast as in the Global South. As a result, 24.7 percent of the working age population in the Global North is now using these tools, compared to only 14.1 percent in the Global South.  

Countries that have invested early in digital infrastructure, AI skilling, and government adoption, such as the United Arab Emirates, Singapore, Norway, Ireland, France, and Spain, continue to lead. The UAE extended its lead as the #1 ranked country, with 64.0 percent of the working age population using AI at the end of 2025, compared to 59.4 percent earlier in the year. The UAE has opened a lead of more than three percentage points over Singapore, which continues in second place with 60.9 percent adoption.

 

The second half of the year in the United States shows that leadership in innovation and infrastructure, while critical, does not by themselves lead to broad AI adoption. The U.S. leads in both AI infrastructure and frontier model development, but it fell from 23rd to 24th place in AI usage among the working age population, with a 28.3 percent usage rate. It lags far behind smaller, more highly digitized and AI-focused economies. 

South Korea stands out as the clearest end-of-year success story. It surged seven spots in the global rankings, climbing from 25th to 18th, driven by government policies, improved frontier model capabilities in the Korean language, and consumer-facing features that resonated with the population. Generative AI is now used in schools, workplaces, and public services, and South Korea has become one of ChatGPT’s fastest-growing markets, leading OpenAI to open an office in Seoul.[2] 

 

A parallel development reshaping the global landscape in 2025 was the rapid rise of DeepSeek, an open-source AI platform that has gained significant traction in markets long underserved by traditional providers. By releasing its model under an open-source MIT license and offering a completely free chatbot, DeepSeek removed both financial and technical barriers that limit access to advanced AI. Its strongest adoption, not surprisingly has emerged across China, Russia, Iran, Cuba, and Belarus. But perhaps even more notable is DeepSeek’s surging popularity across Africa, where it is aided by strategic promotion and partnerships with firms such as Huawei.[3]

This rapid evolution underscores an increasingly important dimension of AI competition between the United States and China, involving a race to promote adoption of their respective national models. DeepSeek’s success reflects growing Chinese momentum across Africa, a trend that may continue to accelerate in 2026. DeepSeek’s ascent also underscores a broader truth: the global diffusion of AI is influenced by accessibility factors, and the next wave of users may come from communities that have historically had limited access to technological progress. The challenge ahead is ensuring that innovation spreads in ways that help narrow divides rather than deepen them.

[1]A. Misra, J. Wang, S. McCullers, K. White, and J. L. Ferres, “Measuring AI Diffusion: A Population-Normalized Metric for Tracking Global AI Usage,” Nov. 04, 2025, arXiv: arXiv:2511.02781. doi: 10.48550/arXiv.2511.02781..

[2] OpenAI Korea set to launch next month – The Korea Times.” https://www.koreatimes.co.kr/business/companies/20250828/openai-korea-set-to-launch-next-month

[3] S. Rai, L. Prinsloo, and H. Nyambura, “China’s DeepSeek Is Beating Out OpenAI and Google in Africa (1).” Bloomberg News..

The post Global AI adoption in 2025 — A widening digital divide appeared first on Microsoft On the Issues.

  •  

Grok apologizes for creating image of young girls in “sexualized attire”

Another AI system designed to be powerful and engaging ends up illustrating how guardrails routinely fail when development speed and feature races outrun safety controls.

In a post on X, AI chatbot Grok confirmed that it generated an image of young girls in “sexualized attire.”

Apologizing post by Grok

The potential violation of US laws regarding child sexual abuse material (CSAM) demonstrates the AI chatbot’s apparent lack of guardrails. Or, at least, the guardrails are far from as effective as we’d like them to be.

xAI, the company behind Musk’s chatbot, is reviewing the incident “to prevent future issues,” and the user responsible for the prompt reportedly had their account suspended. Reportedly, in a separate post on X, Grok described the incident as an isolated case and said that urgent fixes were being issued after “lapses in safeguards” were identified.

During the holiday period, we discussed how risks increased when AI developments and features are rushed out the door without adequate safety testing. We keep pushing the limits of what AI can do faster than we can make it safe. Visual models that can sexualize minors are precisely the kind of deployment that should never go live without rigorous abuse testing.

So, while on one hand we see geo-blocking due to national and state content restrictions, the AI linked to one of the most popular social media platforms failed to block content that many would consider far more serious than what lawmakers are currently trying to regulate. In effect, centralized age‑verification databases become breach targets while still failing to prevent AI tools from generating abusive material.

Women have also reported being targeted by Grok’s image-generation features. One X user tweeted:

“Literally woke up to so many comments asking Grok to put me in a thong / bikini and the results having so many bookmarks. Even worse I went onto the Grok page and saw slimy disgusting lowlifes doing that to pictures of CHILDREN. Genuinely disgusting.”

We can only imagine the devastating results when cybercriminals would abuse this type of weakness to defraud or extort parents with fabricated explicit content of their young ones. Tools for inserting real faces into AI-generated content are already widely available, and current safeguards appear unable to reliably prevent abuse.

Tips

This incident is yet another compelling reason to reduce your digital footprint. Think carefully before posting photos of yourself, your children, or other sensitive information on public social media accounts.

Treat everything you see online—images, voices, text—as potentially AI-generated unless they can be independently verified. They’re not only used to sway opinions, but also to solicit money, extract personal information, or create abusive material.


We don’t just report on threats – we help protect your social media

Cybersecurity risks should never spread beyond a headline. Protect your social media accounts by using Malwarebytes Identity Theft Protection.

  •  

A week in security (December 29 – January 4)

Last week on Malwarebytes Labs:

Stay safe!


We don’t just report on privacy—we offer you the option to use it.

Privacy risks should never spread beyond a headline. Keep your online privacy yours by using Malwarebytes Privacy VPN.

  •  

How AI made scams more convincing in 2025

This blog is part of a series where we highlight new or fast-evolving threats in consumer security. This one focuses on how AI is being used to design more realistic campaigns, accelerate social engineering, and how AI agents can be used to target individuals.

Most cybercriminals stick with what works. But once a new method proves effective, it spreads quickly—and new trends and types of campaigns follow.

In 2025, the rapid development of Artificial Intelligence (AI) and its use in cybercrime went hand in hand. In general, AI allows criminals to improve the scale, speed, and personalization of social engineering through realistic text, voice, and video. Victims face not only financial loss, but erosion of trust in digital communication and institutions.

Social engineering

Voice cloning

One of the main areas where AI improved was in the area of voice-cloning, which was immediately picked up by scammers. In the past, they would mostly stick to impersonating friends and relatives. In 2025, they went as far as impersonating senior US officials. The targets were predominantly current or former US federal or state government officials and their contacts.

In the course of these campaigns, cybercriminals used test messages as well as AI-generated voice messages. At the same time, they did not abandon the distressed-family angle. A woman in Florida was tricked into handing over thousands of dollars to a scammer after her daughter’s voice was AI-cloned and used in a scam.

AI agents

Agentic AI is the term used for individualized AI agents designed to carry out tasks autonomously. One such task could be to search for publicly available or stolen information about an individual and use that information to compose a very convincing phishing lure.

These agents could also be used to extort victims by matching stolen data with publicly known email addresses or social media accounts, composing messages and sustaining conversations with people who believe a human attacker has direct access to their Social Security number, physical address, credit card details, and more.

Another use we see frequently is AI-assisted vulnerability discovery. These tools are in use by both attackers and defenders. For example, Google uses a project called Big Sleep, which has found several vulnerabilities in the Chrome browser.

Social media

As mentioned in the section on AI agents, combining data posted on social media with data stolen during breaches is a common tactic. Such freely provided data is also a rich harvesting ground for romance scams, sextortion, and holiday scams.

Social media platforms are also widely used to peddle fake products, AI generated disinformation, dangerous goods,  and drop-shipped goods.

Prompt injection

And then there are the vulnerabilities in public AI platforms such as ChatGPT, Perplexity, Claude, and many others. Researchers and criminals alike are still exploring ways to bypass the safeguards intended to limit misuse.

Prompt injection is the general term for when someone inserts carefully crafted input, in the form of an ordinary conversation or data, to nudge or force an AI into doing something it wasn’t meant to do.

Malware campaigns

In some cases, attackers have used AI platforms to write and spread malware. Researchers have documented campaign where attackers leveraged Claude AI to automate the entire attack lifecycle, from initial system compromise through to ransom note generation, targeting sectors such as government, healthcare, and emergency services.

Since early 2024, OpenAI says it has disrupted more than 20 campaigns around the world that attempted to abuse its AI platform for criminal operations and deceptive campaigns.

Looking ahead

AI is amplifying the capabilities of both defenders and attackers. Security teams can use it to automate detection, spot patterns faster, and scale protection. Cybercriminals, meanwhile, are using it to sharpen social engineering, discover vulnerabilities more quickly, and build end-to-end campaigns with minimal effort.

Looking toward 2026, the biggest shift may not be technical but psychological. As AI-generated content becomes harder to distinguish from the real thing, verifying voices, messages, and identities will matter more than ever.


We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

  •  

2025 exposed the risks we ignored while rushing AI

This blog is part of a series where we highlight new or fast-evolving threats in the consumer security landscape. This one looks at how the rapid rise of Artificial Intelligence (AI) is putting users at risk.

In 2025 we saw an ever-accelerating race between AI providers to push out new features. We also saw manufacturers bolt AI onto products simply because it sounded exciting. In many cases, it really shouldn’t have.

Agentic browsers

Agentic or AI browsers that can act autonomously to execute tasks introduced a new set of vulnerabilities—especially to prompt injection attacks. With great AI power comes great responsibility, and risk. If you’re thinking about using an AI browser, it’s worth slowing down and considering the security and privacy implications first. Even experienced AI providers like OpenAI (the makers of ChatGPT) were unable to keep their agentic browser Atlas secure. By pasting a specially crafted link into the Omnibox, attackers were able to trick Atlas into treating a URL input as a trusted command.

Mimicry

The popularity of AI chatbots created the perfect opportunity for scammers to distribute malicious apps. Even if the AI engine itself worked perfectly, attackers have another way in: fake interfaces. According to BleepingComputer, scammers are already creating spoofed AI sidebars that look identical to real ones from browsers like OpenAI’s Atlas and Perplexity’s Comet. These fake sidebars mimic the real interface, making them almost impossible to spot.

Misconfiguration

And then there’s this special category of using AI in products because it sounds cooler with AI or you can ask for more money from buyers.

Toys

We saw a plush teddy bear promising “warmth, fun, and a little extra curiosity” that was taken off the market after researcher found its built-in AI responding with sexual content and advice about weapons. Conversations escalated from innocent to sexual within minutes. The bear didn’t just respond to explicit prompts, which would have been more or less understandable. Researchers said it introduced graphic sexual concepts on its own, including BDSM-related topics, explained “knots for beginners,” and referenced roleplay scenarios involving children and adults.

Misinterpretation

Sometimes we rely on AI systems too much and forget that they hallucinate. As in the case where a school’s AI system mistook a boy’s empty Doritos bag for a gun and triggered a full-blown police response. Multiple police cars arrived with officers drawing their weapons, all because of a false alarm.

Data breaches

Alongside all this comes a surge in privacy concerns. Some issues stem from the data used to train AI models; others come from mishandled chat logs. Two AI companion apps recently exposed private conversations because users weren’t clearly warned that certain settings would result in their conversations becoming searchable or result in targeted advertising.

So, what should we do?

We’ve said it before and we’ll probably say it again:  We keep pushing the limits of what AI can do faster than we can make it safe. As long as we keep chasing the newest features, companies will keep releasing new integrations, whether they’re safe or not.

As consumers, the best thing we can do is stay informed about new developments and the risks that come with them. Ask yourself: Do I really need this? What am I trusting AI with? What’s the potential downside? Sometimes it’s worth doing things the slower, safer way.


We don’t just report on privacy—we offer you the option to use it.

Privacy risks should never spread beyond a headline. Keep your online privacy yours by using Malwarebytes Privacy VPN.

  •  

New cybersecurity laws and trends in 2026 | Kaspersky official blog

The outgoing year of 2025 has significantly transformed our access to the Web and the ways we navigate it. Radical new laws, the rise of AI assistants, and websites scrambling to block AI bots are reshaping the internet right before our eyes. So what do you need to know about these changes, and what skills and habits should you bring with you into 2026? As is our tradition, we’re framing this as eight New Year’s resolutions. What are we pledging for 2026?…

Get to know your local laws

Last year was a bumper crop for legislation that seriously changed the rules of the internet for everyday users. Lawmakers around the world have been busy:

  • Banning social media for teens
  • Introducing strict age verification (think scanning your ID) procedures to visit certain categories of websites
  • Requiring explicit parental consent for minors to access many online services
  • Applying pressure through blocks and lawsuits against platforms that wouldn’t comply with existing child protection laws — with Roblox finding itself in a particularly bright spotlight

Your best bet is to get news from sites that report calmly and without sensationalism, and to review legal experts’ commentaries. You need to understand what obligations fall on you, and, if you have underage children — what changes for them.

You might face difficult conversations with your kids about new rules for using social media or games. It’s crucial that teenage rebellion doesn’t lead to dangerous mistakes such as installing malware disguised as a “restriction-bypassing mod”, or migrating to small, unmoderated social networks. Safeguarding the younger generation requires reliable protection on their computers and smartphones, alongside parental control tools.

But it’s not just about simple compliance with laws. You’ll almost certainly encounter negative side effects that lawmakers didn’t anticipate.

Master new methods of securing access

Some websites choose to geoblock certain countries entirely to avoid the complexities of complying with regional regulations. If you’re certain your local laws allow access to the content, you can bypass these geoblocks by using a VPN. You need to select a server in a country where the site is accessible.

It’s important to choose a service that doesn’t just offer servers in the right locations, but actually enhances your privacy — as many free VPNs can effectively compromise it. We recommend Kaspersky VPN Secure Connection.

Brace for document leaks

While age verification can be implemented in different ways, it often involves websites using a third-party verification service. On your first login attempt, you’ll be redirected to a separate site to complete one of several checks: take a photo of your ID or driver’s license, use a bank card, or nod and smile for a video, and so on.

The mere idea of presenting a passport to access adult websites is deeply unpopular with many people on principle. But beyond that, there’s a serious risk of data leaks. These incidents are already a reality: data breaches have impacted a contractor used to verify Discord users, as well as service providers for TikTok and Uber. The more websites that require this verification, the higher the risk of a leak becomes.

So what can you do?

  • Prioritize services that don’t require document uploads. Instead, look for those utilizing alternative age verification methods such as a micro-transaction charge to a payment card, confirmation through your bank or another trusted external provider, or behavioral/biometric analysis.
  • Pick the least sensitive and easiest-to-replace document you have, and use only that one for all verifications. “Least sensitive” in this case means containing minimal personal data, and not referencing other primary identifiers like a national ID number.
  • Use a separate, dedicated email address and phone number in combination with that document. For the sites and services that don’t verify your identity, use completely different contact details. This makes it much harder for your data to be easily pieced together from different leaks.

Learn scammers’ new playbook

It’s highly likely that under the guise of “age verification”, scammers will begin phishing for personal and payment data, and pushing malware onto visitors. After all, it’s very tempting to simply copy and paste some text on your computer instead of uploading a photo of your passport. Currently, ClickFix attacks are mostly disguised as CAPTCHA checks, but age verification is the logical next step for these schemes. How to lower these risks?

  • Carefully check any websites that require verification. Do not complete the verification if you’ve already done it for that service before, or if you landed on the verification page via a link from a messaging app, search engine, or ad.
  • Never download apps or copy and paste text for verification. All legitimate services operate within the browser window, though sometimes desktop users are asked to switch to a smartphone to complete the check.
  • Analyze and be suspicious of any situation that requires entering a code received via a messaging app or SMS to access a website or confirm an action. This is often a scheme to hijack your messaging account or another critical service.
  • Install reliable security software on all your computers and smartphones to help block access to scam sites. We recommend Kaspersky Premium — it provides: a secure VPN, malware protection, alerts if your personal data appears in public leaks, a password manager, parental controls, and much more.

Cultivate healthy AI usage habits

Even if you’re not a fan of AI, you’ll find it hard to avoid: it’s literally being shoved into each everyday service: Android, Chrome, MS Office, Windows, iOS, Creative Cloud… the list is endless. As with fast food, television, TikTok, and other easily accessible conveniences, the key is striking a balance between the healthy use of these assistants and developing an addiction.

Identify the areas where your mental sharpness and personal growth matter most to you. A person who doesn’t run regularly lowers their fitness level. Someone who always uses GPS navigation gets worse at reading paper maps. Wherever you value the work of your mind, offloading it to AI is a path to losing your edge. Maintain a balance: regularly do that mental work yourself — even if AI can do it well — from translating text to looking up info on Wikipedia. You don’t have to do it all the time, but remember to do it at least some of the time. For a more radical approach, you can also disable AI services wherever possible.

Know where the cost of a mistake is high. Despite developers’ best efforts, AI can sometimes deliver completely wrong answers with total confidence. These so-called hallucinations are unlikely to be fully eradicated anytime soon. Therefore, for important documents and critical decisions, either avoid using AI entirely, or scrutinize its output with extreme care. Check every number, every comma.

In other areas, feel free to experiment with AI. But even for seemingly harmless uses, remember that mistakes and hallucinations are a real possibility.

How to lower the risk of leaks. The more you use AI, the more of your information goes to the service provider. Whenever possible, prioritize AI features that run entirely on your device. This category includes things like the protection against fraudulent sites in Chrome, text translation in Firefox, the rewriting assistant in iOS, and so on. You can even run a full-fledged chatbot locally on your own computer.

AI agents need close supervision. The agentic capabilities of AI — where it doesn’t just suggest but actively does work for you — are especially risky. Thoroughly research the risks in this area before trusting an agent with online shopping or booking a vacation. And use modes where the assistant asks for your confirmation before entering personal data — let alone buying anything.

Audit your subscriptions and plans

The economics of the internet is shifting right before our eyes. The AI arms race is driving up the cost of components and computing power, tariffs and geopolitical conflicts are disrupting supply chains, and baking AI features into familiar products sometimes comes with a price hike. Practically any online service can get more expensive overnight — sometimes by double-digit percentages. Some providers are taking a different route, moving away from a fixed monthly fee to a pay-per-use model for things like songs downloaded or images generated.

To avoid nasty surprises when you check your bank statement, make it a habit to review the terms of all your paid subscriptions at least three or four times a year. You might find that a service has updated its plans and that you need to downgrade to a simpler one. Or a service might have quietly signed you up for an extra feature you’re not even aware of — and you need to disable it. Some services might be better switched to a free tier or canceled altogether. Financial literacy is becoming a must-have skill for managing your digital spending.

To get a complete picture of your subscriptions and truly understand how much you’re spending on digital services each month or year, it’s best to track them all in one place. A simple Excel or Google Docs spreadsheet works, but a dedicated app like SubsCrab is more convenient. It sends reminders for upcoming payments, shows all your spending month-by-month, and can even help you find better deals on the same or similar services.

Prioritize the longevity of your tech

The allure of powerful new processors, cameras, and AI features might tempt you to buy a new smartphone or laptop in 2026, but planning for making it last for several years should be a priority. There are a few reasons…

First, the pace of meaningful new features has slowed, and the urge to upgrade frequently has diminished for many. Second, gadget prices have risen significantly due to more expensive chips, labor, and shipping — making major purchases harder to justify. Furthermore, regulations like those in the EU now require easily replaceable batteries in new devices, meaning the part that wears out the fastest in a phone will be simpler and cheaper to swap out yourself.

So, what does it take to make sure your smartphone or laptop reliably lasts several years?

  • Physical protection. Use cases, screen protectors, and maybe even a waterproof pouch.
  • Proper storage. Avoid extreme temperatures, don’t leave it baking in direct sun or freezing overnight in a car at -15°C.
  • Battery care. Avoid regularly draining it to single-digit percentages.
  • Regular software updates. This is the trickiest part. Updates are essential for security to protect your phone or laptop from new types of attacks. However, updates can sometimes cause slowdowns, overheating, or battery drain. The prudent approach is to wait about a week after a major OS update, check feedback from users of your exact model, and only install it if the coast seems clear.

Secure your smart home

The smart home is giving way to a new concept: the intelligent home. The idea is that neural networks will help your home make its own decisions about what to do and when, all for your convenience — without needing pre-programmed routines. Thanks to the Matter 1.3 standard, a smart home can now manage not just lights, TVs, and locks, but also kitchen appliances, dryers, and even EV chargers! Even more importantly, we’re seeing a rise in devices where Matter over Thread is the native, primary communication protocol, like the new IKEA KAJPLATS lineup. Matter-powered devices from different vendors can see and communicate with each other. This means you can, say, buy an Apple HomePod as your smart home central hub and connect Philips Hue bulbs, Eve Energy plugs, and IKEA BILRESA switches to it.

All of this means that smart and intelligent homes will become more common — and so will the ways to attack them. We have a detailed article on smart home security, but here are a few key tips relevant in light of the transition to Matter.

  • Consolidate your devices into a single Matter fabric. Use the minimum number of controllers, for example, one Apple TV + one smartphone. If a TV or another device accessible to many household members acts as a controller, be sure to use password security and other available restrictions for critical functions.
  • Choose a hub and controller from major manufacturers with a serious commitment to security.
  • Minimize the number of devices connecting your Matter fabric to the internet. These devices — referred to as Border Routers — must be well-protected from external cyberattacks, for example, by restricting their access at the level of your home internet router.
  • Regularly audit your home network for any suspicious, unknown devices. In your Matter fabric, this is done via your controller or hub, and in your home network — via your primary router or a feature like Smart Home Monitor in Kaspersky Premium.

  •  

Intezer named a top-tier Solutions Partner in the Microsoft AI Cloud partner program

Security teams that rely on Microsoft know the power of a deeply integrated security stack. Today, we’re proud to announce an important milestone that further strengthens that ecosystem.

Intezer has been named a top-tier Solutions Partner in the Microsoft AI Cloud Partner Program (MAICPP), a designation reserved for solutions that meet Microsoft’s highest standards for security, architecture, and seamless cloud integration.

This recognition follows a successful Microsoft technical audit and certifies the Intezer Forensic AI SOC platform as trusted, Microsoft-validated software designed to deliver real security outcomes for modern SOC teams.

Join AI SOC Live on January 6th to see how to maximize your Microsoft Security investment with  Forensic AI SOC. January 6th | 9am PT | 12pm EST.

Strengthening Microsoft-driven SOCs with Forensic AI

Microsoft security tools generate powerful signals, but signals alone don’t equal outcomes. SOC teams still face alert overload, limited context, and the constant risk that real threats hide in low- or medium-severity alerts.

The Intezer Forensic AI SOC platform was built to solve this problem.

Intezer strengthens the outcomes of Microsoft-driven SOCs by combining agentic AI with automated forensic investigation, enriching Microsoft alerts with deep technical evidence and cross-platform context. The platform investigates alerts from and across:

  • Microsoft Defender for Endpoint
  • Microsoft Defender for Identity (Entra ID)
  • Microsoft Defender for Office 365 and reported phishing
  • Microsoft Sentinel
  • Microsoft Defender for Cloud
  • Non-Microsoft security tools across endpoint, identity, cloud, email, and network environments

Instead of triaging only “high severity” alerts, Intezer investigates every alert with automated querying of Microsoft Sentinel, whenever needed, to enrich alerts, correlate logs, and validate activity. This provides visibility into every incident without manual lookups or switching tools.

How Intezer delivers better SOC outcomes on Microsoft

24/7 AI-powered triage and investigation

Intezer automatically triages and investigates 100% of alerts, including low- and medium-severity alerts that are commonly ignored. By mirroring how expert human analysts investigate incidents, using multiple AI models combined with deterministic forensics, Intezer delivers speed without sacrificing accuracy.

Less than 4% alerts escalated, higher confidence decisions

Across Microsoft and non-Microsoft alerts, fewer than 4% are escalated to human analysts. Each verdict is backed by forensic evidence, reducing noise, eliminating guesswork, and enabling analysts to focus only on what truly matters.

Faster response with native Microsoft actions

Intezer enables automated remediation directly through Microsoft tools, including:

  • Device isolation via Defender for Endpoint
  • User lockout through Entra ID
  • Email quarantine in Defender for Office 365
  • Interactive response via Microsoft Teams

This tight integration allows teams to move from alert to action in minutes, without switching tools or workflows.

Built to maximize the value of Microsoft security investments

“This designation reflects our commitment to helping organizations get the most out of their Microsoft security investments,” said Itai Tevet, CEO and co-founder of Intezer.
“As a top-tier Solutions Partner in the Microsoft AI Cloud Partner Program, we deliver AI-powered, forensic-grade investigations that strengthen the security outcomes of SOC teams using Defender, Sentinel, and the broader Microsoft Security Suite. We help teams move from alerts to clear, confident decisions in minutes.”

Intezer customers can also purchase directly through the Microsoft Azure Marketplace and apply existing Azure credits, simplifying procurement and accelerating time to value.

What the MAICPP designation means for security teams

The Microsoft AI Cloud Partner Program recognizes partners whose solutions are proven to work at scale across the Microsoft Cloud. Achieving top-tier Solutions Partner status signals that Intezer:

  • Meets Microsoft’s highest standards for security, reliability, and architectural excellence
  • Integrates deeply and natively across the Microsoft Security Suite
  • Delivers validated customer impact for organizations operating on Microsoft infrastructure

For customers, this designation provides confidence that Intezer is not just compatible with Microsoft security, but purpose-built to extend and elevate it.

Why this matters now

As SOCs face increasing alert volumes, tighter budgets, and a growing shortage of skilled analysts, automation alone is no longer enough. Security teams need forensic-grade AI that can explain why an alert matters, not just label it.

The MAICPP designation confirms that Intezer delivers exactly that:

  • Enterprise-grade accuracy
  • Microsoft-validated integrations
  • Proven SOC efficiency at scale

For organizations running on Microsoft, Intezer is now officially recognized as a trusted partner to help transform alerts into outcomes.

Learn more about Intezer Forensic AI SOC for Microsoft or get started today through the Azure Marketplace.

The post Intezer named a top-tier Solutions Partner in the Microsoft AI Cloud partner program appeared first on Intezer.

  •  

Partnering with Precision in 2026

If 2025 proved anything, it’s that no one wins alone in cybersecurity. AI-driven threats accelerated, and environments grew more complex while enterprises pushed hard for simplicity, integrated protection and security outcomes that deliver measurable results and meaningful value.

In response, we saw our partners around the globe lean into integration, treat AI as a built-in advantage and use the strength of our ecosystem as a force multiplier. The result: What could have been a disruptive year instead became one defined by growth and learning across our partner community.

Now, those lessons are guiding how Palo Alto Networks plans to partner with even greater precision in 2026. We remain a channel-first company that’s all-in on our ecosystem and united with our partners in a shared purpose to protect our customers’ digital future. But we also intend to double down in several areas in the year ahead, and we’re asking our partners to join us in doing the same.

1. Simplifying Security Through Integration

One message from customers that came through loud and clear in 2025 is that complexity is the enemy of resilience. Many enterprises are grappling with tool sprawl – multiple consoles, disconnected policies and overlapping investments that slow down their teams when speed and agility matter most.

The partners who delivered some of the most transformative results for organizations this year were those who chose integration over complexity and collaboration over siloed tools. With a laser focus on simplifying security, they were able to help customers:

  • Consolidate fragmented point tools onto a unified security platform.
  • Align visibility across the network, cloud and security operations center (SOC), so teams can respond faster.
  • Build architectures with zero trust and AI-powered detection at the core.

We saw this simplifying-security trend through integration across our ecosystem. Partners unified cloud security and detection workflows through Cortex® Cloud™ and Cortex. Teams modernized network architectures with tighter integration across our platform. We expect this activity to only accelerate in the coming year as our cloud security offerings continue to evolve.

When we innovate together, customers gain stronger defenses and a faster time-to-value. That’s why Palo Alto Networks has invested so heavily in platformization. When you connect our capabilities across network security, cloud security and security operations (wrapping them with your consulting, delivery and managed services) customers can experience something fundamentally better. With fewer gaps and clearer signals, they can build a security posture that’s built for the speed of modern threats.

In 2026, deep integration will remain a cornerstone of how we partner with precision. We’ll continue aligning our portfolio, programs and joint engagement model, so you can build offerings that reduce complexity for customers and create stronger differentiation for your business.

2. Making AI a Built-in Advantage

At Palo Alto Networks, our approach to AI in cybersecurity is straightforward. We believe AI must be embedded, not bolted on. It has to live in the data, analytics and workflows your teams rely on every day. That’s the thinking behind Precision AI®, and it’s why we built AI capabilities into our platform’s core.

Partners who treated AI as a platform capability rather than a standalone tool delivered some of the strongest outcomes for customers in 2025. They were able to meet customers’ needs and deliver business outcomes in a single, unified approach. They helped organizations:

  • Detect and respond to threats faster with AI-assisted analytics.
  • Use automation to streamline change, investigation and response workflows.
  • Tie AI to tangible outcomes, such as reduced risk, higher productivity and a better user experience.

In 2026, we’ll double down on AI across the platform and invest in the tools, content and enablement you need to bring those capabilities to life. Our focus is on making it easier for you to build AI-powered services that are repeatable and aligned to the outcomes customers expect.

Upcoming program changes reflect that intent. We’ll promote next-generation security as a growth engine and invest in ways that strengthen partner profitability across consulting services, resale, quality delivery, technical support and managed security services.

3. Ensuring Our Ecosystem Can Be a Growth Engine for Everyone

As AI raised the bar for both attackers and defenders in 2025, the partners who leaned into platformization and outcome-driven services were the ones who helped customers stay ahead of the curve. Those successes are now shaping how we strengthen and scale the partner ecosystem in 2026.

Our ecosystem isn’t just a route to market; it’s intended to be an economic engine for everyone involved. This year, many partners grew their business by building practices around our platform and aligning their services with where customers needed the most support: strategy, implementation, optimization, ongoing operations. We saw especially strong momentum from partners’ expansions:

  • Consulting and advisory services around zero trust and AI-driven transformation.
  • Resale opportunities centered on platform consolidation and next-generation security.
  • Quality delivery and technical support that keep deployments reliable and current.
  • Managed security services that give customers 24/7 protection and expert oversight.

These achievements reflect the value exchange at the heart of our ecosystem. Palo Alto Networks invests in platformization, AI and enablement, while our partners bring delivery expertise, regional insight and service innovation. Together, we create outcomes neither of us could deliver alone.

In 2026, we plan to build on that momentum and drive even greater partner profitability. Program evolutions will focus on growth across the full lifecycle, from initial design and implementation to long-term operation and optimization. We’re also expanding collaboration with our technology alliances to build new joint offerings and solution plays that the ecosystem can take to market together.

When we combine our platform, your expertise and the capabilities of our Alliance partners, then customers gain more paths to adopt next-generation security with confidence, and you gain more opportunities to develop differentiated, high-value practices.

Keeping Customers at the Center

At the heart of every partner collaboration is the customer, of course. Everything we build, integrate and advance together starts and ends with protecting them. This year, ecosystem alignment delivered measurable impact for our customers across industries. When partners lead with integrated solutions anchored in our platform, organizations saw visible improvements:

  • Faster deployment of secure solutions.
  • Reduced complexity with unified visibility.
  • Greater confidence in defending against today’s AI-driven threats.

We saw this firsthand in joint wins across cloud security transformations, zero trust modernization and AI-assisted threat detection. When our ecosystem moves together, customers can move faster, operate more securely and achieve meaningful outcomes. Customer success is the foundation of everything we do as a partner-led organization, and it will remain our North Star in 2026.

Partnering with Precision in 2026 and Beyond

What we learned and achieved together in 2025 points us toward a clear focus for 2026 to advance ecosystem-led innovation, so we can deliver outcomes that matter most to our customers.

With that mission in mind, we will focus on the following four priorities:

  • Deeper Integration – Expanding API partnerships and strengthening interoperability across the platform.
  • Co-Innovation – Enabling partners to build solutions tailored to industry needs and use cases.
  • Empowered Enablement – Investing in learning, automation and AI capabilities that fuel differentiated, profitable services.
  • Simplified Engagement – Streamlining programs and tools, so that partnering with us is faster and more rewarding.

These priorities highlight the real strength of our ecosystem: How platformization, AI and partner expertise come together to enable what we could not build alone.

Finally, to our partners and customers, thank you. Your trust, collaboration and commitment push us to innovate boldly and continuously. As we enter the new year, I’m excited about what we’ll build together. When we align our AI-powered platform, our partner programs and your expertise in delivery, services and managed security, we can deliver something far greater than a set of solutions.

We’re a powerful team that’s not just defending against what’s next; we’re defining the future of cybersecurity. And together, we’re unstoppable.

Partners, join us in shaping the next chapter of secure, AI-powered innovations. Connect with your Channel Business Manager to align on 2026 opportunities, upcoming program updates and ways we can elevate customer outcomes together. Visit the partner portal to learn more.


Key Takeaways

  • Integration beats complexity.
    Unifying technology, data and expertise drove the strongest outcomes in 2025, helping partners reduce risk and accelerate time-to-value for customers.
  • AI is a built-in advantage.
    By tapping into AI embedded across our cybersecurity platform, partners can address security and business outcomes simultaneously and deliver repeatable, profitable, AI-powered services.
  • The partner ecosystem is a growth engine, and together, we’re unstoppable.
    Our 2026 priorities focus on deeper integration, coinnovation, empowered enablement and simplified engagement that drive partner profitability and stronger customer outcomes.

The post Partnering with Precision in 2026 appeared first on Palo Alto Networks Blog.

  •  

Comprehensive Google SecOps migration checklist for CISOs and SOC leaders

There’s a clear trend emerging with many organizations transitioning from legacy SIEMs to Google SecOps. While the Google SIEM platform is powerful, in our experience working with enterprise clients, that power only reveals itself when security leaders make three early decisions correctly:

  • Detection strategy: Whether to migrate existing rules or start fresh with a green-field approach.
  • Data onboarding: How to scale ingestion across multi-cloud environments without breaking pipelines.
  • Operating model: Building workflows that prevent “alert debt” from piling up on day one.

The strategic message is clear. Treat SIEM detection management with the same diligence you treat core security architecture, and augment your analysts with AI-powered triage so your humans can focus on higher-order investigations.

Here’s a practical checklist for discovery, migration, and operational success, designed for CISOs and SOC leaders evaluating a move to Google SecOps.

NOTE: This blog post is relevant to anyone considering a Chronicle SIEM migration as Google SecOps is the new Google branding for Chronicle.

The tl;dr version of the Google SIEM migration checklist 

PhaseKey focus
Pre-MigrationInventory, pain-point assessment, business justification
MigrationTool selection, data ingestion, rule/dashboard migration, Integration, governance & risk
Post-MigrationMeasurement of success, continuous improvement, cost optimisation, governance & reporting

Full Google SecOps migration checklist

Let’s dive into the details for each phase of the migration process.

Pre-migration checklist: Establishing the baseline

  1. Inventory current environment
    • Catalogue all data sources feeding Splunk: log types, volumes (GB/day), retention policies, on-prem vs cloud vs multi-cloud.
    • Map all current detections, dashboards, reports, playbooks, SOAR workflows.
    • Identify any compliance/regulatory retention obligations (audit logs, legal hold).
    • Establish current licensing costs, infrastructure (forwarders, indexers), staffing.
  2. Assess SIEM performance & pain points
    • Are you seeing cost escalation vs benefit (slower detection, high false positives, low automation)?
    • Is the SIEM struggling with data volume growth, scalability, multi-cloud telemetry?
    • Are SOC analysts spending more time on infrastructure/configuration than investigations?
    • Are you able to integrate newer requirements (cloud workloads, containers, IoT/OT, multi-cloud) effectively? This 451 Research report indicates many orgs run multiple SIEMs due to tool sprawl.
  3. Define business & security objectives
    • What do you hope to achieve? E.g., faster detection/response, lower cost, improved coverages, cloud alignment.
    • What are the key metrics: mean time to detect (MTTD), mean time to respond (MTTR), cost-per-alert, false positive rate, regulatory coverage, etc.
    • What is your target SOC maturity in e.g., 12-24 months? Are you planning a cloud-first strategy, heavier automation/AI, less on-prem infrastructure?
  4. Build the migration justification
    • Prepare a comparative TCO/ROI: legacy SIEM vs cloud-native. Google SecOps materials claim e.g., “ingest and analyse your data at Google speed and scale” and highlight cost benefit.
    • Understand what it will cost to migrate: re-write detections, dashboards, data flows, training, potential downtime.
    • Present risk assessment: What happens if you don’t migrate (risk of obsolete tool, scaling failure, cost spirals)? The “Great SIEM Migration” guide argues that legacy tools may become “dinosaurs”.

Migration-phase checklist: Executing the transition

  1. Select migration path & vendor/partner support
  2. Data ingestion, normalization & compatibility
    • Ensure: all of your log types/sources in Splunk are supported by the new platform. Google SecOps supports ingestion of Splunk CIM logs.
    • Plan for data mapping: Splunk field names, dashboards, custom fields → new schema.
    • Address historic data: Will you migrate archives? Will you keep Splunk as store-only? Community posts warn that mapping old archives can be complex.
    • Validate performance: test ingestion, query latency, retention policies on the new platform.
  3. Detection rules, dashboards, SOAR workflows
    • Catalogue existing detection rules, dashboards, SOAR playbooks in Splunk.
    • Determine which can be reused, which need rewriting. Ensure parity: detection coverage, mapping to MITRE ATT&CK, business use-cases. Splunk claims strong out-of-box detection library.
    • Build and test new rules/playbooks in Google SecOps; validate they meet or exceed current performance (MTTD, MTTR, false positives).
    • Ensure analyst training and new workflows are adopted: new UI, new query language, new incident-investigation flows (Google SecOps offers “Gemini in security operations” natural-language assistant).
  4. Integration & ecosystem fit
    • Ensure that Google SecOps integrates with your existing tool-stack (EDR, identity, network, cloud logs, SOAR, threat intel). Google advertises 300+ SOAR integrations.
    • Confirm multi-cloud/on-prem data ingestion: check vendor statements.
    • Validate APIs, custom connectors, forwarder architecture. Splunk vs Google SecOps comparison note: Splunk emphasizes hybrid flexibility.
  5. Governance, compliance & retention
    • Check how historic data will be retained, archived, accessed, both for compliance (audits/regulators) and investigations.
    • Confirm where the data resides (region/residency rules), encryption, access controls. Google SecOps claims to treat all data as first-party.
    • Align on SLAs, incident response metrics, roles & responsibilities.
    • Define cut-over strategy: Will Splunk be decommissioned or kept in read-only mode? Define freeze date, dual-runs, parallel operations.
  6. Risk management & business continuity
    • Define fallback/rollback plans: If the new platform fails, do you have the old SIEM in warm standby?
    • Monitor for data loss/misalignment during migration (NXLog warns of risks).
    • Communicate to stakeholders: SOC analysts, business units, auditors. Ensure training and change-management.
    • Set benchmarks and metrics: Time to detect/resolve in new platform vs old; cost per alert; staff utilisation; alert volumes; false positives.

Post-migration checklist: Optimizing & sustaining value

  1. Validate outcomes & measure success
    • Measure MTTD, MTTR, alert volumes, analyst productivity pre- and post-migration.
    • Compare actual cost savings vs business case.
    • Assess detection coverage: Are all critical use-cases still covered? Are any gaps emerging?
    • Run periodic health checks (some vendors like CardinalOps offer detection-rule health monitoring with MITRE ATT&CK coverage for Google SecOps).
  2. Continuous improvement & SOC maturity evolution
    • SOC maturity doesn’t stop at migration. Use freed-up resources to focus on advanced use-cases (threat hunting, proactive detection, automation, investigations).
    • Tune detection rules, remove noise, refine playbooks.
    • Leverage AI/natural-language features (Google SecOps touts “Gemini in security operations”).
    • Plan for future: hybrid/multi-cloud expansions, new telemetry sources, OT/IoT, supply-chain threats.
  3. Decommission legacy infrastructure & optimise cost
    • If the migration path included decommissioning the old SIEM (or reducing its role), ensure you turn off unneeded licences/infra.
    • Monitor the cost model of the new platform: ingestion volumes, retention policies—ensure you don’t inadvertently pay for excess.
    • Re-allocate resources: freed licences, server hardware, staff time — invest into SOC capability rather than maintenance.
  4. Governance, audit and stakeholder reporting
    • Update your SOC governance frameworks: incident-response playbooks, escalation paths, KPIs aligned with the new platform.
    • Communicate to board/executive leadership key outcomes: improved detection/response, cost rationalization, strategic alignment.
    • Ensure audit/compliance reports reflect the new tooling (document changes, validate controls).
    • Set up periodic reviews of tool performance, vendor roadmap, SOC maturity.

Final thoughts

Migrating to Google SecOps isn’t a simple platform swap, it’s a redesign of how your SOC operates. The upside: cost efficiency, scale, and automation can be immediate. The risks: migration complexity, content gaps, and operational disruption are real and must be managed deliberately.

As a CISO or SOC leader, treat this as a transformation program. Use the table and/or the full Checklist above to drive decisions; follow a strategic landing plan to sequence work; and anchor on the three non-negotiables outlined above:

  1. A clear detection strategy (migrate only if the value is there; rebuild the rest in YARA-L),
  2. Data onboarding at scale with a parser matrix and cost guardrails, and
  3. An operating model that prevents alert debt from day one through automation and measurable KPIs.

If you want help getting there faster, we can provide a SIEM jumpstart (curated + bespoke YARA-L rules, MITRE gap analysis and coverage, detection reviews, continuous improvement with Intezer engineers), a parser/ingestion plan for multi-cloud, and of course, Intezer Forensic AI SOC’s triage to meet on day-one, 100% alert coverage with full auditability so your analysts focus on the few cases that truly need their context and expertise.

Learn more about how Intezer can help you with your SecOps migration.

The post Comprehensive Google SecOps migration checklist for CISOs and SOC leaders appeared first on Intezer.

  •  

Winning the AI Race Starts with the Right Security Platform

Every CIO and CISO we speak with describes the same paradox: AI is now central to their transformation agenda, yet the fastest way to derail that agenda is to lose control of AI. As generative AI, agentic systems and embedded AI features spread across the enterprise, leaders are no longer asking if they need AI security; they’re asking what kind of AI security strategy will actually scale.

Gartner® has published two recent reports that validate this reality and outline the strategic direction enterprises must take to secure their AI:

Why AI Security Is a Platform Game

Point products can plug individual gaps, but they can’t keep up with the speed, complexity and interconnected nature of AI adoption. And more importantly, they struggle to deliver the trust, consistency or scale AI transformation requires.

Many organizations are already experiencing AI adoption outpacing traditional security tools. Security teams are under pressure on three fronts:

  • Risk – Shadow AI, unmanaged agents and custom LLMs create new pathways for data loss, intellectual property exposure and model misuse.
  • Cost – Each new AI use case brings yet another tool, driving up license, integration and operations costs.
  • Complexity – Fragmented controls across network, data, identity and application stacks create blind spots exactly where AI is moving fastest.

From a CIO or CISO’s perspective, this isn’t just a technical concern but the fault line beneath their entire AI agenda. CIOs are under pressure to deliver productivity gains, cost efficiencies and new AI-powered capabilities faster than ever before.

CISOs, on the other hand, see a parallel reality: custom-built AI applications that may be insecure by default, agents that can act unpredictably, and a constant risk that company secrets or customer data could leak into third-party GenAI tools.

If AI moves forward without security, the enterprise is exposed. If AI slows down because security can’t keep up, the business misses its transformation goals. This is why AI security isn’t a feature; it’s the determining factor in whether AI becomes a competitive advantage or a strategic setback.

Gartner recommends the path forward as “an integrated modular AI security platform (AISP) with a common UI, data model, content inspection engine and consistent policy enforcement.”

Gartner further recommends prioritizing investments in two phases.

Phase 1

Start with AI usage control to secure the consumption of third-party AI services.

Phase 2

Expand into AI application protection to securely develop and run AI applications.

Phase 1: Securing Generative AI Usage Is the “Right Now” Challenge

Before enterprises can secure how AI is developed, they must first understand how it is already being used across the organization. The earliest risks often emerge not from the AI-enabled apps built in-house, but from the external generative AI tools and copilots employees adopt, and often without the IT teams’ knowledge.

That’s why we think the report identifies AI usage control as phase one and why we recommend IT leaders start with these immediate questions to assess their organization’s AI usage.

  • Where is AI actually being used in my organization?
  • Which tools, copilots and agents are in play, and on what data?
  • How do I enable productivity without losing control?

Phase 2: Securing AI Development Early Into the AI Lifecycle

Once public generative AI use is understood, the harder challenge emerges: Securing the AI apps and tools that your organization creates for itself. As models, agents and pipelines move into production, the questions shift from visibility to integrity, safety and scale.

Key questions that organizations must answer in phase two include:

  • What AI applications, models and agents are my teams building, and where do they live?
  • How do I manage the integrity, safety and compliance of AI apps before they reach production?
  • How do I protect models and AI applications from prompt injection, misuse or agentic threats?
  • How do I scale AI innovation without creating security bottlenecks for developers?

Palo Alto Networks Delivers the AI Security Platform

Although organizations can separate the work around securing AI usage and AI development, they are not two separate problems. The same organization that needs visibility into employees using public GenAI apps also needs to protect the AI applications and agents they’ve built as they move into production. A platform approach is what allows shared policies, shared guardrails and shared context across both sides of the AI usage and development equation.

That is exactly the philosophy behind our Secure AI by Design approach:

  • Secure how GenAI is used with Prisma® Browser™ and Prisma SASE to discover AI tools in use, govern access and prevent sensitive data from flowing into public models, all while keeping users productive with GenAI and enterprise copilots.
  • Secure how AI is built with capabilities of Prisma AIRS™, such as model and agent security, AI security posture management, runtime protection, automated testing with AI Red Teaming, as well as coverage for agentic protocols, like MCP, securing custom AI applications, agents and pipelines.

Gartner identifies Palo Alto Networks as “the company to beat” in their newly released report as of December 8, 2025: “AI Vendor Race: Palo Alto Networks Is the Company to Beat in AI Security Platforms.”

We believe we are the AI Security Platform to beat because:

  • Palo Alto Networks product portfolio across network, edge, cloud and data provides a strong foundation for AI usage visibility and control.
  • The acquisition of Protect AI integrated industry-leading AI talent and products resulting in the recently announced Prisma AIRS 2.0, which delivers comprehensive end-to-end AI security, seamlessly connecting deep AI agent and model inspection in development with real-time agent defense at production runtime. The platform, continuously validated by autonomous AI red teaming, secures all interactions between AI models, agents, data and users. This gives enterprises the confidence to discover, assess and protect their entire AI ecosystem, accelerating secure innovation.
  • Complementing the platform, Unit 42®’s deep expertise and Huntr’s bug bounty program, provide security thought leadership that directly improves product effectiveness and threat intelligence. These programs help us continuously uncover new attack patterns, misconfigurations and supply chain risks unique to AI systems, as well as feed those insights directly back into the product roadmap.
  • Our large installed base and distribution channels create a flywheel for AI security platform adoption and learning from our customers and partners.

We also believe that underneath the technical requirements is a deeper truth: CIOs and CISOs want to move fast on AI, but they only feel safe doing so with a partner who has the scale, signal and staying power. This is where our breadth, research depth and ecosystem matter.

Leading Responsibly Means Listening, Innovating and Evolving

Being early is an advantage, but staying ahead requires humility and continuous learning. Leading means seeing what comes next, and Gartner’s insights accelerate our own roadmap as we continue to evolve.

  • Simplifying the Experience: We are integrating capabilities across Prisma AIRS, Prisma SASE and Prisma Browser to make AI security easier to adopt, operate and scale through Strata™ Cloud Manager as the single entry point.
  • Going Deeper into the AI Engineering Pipeline: We recognize that securing AI must start early in the developing environment and ML pipeline, not just at runtime. Our integrations with AI development tools and code repositories will continue to expand.
  • Keeping Pace with a Fast-Moving Market: We are investing in open standards, partnerships and research, so our customers don’t have to chase every point solution that appears. Palo Alto Networks is also a contributing member to OWASP Standards and Threat analysis to help create an industry standard on AI security.
  • Working Along Native AI Controls: Cloud providers and AI platforms are adding their own security features. We aim to complement, not replace, those controls, providing unified visibility, advanced protection and consistent policies across a fragmented AI landscape.

For us, being “the company to beat” is not a finish line. It’s a responsibility to listen carefully to customers, adapt as AI evolves, and keep delivering practical, integrated outcomes rather than isolated features.

If you are a GM, CIO, CISO or AI leader trying to make sense of a rapidly crowding AI security landscape, we believe “GMs: Win the AI Security Battle With an AI Security Platform”​​ is essential reading.

In the end, the real race isn’t about features; it’s about who helps enterprises accelerate transformation safely, reduce risk and compete better with AI they can trust.

 

Disclaimer: Gartner does not endorse any company, vendor, product or service depicted in its publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner publications consist of the opinions of Gartner’s business and technology insights organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this publication, including any warranties of merchantability or fitness for a particular purpose.

Gartner, AI Vendor Race: Palo Alto Networks is the Company to Beat in AI Security Platforms, By Mark Wah, Neil MacDonald, Marissa Schmidt, Dennis Xu, Evan Zeng, 8 December 2025. 

Gartner, GMs: Win the AI Security Battle With an AI Security Platform, By Neil MacDonald, Tarun Rohilla, 6 October 2025.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

The post Winning the AI Race Starts with the Right Security Platform appeared first on Palo Alto Networks Blog.

  •  

Microsoft Deepens Its Commitment to Canada with Landmark $19B AI Investment

Since opening our first Canadian office in Toronto in 1985, Microsoft has played an important role in every chapter of Canada’s digital story, long before cloud and AI were household words. That history matters. Over four decades, our company and our thousands of employees have grown alongside Canada. We’ve developed a deep appreciation for this nation’s culture, values, needs, and important role in the world.

Today we are announcing the most important commitment in Microsoft Canada’s history. We’re adding to our investments—with a total of $19 billion CAD between 2023 and 2027, including more than $7.5 billion CAD in the next two years. We’re building new digital and AI infrastructure needed for the nation’s growth and prosperity, with new capacity beginning to come online in the second half of 2026. Equally important, we’re launching a new five-point plan to promote and protect Canada’s digital sovereignty. And we’re combining this with ongoing and new work to invest in Canada’s people, ensuring they have access to the skills needed to succeed in an AI era.

This builds upon Microsoft’s longstanding and deep relationship with the Canadian people. With more than 5,300 employees across 11 cities nationwide, including Toronto, Vancouver, Montreal, Calgary, Edmonton, Ottawa, and Quebec City, we have employees in every region to bring talent closer to the communities we serve.

Beyond our own team, based on third party estimates, we’re fueling the broader tech ecosystem with more than 17,000 companies that are Microsoft partners in Canada generating between $33B CAD and $41B CAD in annual revenue. Based on this partnership model, Microsoft helps support 426,000 jobs across Canada, including close to 300,000 people who build solutions on Microsoft platforms or provide goods and services for these efforts. As we expand our AI and cloud footprint, these partnerships are helping Canadian organizations to modernize and compete globally.

Our commitment also extends beyond business. In 2024 alone, we donated $219M CAD in grants, employee giving, and technology services to Canadian non-profits and charities.

At its core, our commitment to Canada centres on three things: technology, trust, and talent.

Canada’s AI economy is a major sector of growth, driving innovation, job creation and investment. Canada is scaling homegrown companies while also working with international partners to build the advanced infrastructure our innovators require. Microsoft employs 5,300 Canadians, and their new major commitment shows continued belief in Canada’s talent, economy and AI ecosystem. It boosts AI solutions and helps many firms move faster, compete more effectively, and bring new ideas to market. These types of investments complement the work we are doing to develop and scale the AI economy and grow the next generation of Canadian AI champions.” Honourable Evan Solomon, Minister of Artificial Intelligence and Digital Innovation

AI Diffusion by the top 20 global economies

Technology: Building the Backbone of Canada’s Digital Future

Canada’s AI transformation is accelerating. According to Microsoft’s AI Diffusion Leaderboard, Canada ranks 14th globally in AI adoption, with usage now topping a third of the population. Developer contributions are growing too with Canada ranking 14th worldwide in GitHub AI contributors.

This momentum is clear. Canada is a leader not just in AI research, but in putting AI to good use. But sustaining this momentum requires more than enthusiasm. It demands advanced AI infrastructure, sovereign safeguards, world-class cybersecurity, and a skilled workforce to keep pace with innovation. That’s why Microsoft is investing to create a secure, sustainable, and scalable backbone for AI adoption, empowering Canada to lead confidently in the AI era.

Our investment expands our Azure Canada Central and Canada East datacentre regions, delivering sustainable, secure, and scalable cloud and AI capabilities. These datacentres will power everything from modernized public services to advanced AI innovation—responsibly and within Canadian borders.

Every facility and datacentre we build in Canada reflects Microsoft’s global commitment to sustainability. We’re designing our facilities to be energy-efficient, powered increasingly by renewable energy, and optimized for water conservation through advanced cooling technologies. These steps align with our pledge to be carbon negative, water positive, and zero waste by 2030, ensuring that as we expand our AI and cloud footprint, we do so responsibly—minimizing environmental impact while supporting Canada’s clean energy goals.

Since early 2023, these investments have already launched major infrastructure projects, created thousands of jobs, and partnered with Canadian innovators to drive sustainability and economic growth. These datacentres also translate into thousands of construction and permanent engineering and technology jobs, partnerships with Canadian digital innovators, and a surge in local economic opportunity.

Our infrastructure expansion has helped transform and develop new industries—from retail and finance to cleantech and quantum computing. Firms like Canadian Tire, Manulife, BMO, and Gay Lea Foods are embracing AI to transform their businesses, and their stories are a testament to Canada’s leadership in digital adoption.

To help achieve our 2030 sustainability goals, Microsoft is also investing in Canadian cleantech innovation. Canada is recognized as a global leader in cleantech and carbon removal technologies, and we are proud to collaborate with outstanding Canadian companies like Eavor, Cyclic Materials, Arca, Deep Sky, and Carbon Engineering (via 1PointFive).

Trust: A Five-Point Plan to Protect Canada’s Digital Sovereignty

As important as our investment in AI infrastructure is the new company-wide initiative we are launching to protect Canada’s digital sovereignty. This builds on technology and expertise across Microsoft and is based on a five-part plan to defend Canada’s cybersecurity, keep Canadian data on Canadian soil, strengthen privacy protection, support leading local AI developers, and ensure the continuity of cloud and AI services.

Defending Canada’s cybersecurity

As we enter the second quarter of the 21st century, the protection of digital sovereignty starts with the protection of cybersecurity. Reflecting Microsoft’s long-term presence in Canada, we appreciate how much has changed since the century began. During the first quarter of the century, Canada’s population grew by more than 28 percent and its GDP in real terms grew by more than 55 percent. Changing geopolitics and navigation in the Arctic Ocean have put Canada in a more important global position than ever.

Canada’s growth and importance have made the country a bigger cybersecurity target.

Microsoft has long prioritized the protection of Canadian cybersecurity. With unmatched threat intelligence capabilities based on 100 trillion signals from around the world every day, we’ve seen increasing international targeting of Canadian digital assets, especially from China, Russia, North Korea, and countries across south Asia and the Middle East. This has included influence operations in advance of elections and digital espionage focused on government agencies.

Even more significant, Canada’s diverse and robust economy has become a target of sophisticated international ransomware attacks. Organized criminal groups—some with nation state sponsorship—are targeting every sector of the economy and the public, and they are starting to rely on even more sophisticated technology and techniques, including AI. Our assessment is that in 2025 more than half of cyberattacks against Canada with known motives have been based on financial objectives, and 80 percent of them have involved efforts to exfiltrate data. Almost 20 percent have targeted the healthcare and education sectors, which creates more widespread threats to the public.

To strengthen our protection of Canada’s cybersecurity, we are launching today in Ottawa a dedicated Threat Intelligence Hub. This Hub will house Microsoft subject matter experts in threat intelligence, threat protection research, and applied AI security research. They will have access to Microsoft threat intelligence data and assets from around the world, so they can work closely with the Government of Canada and law enforcement partners to track and interdict nation state actors and organized crime.

In recent months, our team in Canada has been working to thwart China-based threat actors and has been sharing intelligence related to North Korean IT workers using stolen or fake identities to secure jobs with technology companies in Canada. We are dedicated to making this cybersecurity protection even stronger going forward.

Keeping Canadian Data on Canadian Soil

We also recognize the importance of ensuring that our Canadian customers can keep their local data on Canadian soil. This is why we embarked a decade ago, in close consultation with national leaders, to build and open our first two Canadian datacentres to provide local data residency in Toronto and Quebec City. We have steadily expanded our local services each year since. In 2026, we will take three new steps to keep Canadian data on Canadian soil.

First, we will strengthen sovereign controls and expand our data residency commitments by offering in-country data processing for Copilot interactions.

 

Second, we will expand our Azure Local offering in Canada to enable the extension of Azure capabilities to customer-owned environments such as private cloud and on-premises infrastructure.

And third, we will launch Sovereign AI Landing Zone (SAIL) in Canada. This is an open-source AI Landing Zone whose code will be hosted publicly on GitHub, and which will provide a secure foundation for deploying AI solutions within Canada’s borders, so organizations can build, scale, and innovate while maintaining the highest standards of privacy and compliance.

Protecting Canadian privacy

We recognize that privacy is a cornerstone of digital trust. We have long protected the digital privacy of people across Canada. As we look to 2026, we will build on this strong foundation with new technical capabilities and legal measures.

Next year, Microsoft will bring the latest confidential computing capabilities to our Canadian datacentre regions. Confidential computing in Azure enables organizations to keep data encrypted and isolated, even while in use, helping meet stringent digital sovereignty requirements. Azure Key Vault will also be available to Canadian customers, supporting external key management and allowing encryption keys to remain under customer control, whether stored on-premises or with a trusted third-party Hardware Security Module (HSM).

We will couple these technical measures with expanded contractual protection. We are codifying our promise to protect our Canadian customers’ data with a contractual commitment, in which we agree to challenge any government demand for Canadian government or commercial customer data where we have a legal basis for doing so.

Supporting Canada’s AI developers

Canada’s growing AI and digital ecosystem also requires protection and support for the nation’s leading AI developers. We have expanded this work in 2025 and will continue to prioritize these efforts in the year ahead.

Our work with Cohere exemplifies this commitment: we are welcoming Cohere into the Microsoft Foundry’s first-party model lineup, making their advanced language models—Command A, Embed 4, and Rerank—accessible on Azure. This will amplify Canadian innovation on a global stage. This partnership is built on more than technology; it is grounded in trust and shared values, with initiatives to help Cohere scale across Canada and worldwide.

We will explore new ways to integrate Cohere’s sovereign, made-in-Canada AI models into Microsoft services, helping to ensure Canadian enterprises and the public sector benefit from secure, locally developed solutions that embody responsibility and integrity. Together with Canada’s leading innovators, we are building relationships that deliver opportunity and impact while reinforcing the trusted foundation of Canadian digital sovereignty.

Defending the continuity of Canadian cloud services

Finally, in the face of geopolitical uncertainty, continuity is essential. Microsoft pledges to rigorously defend the uninterrupted operation of cloud services for Canadian government customers. If ever confronted with an order to suspend or halt operations in Canada, we will pursue every available legal and diplomatic avenue—including litigation—to protect access to critical infrastructure. Our track record demonstrates our resolve to stand up for customer rights. We remain ready to reinforce this commitment through robust contractual agreements, confident in our ability to ensure the ongoing operation of Canadian datacentres. Ultimately, these efforts aim to deepen trust between people, institutions, and nations, grounded in mutual respect and a shared commitment to advancing Canada’s digital future.

Microsoft’s digital infrastructure in Canada is not built on wheels. It is permanent infrastructure, and fully subject to Canadian laws and regulations. We recognize and respect that our operations in Canada are governed by Canadian law, just as we adhere to local laws in every country where we operate.

A visual showing percentage of working age adults using AI across Canada.

Talent: Investing in the Future for Every Canadian

At its core, every datacentre we build and every AI capability we deploy is an investment in Canadians and their future. Because technology alone doesn’t drive transformation, people do. That’s why it’s imperative to ensure that every Canadian can develop the skills needed to succeed in an AI era.

The need is clear. By 2030, nearly 60 percent of workers worldwide will require new digital skills, yet today only 24 percent of Canadians have received AI training, compared to a global average of 39 percent. Closing this gap is critical for Canada’s competitiveness.

Our new Microsoft Elevate business unit is designed to put people first, making AI opportunities accessible across the country. Since July 2024, Microsoft Canada has engaged 5.7 million learners through free skilling programs, with more than 546,000 individuals completing an AI training course. And we’re not stopping there. By 2026, Microsoft Elevate will help 250,000 Canadians earn in-demand AI credentials, ensuring the workforce is ready for the next decade of innovation.

Our partnerships amplify this impact. The Nonprofit AI Impact Hub, developed with the Canadian Centre for Nonprofit Digital Resilience (CCNDR) and Imagine Canada, strengthens the digital resilience of Canada’s 170,000 charities and nonprofits, which collectively employ 2.7 million people. Through role-based AI training and micro-credentials, we’re equipping this sector with tools to serve communities better.

We’re also investing in the next generation. Today, we are proud to announce a new partnership with Actua, a national leader that brings STEM education to youth throughout Canada, including those in remote, rural, and Indigenous communities. Microsoft Canada and Actua are committed to working with Indigenous communities across Canada to support AI skills development, so that the benefits of AI are felt widely. This partnership will support Actua’s AI Ready and InSTEM (Indigenous Youth in STEM) programs, to equip 20,000 young Canadians with essential AI skills. The InSTEM program will add AI learning for Indigenous youth, blending technology with cultural heritage and knowledge. For instance, students learn how AI tools can help preserve Indigenous languages and support cultural identity.

Canada Can Count on Us

Few American companies have benefitted more than Microsoft from such longstanding ties to Canada. Living so close to the border, we have long appreciated the many attributes that make Canada so special. We share more than geography. We share priorities like security, sustainability, and inclusive growth.

Today, we’re taking this partnership to the next level. We believe Canada has what it takes to help lead the world in responsible AI innovation and adoption, and we’re committed to being a partner every step of the way.

The post Microsoft Deepens Its Commitment to Canada with Landmark $19B AI Investment appeared first on Microsoft On the Issues.

  •  

Flashpoint’s Top 5 Predictions for the 2026 Threat Landscape

Blogs

Blog

Flashpoint’s Top 5 Predictions for the 2026 Threat Landscape

Flashpoint’s forward-looking threat insights for security and executive teams, provides the strategic foresight needed to prepare for the convergence of AI, identity, and physical security threats in 2026.

SHARE THIS:
Default Author Image
December 2, 2025

As the global threat landscape accelerates its transformation, 2026 marks an inflection point requiring defensive strategies to fundamentally shift. The volatility observed in 2025 has paved the way for an era soon to be defined by AI-weaponized autonomy, information-stealing malware, systemic instability of public vulnerability systems, and the complete convergence of digital and physical risk.

Flashpoint offers a unique window into these complexities, providing organizations with the foresight needed to navigate what lies ahead. Drawing from Flashpoint’s leading intelligence and primary source collections, we highlight five key trends shaping the 2026 threat landscape. These insights aim to help organizations not only understand what’s next but also build the resilience needed to withstand and adapt to emerging challenges.

Prediction 1: Agentic AI Threats Will Weaponize Autonomy, Forcing a New Defensive Standard

2026 will see continued evolution of AI threats, with future attacks centering on autonomy and integration. Across the deep and dark web, Flashpoint is observing threat actors move past experimentation and into operational use of illegal AI. 

As attackers train custom fraud-tuned LLMs (Large Language Models) and multilingual phishing tools directly on illicit data, these AI models will become more capable. The criminal intent shaping their misuse will also become more sophisticated. Additionally, 2026 will see a greater marketplace for paid jailbreaking communities and synthetic media kits for KYC (Know Your Customer) bypass.

These advancements are enabling criminals to move beyond simple tools and engage in scaled, autonomous fraud operations, leading to two major shifts:

  1. Agentic AI is becoming the true flashpoint: Threat actors will be using agentic systems to automate reconnaissance, generate synthetic identities, and iterate on fraud playbooks in near real-time. In this SaaS ecosystem, AI will help attackers leverage subscription tiers and customer feedback loops at scale.
  2. The attack surface will shift to focus on AI Integrations: Organizations are increasingly plugging LLMs into live data streams, internal tools, identity systems, and autonomous agents. This practice often lacks the same security vetting, access controls, and monitoring applied to other enterprise systems. As such, attackers will heavily target these integrations, such as APIs, plugins, and system connections, rather than the models themselves.

The ubiquity of automation has dramatically increased attack tempo, leaving many security teams behind the curve. While automation can replace repetitive tasks across the enterprise, organizations must not make the critical mistake of substituting human judgement for AI at the intelligence level.

This is paramount because a critical threat in 2026 is Agentic AI autonomy weaponized against soft targets—API integrations and identity systems. The only winning defense will be human-led and AI-scaled, prioritizing purposeful use to keep organizations ahead of this exponential risk.

Josh Lefkowitz, CEO at Flashpoint

These evolving AI threats will force a fundamental shift in defensive strategies. Defenders will have to shift to deploying systems around AI rather than trust them on their own.

Prediction 2: Identity Compromise via Infostealers Will Become the Foundation of Every Attack

Infostealers will become the entry point, the data broker, the reconnaissance layer, and the fuel for everything that comes after a cyberattack. This shift is already in motion and is accelerating rapidly: in just the first half of 2025, infostealers were responsible for 1.8 billion stolen credentials, an 800% spike from the start of the year. However, 2026 will redefine the malware’s role, making its most valuable output being access, rather than disruption.

Infostealers will become the upstream event that powers the rest of the attack chain. Identity and session data will be increasingly targeted, since it gives attackers immediate access into victim environments. Ransomware, fraud, data theft, and extortion will simply be downstream ways to monetize.

This upstream approach defines the new reality of the attack chain, which is already operational. Nearly every major stealer strain Flashpoint observes now exfiltrates the following:

  • Autofill PII (personable identifiable information)
  • Saved addresses
  • Phone numbers
  • Internal URLs
  • Browsing history
  • Cloud app tokens

An organization’s attack surface is no longer just composed of their own networks. It is the entire digital identity of their employees and partners. This new reality requires security teams to take a new approach. Instead of attempting to block attacks, they must proactively detect compromised credentials before they are weaponized. This will be the difference between reacting to a data breach and preventing one.

The infostealer economy has fully industrialized the attack chain, making initial compromise a low-cost commodity. Multiple security incidents in 2025 tie back to credentials found in infostealer logs. This reality has underscored the critical importance of digital trust—specifically, verifying who can access what resources. For 2026, identity is the perimeter to watch, and security teams must proactively hunt for compromised credentials before they’re weaponized.

Ian Gray, Vice President of Intelligence at Flashpoint

Prediction 3: CVE Volatility Will Force Redundancy in Vulnerability Intelligence

The temporary funding crisis at CVE in April 2025 and the subsequent CISA stopgap extension through March 2026 exposed the systemic fragility of a centralized vulnerability intelligence model. With the future of the CVE/NVD system hanging in the balance, 2026 will be defined by the urgent need for redundancy and diversification in vulnerability intelligence.

In today’s vulnerability intelligence ecosystem, nearly every organization’s vulnerability management framework relies on CVE and NVD—including its “alternatives” such as the EUVD (European Union Vulnerability Database). The CVE system has grown into a critical global cybersecurity utility, relied upon by nearly all vulnerability scanners, SIEM platforms, patch management tools, threat intelligence feeds, and compliance reports. A complete shutdown of CVE would result in a widespread loss of institutional infrastructure.

The next generation of security needs to be built on practices that are resilient, diversified, and intelligence-driven. It should be focused on providing insights that can be used to take action such as threat actor behavior, likelihood of exploitation in the wild, relevance to ransomware campaigns, and business context. Security teams will need to leverage a comprehensive source of vulnerability intelligence such as Flashpoint’s VulnDB that provides full coverage for CVE, while also cataloging more than 100,000 vulnerabilities missed by CVE and NVD.

Prediction 4: Executive Protection Will Remain a Critical Challenge as Cyber-Physical Threats Converge

The continued blurring of lines between cyber, physical, and geopolitical threats will elevate the risk to organizational leadership, turning executive protection into a holistic intelligence function in 2026. The rise of information warfare combined with physical world convergence means the threat to key personnel is no longer purely digital.

In the aftermath of the tragic December 2024 assassination of United Healthcare’s CEO, Flashpoint has seen the continued circulation and glorification of “wanted-style posters” of executives in extremist communities. Additionally, Flashpoint has seen nation-state actors participate, using espionage and influence to target high-value individuals.
Organizations must adopt an integrated approach that connects insights from threat actor chatter and a wealth of other OSINT sources. This fusion of intelligence is essential for applying frameworks to ensure the safety of leadership and key personnel.

Prediction 5: Extortion Shifts to Identity-Based Supply Chain Risk

2025 was marked by several large-scale extortion campaigns, demonstrating how the threat landscape is rapidly evolving. Ransomware operations have shifted into a straight extortion play. Flashpoint has observed a surge in new entrants to the ransomware market, accompanied by a decline in the quality and decorum of ransomware groups.

Furthermore, vishing campaigns attributed to “Scattered Spider” have highlighted weaknesses in identity, trust, and verification. Campaigns from “Scattered LAPSUS$ Hunters” have also exposed vulnerabilities in third-party integrations. These attacks culminated in extortion, showcasing that modern attacks will target trusted users and trusted applications for initial access, and will forgo ransomware in place of data access.

As this shift continues into 2026, threat actors will increasingly focus their efforts on exploiting human behavior and identity systems. Instead of attempting to spend resources on breaking network perimeters, attackers will instead socially engineer employees to gain access to corporate systems at scale. This change in TTPs will undoubtedly greatly increase supply chain risk, especially for third parties.

Charting a Path Through an Evolving Threat Landscape with Flashpoint Intelligence

These five predictions highlight the transformative trends shaping the future of cybersecurity and threat intelligence. Staying ahead of these challenges demands more than just reactive measures—it requires actionable intelligence, strategic foresight, and cross-sector collaboration. By embracing these principles and investing in proactive security strategies, organizations can not only mitigate risks but also seize opportunities to enhance their resilience.

As the threat landscape continues to rapidly evolve, staying informed and prepared are critical components of risk mitigation. With the right tools, insights, and partnerships, security teams can navigate the complexities ahead and safeguard what matters most.

Request a demo.

The post Flashpoint’s Top 5 Predictions for the 2026 Threat Landscape appeared first on Flashpoint.

  •  

Top 15 AI SOC Tools for 2026: SOC Automation Compared

The Security Operations Center (SOC) has always been the heart of enterprise defense, but in 2026, it’s evolving faster than ever.

The rise of AI-driven SOC platforms, often referred to as Agentic AI SOCs, is redefining how enterprises detect, investigate, and respond to threats.

For years, security teams relied on a mix of SIEM, EDR, and MDR vendors to stay ahead of attacks. But these stacks often created their own problems: endless alert noise, long investigation times, and an overworked analyst team stuck in repetitive triage.

The new generation of AI SOC platforms changes that. They leverage large language models (LLMs), enabling SOCs to automatically triage and investigate every alert in minutes, not hours.

In this guide, we’ll break down the Top 15 AI SOC platforms to watch in 2026, ranked by how they balance speed, accuracy, explainability, and coverage across modern enterprise environments.

What is an Agentic AI SOC?

“Agentic” AI refers to systems that don’t just respond, they act. In cybersecurity, an Agentic AI SOC is capable of performing end-to-end investigations, drawing conclusions, and recommending (or executing) responses based on forensic evidence and reasoning.

These platforms are trained not only to summarize alerts but to understand their context, correlating data across endpoints, identities, networks, and cloud systems.

The best AI SOCs of 2026 are explainable, autonomous, and fast, providing the confidence enterprises need to trust machine-led decision-making.

Top AI SOC platforms in 2026 comparison table

PlatformBest forKey strength
Intezer (Forensic AI SOC)Large EnterprisesForensic-level, explainable investigations
7AIEnterprises exploring multi-agent automationMulti-agent orchestration
AiStrikeMid-market SOCsAffordable automated triage
SentinelOne (Purple AI)Enterprises using SentinelOne EDRIntegrated SOC automation
CrowdStrike (Charlotte AI)Falcon ecosystem usersGenerative AI for summaries
BlinkOpsSecurity automation teamsPlaybook-based automation
Bricklayer AIStartupsLightweight triage and reporting
Conifers.aiCloud-native companiesCloud-first visibility
Vectra AIMature SOCsNetwork threat detection
Dropzone AISOC automation innovatorsHuman-in-the-loop design
ExaforceMinimizing SIEM CostAlert routing and prioritization
Legion SecuritySOCs with expert analystsWorkflow management
Prophet.aiPredictive threat modelingProactive threat detection
Qevlar AILLM-driven SOCsAI triage experiments
Radiant SecurityMid-market enterprisesResponse recommendations

1. Intezer: Best AI SOC platform for enterprise SOCs

Best for: Large enterprises that prioritize speed, accuracy, and complete alert coverage.

Intezer AI SOC is built for enterprise and MSSPs, trusted by global brands including NVIDIA, Salesforce, MGM Resorts, Equifax, and Ferguson.
Intezer investigates 100% of alerts in under two minutes with 98% accuracy.

Unlike other platforms that rely solely on LLM-generated heuristics, Intezer fuses human-like reasoning with multiple AI models and deterministic forensic methods,  including code analysis, sandboxing, reverse engineering, and memory forensics.
The result is evidence-backed, explainable verdicts that eliminate the guesswork for SOC analysts.

For enterprises managing millions of alerts across SIEM, EDR, cloud, and identity systems, Intezer delivers full alert coverage and eliminates the low-severity blind spots that MDRs often ignore.

With endpoint-based pricing, Intezer removes the “alert tax” of data-ingest models and helps SOC leaders prove ROI to their boards, without expanding headcount.

Why enterprises choose Intezer

  • 100% alert investigation coverage across SIEM, EDR, phishing, identity, and cloud
  • Sub-2-minute investigations with 98% accuracy
  • Transparent, explainable verdicts
  • Trusted by Fortune 500 enterprises
  • Predictable ROI and cost efficiency

Experience Intezer in action with a custom demo.

Hear what CTO of MGM has to say about Intezer.

2. 7AI: Best for multi-agent SOC automation

7AI is one of the most experimental platforms in the 2026 AI SOC space. It focuses on multi-agent orchestration, where separate AI agents collaborate to triage, enrich, and investigate alerts across different domains.

Screenshot of 7AI product

While its architecture is impressive, 7AI is best suited for innovation-driven security teams that have strong engineering capacity and want to customize workflows. It performs well in large-scale EDR and cloud environments but requires fine-tuning for reliability.

Best for: Enterprises exploring multi-agent SOC architectures.

3. AiStrike: Best for mid-market SOCs

AiStrike targets the mid-market segment with a focus on cost-effective AI triage. It offers a simple, clean dashboard that connects with EDR and SIEM tools to automatically prioritize alerts. While its forensic depth is limited compared to enterprise-grade solutions, AiStrike delivers solid speed and automation for smaller SOCs.

Aistrike dashboard

Best for: Mid-market SOCs that want affordable, plug-and-play AI investigations.

4. SentinelOne (Purple AI): Best for endpoint-centric SOCs

SentinelOne’s Purple AI brings native AI investigation and response into the SentinelOne platform. It’s tightly integrated with SentinelOne’s EDR and XDR stack, which makes it a strong option for organizations already using the SentinelOne’s stack.

SentinelOne Purple AI product image

While Purple AI provides quick, summarized threat analysis and remediation recommendations, it focuses heavily on endpoints rather than full enterprise coverage.

Best for: Enterprises deeply invested in SentinelOne’s ecosystem that want integrated AI triage.

5. CrowdStrike (Charlotte AI): Best for AI-driven summarization

CrowdStrike’s Charlotte AI is the generative assistant within the Falcon platform, built to help analysts ask natural-language questions and interpret alerts faster.

Crowdstrike Charlotte AI product image

While not a fully autonomous SOC, Charlotte AI improves analyst experience and productivity by summarizing incidents and surfacing relevant insights. It’s ideal for teams that want to augment analysts rather than automate full investigations.

Best for: Enterprises using the CrowdStrike Falcon suite that want faster analyst assistance.

6. BlinkOps: Best for automation engineers

BlinkOps focuses on workflow automation, not investigations per se. It enables security teams to build playbooks and automation pipelines that connect multiple tools (SIEM, EDR, IAM, etc.).

BlinkOps prod image

While it doesn’t deliver forensic-level verdicts, BlinkOps is popular among DevSecOps teams that want custom automation flexibility.

Best for: Security engineers looking to automate existing SOC workflows.

7. Bricklayer AI: Best for startups and lean SOCs

Bricklayer AI provides lightweight alert triage and reporting capabilities. It’s built for smaller organizations that want to reduce alert fatigue without complex integrations. Its simplicity and affordability make it a solid entry point for teams without mature SOC processes.

Best for: Startups building early SOC capabilities on a budget.

8. Conifers.ai: Best for cloud-native companies

Conifers.ai specializes in cloud-first security visibility across AWS, Azure, and Google Cloud. Its AI models excel at correlating identity, network, and workload activity to flag potential breaches.

conifer.ai dashboard

It’s not a full SOC replacement, but it significantly enhances cloud investigation and response.

Best for: Cloud-first organizations seeking AI-enhanced detection and context.

9. Vectra AI: Best for network and identity threat detection

Vectra AI has long been a leader in AI-driven network detection and response (NDR). Its platform now extends into AI SOC territory, combining real-time detection with contextual identity analysis.

Vectra AI product image

Vectra is strong in hybrid environments but remains specialized in network telemetry rather than full-stack coverage.

Best for: Enterprises prioritizing network and identity visibility.

10. Dropzone AI: Best for SOC automation innovators

Dropzone AI represents the new wave of human-in-the-loop SOC automation. It allows analysts to supervise and approve actions initiated by AI, blending human expertise with autonomous investigation.

Dropzone.ai product image

While not as proven in large enterprises as Intezer, Dropzone’s agentic architecture makes it an intriguing option for forward-thinking SOCs.

Best for: SOCs experimenting with supervised AI autonomy.

Read about what CISOs are looking for in an AI SOC platform

11. Exaforce: Best for minimizing SIEM cost

Exaforce uses a multi-model AI engine to reduce alert overload, accelerate investigations, and expand detection coverage without relying on a traditional SIEM. Its AI stack, combining data-ingestion models, behavioral machine learning, and large language models, analyzes real-time telemetry while cutting SIEM-related storage and licensing costs.

Exaforce product image

The platform adapts quickly through feedback loops and natural-language business context, continuously refining accuracy and reducing false positives. With investigative graph visualizations and flexible deployment options, Exaforce helps streamline complex investigations.

Best for: Companies struggling with excessive SIEM spend.

12. Legion Security: Best for companies with expert human analysts

Legion automates SOC investigations by capturing and operationalizing real analyst decision-making. Its browser-based agent records every step of an analyst’s workflow such as data reviewed, actions taken, judgments made and then creating reusable investigative logic.

Legion Security product image

These recordings evolve into living agents that can be replayed, tested, refined, and re-executed across new alerts. Legion offers flexible deployment options including cloud, hybrid, or customer-hosted to support diverse security and compliance requirements. 

Best for: Organizations with expert human analysts, looking to create custom AI agents that can mirror their in-house best practices and knowledge. 

13. Prophet Security: Best for predictive SOCs

Prophet focuses on automated alert resolution using agentic reasoning that mirrors how experienced analysts assess user behavior, asset context, and threat indicators. It enriches alerts with data from endpoints, cloud systems, identity platforms, and threat intelligence to deliver high-confidence dispositions without relying on static rules. The platform supports flexible automation, from fully automated closure of benign alerts to analyst-in-the-loop escalation, and includes a copilot-style natural language interface for deeper investigation and threat hunting. 

Best for: Enterprises investing in predictive threat modeling and trend forecasting.

14. Qevlar AI: Best for experimental SOCs

Qevlar is an AI-powered investigation co-pilot that enhances analyst workflows by replicating the reasoning and research steps of human investigators. It ingests alerts from various tools and produces structured, evidence-backed reports with clear verdicts, confidence levels, and referenced data sources. Instead of suppressing or prioritizing alerts, Qevlar enriches and interprets them while preserving full analyst oversight. It also offers an automated documentation engine and support for on-prem deployment.

Best for: SOCs experimenting with AI-based triage prototypes.

15. Radiant Security: Best for mid-market enterprises

Radiant Security positions itself as an AI SOC for the mid-market and differentiates itself with claims of adaptive AI that can learn how to handle never-seen-before alerts as well as a built-in, affordable logging solution leveraging customers’ own archive storage. 

Radiant Security log management

Best for: Mid-market companies looking to eliminate expensive SIEM costs. 

The future of Agentic AI SOCs

The next evolution of SOC automation goes beyond alert management. In 2026 and beyond, Agentic AI SOCs will not only investigate but also take verified actions, quarantining hosts, isolating sessions, and orchestrating containment based on evidence and policy.

This shift demands trust, explainability, and speed. Enterprises can no longer afford “black-box” AI that delivers vague suggestions. They need platforms capable of forensic reasoning, auditability, and full coverage, exactly what Intezer Forensic AI SOC delivers.

SOC leaders who adopt these systems early will gain measurable efficiency, lower operational risk, and stronger security posture, without expanding headcount.

Final thoughts

AI SOC platforms are transforming how enterprises defend against modern threats.
While each platform on this list has unique strengths, Intezer stands out as the clear enterprise choice for those who demand accuracy, speed, and complete visibility.

See how Fortune 500 SOCs cut through the noise, reduce risk, and reclaim their time with Intezer. 

Book a demo to experience Intezer in action.

The post Top 15 AI SOC Tools for 2026: SOC Automation Compared appeared first on Intezer.

  •  

Introducing Intezer Forensic AI SOC

Modern SOC teams face some real challenges. They are drowning in alert volume, short on experienced analysts, and facing a new generation of AI-driven attacks that operate faster than humans can respond. This combination is eroding SOC effectiveness, slowing response times, and creating blind spots where real threats hide in low-severity alerts that teams no longer have the time or capacity to investigate.

To meet this moment, Intezer is proud to unveil Intezer Forensic AI SOC, the only AI SOC platform battle-tested inside some of the world’s most targeted and security-mature organizations. Already trusted by more than 150 enterprises, including 15 of the Fortune 500, the platform brings forensic-grade accuracy, full alert coverage, and sub-minute triage to modern security operations.

Why enterprises need a Forensic AI SOC

As attack surfaces grow, many organizations turn to MDR providers for 24/7 alert triage. But MDRs often operate as black boxes with inconsistent quality, high escalation rates, and limited visibility, leaving low-severity alerts unaddressed and creating gaps adversaries can exploit.

Most “AI SOC” tools depend entirely on AI agents for alert triage and investigation. This leads to surface-level results, slower performance, and higher compute usage, limiting their ability to process large alert volumes, especially low-severity signals where threats frequently hide.

The way forward requires an approach that removes SOC bottlenecks while delivering stronger, more reliable security outcomes. 

Why this matters now

The recent Anthropic AI espionage report marks a turning point. Threat actors are now weaponizing AI agents to automate full intrusion chains at machine speed.

These attacks often leave behind subtle, low-severity breadcrumbs that traditional SOCs and MDRs overlook. Without full alert coverage and forensic-grade triage, organizations cannot detect or contain AI-driven campaigns before they escalate.

This is precisely the gap Intezer’s Forensic AI SOC was built to close.

Watch session on how security leaders prepare for the new era of AI-orchestrated cyber attacks.

The Forensic AI SOC advantage

Intezer Forensic AI SOC flips the AI SOC model on its head. Instead of solely relying on AI Agents and LLMs, our platform combines AI agents and automated orchestration of  deterministic forensic tools, to mimic the triage and investigation methods used by elite responders and perform deep, accurate investigations at speed and scale.

Every alert is examined through a forensic lens using Intezer’s battle-tested capabilities, including endpoint forensics, reverse engineering, network artifact analysis, sandboxing, and other proprietary methods. These are paired with the adaptive research and reasoning of multiple LLMs to ensure both depth and flexibility in every investigation.

Intezer Forensic AI delivers:

  • 100% alert coverage, including low-severity alerts often ignored by SOCs and MDRs
  • Fewer than 4% of alerts escalated for human review
  • 98% accurate, consistent verdicts backed by deterministic evidence
  • 1-minute median triage time
  • Predictable, scalable pricing tied to endpoints, not alert volume or costly model usage

Enterprises get both the intelligence of AI and the rigor of forensics, without sacrificing speed, cost, or accuracy.

Proven in the world’s most targeted enterprises

Intezer supports over 150 enterprises, including 15 of the Fortune 500, across verticals such as finance, tech, pharma, critical infrastructure, hospitality and more. These organizations operate some of the most complex and heavily targeted environments in the world and rely on Intezer to keep their businesses secure. 

“Intezer’s AI-driven triage has been transformative for our SOC. It integrates seamlessly with our existing systems and delivers analyst-level investigations at scale, giving our team the confidence that every alert is handled with forensic accuracy.”

Branden Newman, CTO, MGM Resorts International

Built for the growing demands of enterprise SOCs

Enterprise SOCs must respond not only to rising alert volume, but also to increasing business pressure for speed, consistency, and measurable risk reduction. Companies using Intezer Forensic AI SOC enjoy:

  • Lower business risk
    Every alert, including low-severity signals used by modern attackers, is investigated with dramatically shortened MTTR.
  • Predictable, cost-efficient pricing
    Pricing aligned to endpoints avoids the unpredictable costs of LLM-heavy AI SOCs.
  • Instant time to value
    Hundreds of integrations enable rapid deployment and immediate time-to-value without training models on customer data.
  • Doing more with less
    Reduce MDR dependence and automate analyst workloads to optimize budgets and expand SOC output.

Built by security experts, for security experts

Intezer was founded and shaped by world-class SecOps leaders, security researchers and incident responders who have spent their careers defending some of the most targeted organizations and building foundational cybersecurity technologies.

Our leadership team includes pioneers who helped create and scale major cybersecurity companies. This firsthand experience responding to advanced threats, operating high-pressure SOC environments, and building products used by thousands of security teams worldwide directly informs how Intezer designs its technology.

We understand what analysts need, speed, accuracy, transparency, and trustworthy automation, because we’ve lived those challenges ourselves.

Intezer Forensic AI SOC reflects that operational DNA with a platform built not by generic AI engineers, but by practitioners who have spent years reverse engineering malware, hunting nation-state adversaries, leading global IR engagements, and building tools that analysts rely on every day.

Join the future of the SOC, today!

The SOC is entering a new era. Machine-scaled attacks demand an approach grounded in both forensic rigor and adaptive AI enabling consistent, accurate investigations to defend the enterprise. 

To explore how Intezer’s Forensic AI SOC can strengthen your operations, schedule a conversation with a product expert today!

The post Introducing Intezer Forensic AI SOC appeared first on Intezer.

  •  

Why the “AI SOC Agent” narrative misses the point: The future is about security outcomes, not workflow augmentation

tl;dr Greater productivity ≠ greater security outcomes. Kinda like why being able to accelerate from 0-60 MPH doesn’t help when the ice is cracking under your wheels.

And now, the full version.

AI SOC shouldn’t just “augment workflows”, that’s a productivity-locked perspective. The goal and the delivery capability that exists right now is to deliver full-scale enterprise triage of 100% of alerts with forensicly-accurate verdicts. That looks like streamlined triage, explainable verdicts, measurable accuracy, and operational resilience. There’s already an AI SOC platform that has operationalized what Gartner calls “emerging”.

While recent Gartner reports on “AI SOC Agents” and “SecOps Workflow Augmentation” succeed in elevating the conversation, they also reveal how incomplete that conversation still is. Both documents frame AI in the SOC as a promising but premature experiment, a toolset meant to make analysts more productive, not organizations more secure. That framing misses the point. AI isn’t about automation for automation’s sake; it’s about turning expert knowledge, data, context, and expertise into repeatable, scalable decision-making that covers every alert with confidence and context.

The bias in today’s AI SOC conversation

Gartner’s reports argue that AI SOC agents should be treated as “workflow augmentation tools” to reduce analyst fatigue and improve response efficiency. They recommend cautious adoption, structured pilots, and human-in-the-loop validation. Pragmatic? When LLMs are relied upon solely, sure. But the underlying assumption that enterprise-proven AI is not yet mature enough to deliver reliable outcomes is outdated.

In practice, this mindset anchors the market in productivity metrics, not security performance. It evaluates how efficiently teams work, not how effectively they defend. The focus stays on “mean time to detect” and “mean time to respond,” rather than the more critical questions:

  • Are ALL alerts being triaged?
  • Are verdicts, not just investigations, consistently accurate?
  • Are we actually reducing risk, not just improving the process?
  • Are alerts triaged in seconds & minutes for true containment & response?

That’s where the emerging class of true AI SOC platforms breaks away from the Gartner lens.

Workflow augmentation isn’t security

The distinction matters. Augmentation is an operational improvement; outcomes are a security transformation. Most vendors today build tools that accelerate investigation but still depend on human oversight for every meaningful decision. Those are SOAR 2.0 platforms: automation-centric, workflow-obsessed, and still fundamentally enrichment, not triage.

A true AI SOC, by contrast, triages every alert across the stack autonomously, determines a verdict with auditable reasoning, and escalates only when necessary, typically less than four percent of the time. This isn’t a co-pilot; it’s a teammate that already performs at the level of a seasoned analyst and identifies the needles without the haystack. This is incredible for the SOC analysts that are focused on looking at real alerts.

Security outcome execution is the critical requirement any true AI SOC should provide:

  • Resolve millions of alerts monthly across distributed environments with <4% escalation rates.
  • Deliver verdict accuracy above 97.7% through hybrid deterministic and AI reasoning.
  • Provide explainable decisions, validated by periodic human review and forensic evidence.
  • Uncover real threats in seconds & minutes, not hours.

This isn’t augmentation; it’s execution.

Read more about properly framing the AI SOC conversation.

The “emerging” technology that’s already operational

Gartner describes AI SOC agents as an “emerging technology” that promises to evolve beyond playbook-driven automation. The irony is that enterprise SOCs are already running on these systems today. Fortune 10 environments and thousands of organizations worldwide are triaging every single alert, not just the critical and high-severity ones, through AI that emulates human reasoning at scale.

These systems don’t “pilot” AI; they operationalize it. They deliver 24/7 SOC capability, instant triage, and consistent decision-making grounded in explainable logic, not black-box inference. They prove that an AI SOC is no longer a future-state concept. It’s production-grade infrastructure that’s rewriting what operational maturity means, and has been for years now.

The difference between Gartner’s caution and what’s happening in practice is simple: proof.

Measuring what actually matters

The reports fixate on efficiency → MTTD, MTTR, analyst satisfaction, but those metrics only tell half the story especially for antiquated SOCs. The next generation of AI SOCs defines success through security outcome metrics, including:

  1. Total alert coverage – Every alert analyzed, across all severities and sources.
  2. Verdict accuracy – The supermajority of decisions must be right, consistently and explainably.
  3. Escalation rate – Only the rarest cases should reach human review.
  4. Explainability – Every verdict is clearly backed by evidence: memory scans, forensic traces, and contextual reasoning.
  5. Feedback velocity – Every corrected verdict feeds back into the detection logic, closing the learning loop.

When you measure what truly matters, accuracy, coverage, trust, the difference between AI that “helps” and AI that defends becomes obvious.

Why “AI SOC Agent” ≠ “AI SOC Platform”

The reports conflate two very different things. An “AI SOC agent” is a single use case, an assistant. An “AI SOC platform” is a full operating model: triage, investigation, and response fused into a continuous feedback loop back to detection engineering. One optimizes efficiency; the other drives security transformation.

That’s the real inflection point the industry is standing at. SOCs that treat AI as a productivity booster will get marginal gains, which is a great thing for the industry. SOCs that rebuild around AI as a core operating principle will experience exponential gains with real risk reduction.

In other words: this isn’t about speeding up analysts, it’s about scaling their expertise across the entire alert surface.

From AI promise to proof

The challenge now isn’t technology, it’s perception. The AI SOC has already proven it can outperform legacy models built on manual triage and brittle playbooks. It has shown that full alert coverage, explainable verdicts, and continuous learning can coexist with human oversight and compliance.

The industry doesn’t need another year of pilots to “validate the promise.” It needs a new standard of performance.

The next evolution of the SOC will be measured not by how well it augments workflows, but by how confidently it can:

  • Detect and triage every signal.
  • Deliver verdicts with explainable evidence.
  • Quantify accuracy in measurable, repeatable terms.
  • Strengthen analyst trust through transparency.

That’s the AI SOC outcome model, here today.

Final thoughts

Gartner’s perspective is valuable for shaping the taxonomy of an emerging market. But the reality on the ground has already overtaken the research. The world doesn’t need another whitepaper on “potential.” It needs proof of performance, and it exists.

The future SOC isn’t augmented.

It’s autonomous, accurate, and accountable for strategic security outcomes that CISOs and leaders require, either now or in the next few months with the executive leadership push to operationalize AI.

The world’s largest enterprises today already benefit from the real market-defining traits of a forensic AI SOC.

To learn more about Intezer’s Forensic AI SOC platform, schedule a demo today!

The post Why the “AI SOC Agent” narrative misses the point: The future is about security outcomes, not workflow augmentation appeared first on Intezer.

  •  

What the Anthropic report on AI espionage means for security leaders

1. Introduction: The Benchmark, Not the Hype

For a while now, the security community has been aware that threat actors are using AI. We’ve seen evidence of it for everything from generating phishing content to optimizing malware. The recent report from Anthropic on an “AI-orchestrated cyber espionage campaign”, however, marks a significant milestone.

This is the first time we have a public, detailed report of a campaign where AI was used at this scale and with this level of sophistication, moving the threat from a collection of AI-assisted tasks to a largely autonomous, orchestrated operation.

This report is a significant new benchmark for our industry. It’s not a reason to panic – it’s a reason to prepare. It provides the first detailed case study of a state-sponsored attack with three critical distinctions:

  • It was “agentic”: This wasn’t just an attacker using AI for help. This was an AI system executing 80-90% of the attack largely on its own.
  • It targeted high-value entities: The campaign was aimed at approximately 30 major technology corporations, financial institutions, and government agencies.
  • It had successful intrusions: Anthropic confirmed the campaign resulted in “a handful of successful intrusions” and obtained access to “confirmed high-value targets for intelligence collection”.

Together, these distinctions show why this case matters. A high-level, autonomous, and successful AI-driven attack is no longer a future theory. It is a documented, current-day reality.

2. What Actually Happened: A Summary of the Attack

For those who haven’t read the full report (or the summary blog post), here are the key facts.

The attack (designated GTG-1002) was a “highly sophisticated cyber espionage operation” detected in mid-September 2025.

  • AI Autonomy: The attacker used Anthropic’s Claude Code as an autonomous agent, which independently executed 80-90% of all tactical work.
  • Human Role: Human operators acted as “strategic supervisors”. They set the initial targets and authorized critical decisions, like escalating to active exploitation or approving final data exfiltration.
  • Bypassing Safeguards: The operators bypassed AI safety controls using simple “social engineering”. The report notes, “The key was role-play: the human operators claimed that they were employees of legitimate cybersecurity firms and convinced Claude that it was being used in defensive cybersecurity testing”.
  • Full Lifecycle: The AI autonomously executed the entire attack chain: reconnaissance, vulnerability discovery, exploitation, lateral movement, credential harvesting, and data collection.
  • Timeline: After detecting the activity, Anthropic’s team launched an investigation, banned the accounts, and notified partners and affected entities over the “following ten days”.

Source: https://www.anthropic.com/news/disrupting-AI-espionage

3. What Was Not New (And Why It Matters)

To have a credible discussion, we must also look at what wasn’t new. This attack wasn’t about secret, magical weapons.

The report is clear that the attack’s sophistication came from orchestration, not novelty.

  • No Zero-Days: The report does not mention the use of novel zero-day exploits.
  • Commodity Tools: The report states, “The operational infrastructure relied overwhelmingly on open source penetration testing tools rather than custom malware development”.

This matters because defenders often look for new exploit types or malware indicators. But the shift here is operational, not technical. The attackers didn’t invent a new weapon, they built a far more effective way to use the ones we already know.

4. The New Reality: Why This Is an Evolving Threat

So, if the tools aren’t new, what is? The execution model. And we must assume this new model is here to stay.

This new attack method is a natural evolution of technology. We should not expect it to be “stopped” at the source for two main reasons:

  1. Commercial Safeguards are Limited: AI vendors like Anthropic are building strong safety controls – it’s how this was detected in the first place. But as the report notes, malicious actors are continually trying to find ways around them. No vendor can be expected to block 100% of all malicious activity.
  2. The Open-Source Factor: This is the larger trend. Attackers don’t need to use a commercial, monitored service. With powerful open-source AI models and orchestration frameworks – such as LLaMA, self-hosted inference stacks, and LangChain/LangGraph agents – attackers can build private AI systems on their own infrastructure. This leaves no vendor in the middle to monitor or prevent the abuse.

The attack surface is not necessarily growing, but the attacker’s execution engine is accelerating.

5. Detection: Key Patterns to Hunt For

While the techniques were familiar, their execution creates a different kind of detection challenge. An AI-driven attack doesn’t generate one “smoking gun” alert, like a unique malware hash or a known-bad IP. Instead, it generates a storm of low-fidelity signals. The key is to hunt for the patterns within this noise:

  • Anomalous Request Volumes: The AI operated at “physically impossible request rates” with “peak activity included thousands of requests, representing sustained request rates of multiple operations per second”. This is a classic low-fidelity, high-volume signal that is often just seen as noise.
  • Commodity and Open-Source Penetration Testing Tools: The attack utilized a combination of “standard security utilities” and “open source penetration testing tools”.
  • Traffic from Browser Automation: The report explicitly calls out “Browser automation for web application reconnaissance” to “systematically catalog target infrastructure” and “analyze authentication mechanisms”.
  • Automated Stolen Credential Testing: The AI didn’t just test one password, it “systematically tested authentication against internal APIs, database systems, container registries, and logging infrastructure”. This automated, broad, and rapid testing looks very different from a human’s manual attempts.
  • Audit for Unauthorized Account Creation: This is a critical, high-confidence post-exploitation signal. In one successful compromise, the AI’s autonomous actions included the creation of a “persistent backdoor user”.

6. The Defender’s Challenge: A Flood of Low-Fidelity Noise

The detection patterns listed above create the central challenge of defending against AI-orchestrated attacks. The problem isn’t just alert volume, it’s that these attacks generate a massive volume of low-fidelity alerts.

This new execution model creates critical blind spots:

  1. The Volume Blind Spot: The AI’s automated nature creates a flood of low-confidence alerts. No human-only SOC can manually triage this volume.
  2. The Temporal (Speed) Blind Spot: A human-led intrusion might take days or weeks. Here, the AI compressed a full database extraction – from authentication to data parsing – into just 2-6 hours. Our human-based detection and response loops are often too slow to keep up.
  3. The Context Blind Spot: The AI’s real power is connecting many small, seemingly unrelated signals (a scan, a login failure, a data query) into a single, coherent attack chain. A human analyst, looking at these alerts one by one, would likely miss the larger pattern.

7. The Importance of Autonomous Triage and Investigation

When the attack is autonomous, the defense must also have autonomous capabilities.

We cannot hire our way out of this speed and scale problem. The security operations model must shift. The goal of autonomous triage is not just to add context, but to handle the entire investigation process for every single alert, especially the thousands of low-severity signals that AI-driven attacks create.

An autonomous system can automatically investigate these signals at machine speed, determine which ones are irrelevant noise, and suppress them.

This is the true value: the system escalates only the high-confidence, confirmed incidents that actually matter. This frees your human analysts from chasing noise and allows them to focus on real, complex threats.

This is exactly the type of challenge autonomous triage systems like the one we’ve built at Intezer were designed to solve. As Anthropic’s own report concludes, “Security teams should experiment with applying AI for defense in areas like SOC automation, threat detection… and incident response“.

8. Evolving Your Offensive Security Program

To defend against this threat, we must be able to test our defenses against it. All offensive security activities, internal red teams, external penetration tests, and attack simulations, must evolve.

It is no longer enough for offensive security teams to manually simulate attacks. To truly test your defenses, your red teams or external pentesters must adopt agentic AI frameworks themselves.

The new mandate is to simulate the speed, scale, and orchestration of an AI-driven attack, similar to the one detailed in the Anthropic report. Only then can you validate whether your defensive systems and automated processes can withstand this new class of automated onslaught. Naturally, all such simulations must be done safely and ethically to prevent any real-world risk.

9. Conclusion: When the Threat Model Changes, Our Processes Must, Too.

The Anthropic report doesn’t introduce a new magic exploit. It introduces a new execution model that we now need to design our defenses around.

Let’s summarize the key, practical takeaways:

  • AI-orchestrated attacks are a proven, documented reality.
  • The primary threat is speed and scale, which is designed to overwhelm manual security processes.
  • Security leaders must prioritize automating investigation and triage to suppress the noise and escalate what matters.
  • We must evolve offensive security testing to simulate this new class of autonomous threat.

This report is a clear signal. The threat model has officially changed. Your security architecture, processes, and playbooks must change with it. The same applies if you rely on an MSSP, verify they’re evolving their detection and triage capabilities for this new model. This shift isn’t hype, it’s a practical change in execution speed. With the right adjustments and automation, defenders can meet this challenge.

To learn more, you can read the Anthropic blog post here and the full technical report here.

The post What the Anthropic report on AI espionage means for security leaders appeared first on Intezer.

  •  

The Next Phase of Aurora: Open and Collaborative AI for Weather and Climate Forecasting 

Around the world, the dangers of extreme weather are a daily reality. In 2024, extreme weather displaced or disrupted the lives of more than 800,000 people worldwide —a reminder that accurate, timely forecasts aren’t just about data; they’re about people. From farmers deciding when to plant to coastal communities preparing for hurricanes, better forecasting can save lives, protect infrastructure, and support economies. 

That is why Microsoft remains deeply committed to Aurora, an AI model designed to help scientists understand Earth systems in new ways. Trained on vast amounts of data, it’s tuned to model the Earth’s systems. Aurora has already shown promise across multiple scenarios, including predicting the weather, tracking hurricanes and air quality, and modeling ocean waves and energy flows. 

Today, we are reaffirming our commitment: keep Aurora open, collaborative, and impactful so researchers can innovate faster and deliver solutions that help communities prepare, adapt, and thrive. Scientific progress depends on openness and a strong global community, which is why Aurora will progress as an open-source platform, enabling scientists everywhere to contribute and apply it to new climate and weather challenges. 

The next phase: Fueling innovation through research partnerships

We’re collaborating with Professor Rich Turner, a leader in machine learning research, and his lab at the University of Cambridge through a Microsoft AI for Good grant and research scientists to continue development of Aurora. Originally developed by Microsoft Research AI for Science, with collaboration from Professor Turner, we believe Aurora has the potential to change the way scientists around the world can use AI for weather and climate science. 

Building on our SPARROW initiative, we’re also investing in research of open-source weather stations that can expand access to high-quality environmental data. These affordable, community-deployable systems are designed to help fill critical observation gaps and strengthen the dependability of weather predictions where they matter most. 

Making Aurora available to scientists everywhere

Aurora’s source code and model weights are already open—but we’re going further. Together with Turner and Cambridge, our AI for Good team will open-source future releases of Aurora and new models that are built upon it, including training pipelines. By making Aurora open and free to build upon, we’re enabling researchers and developers everywhere to collaborate, contribute, and drive innovation together. 

Empowering national meteorological services

As with any technology, the measure of success for tools like Aurora is to have a positive impact on the lives of people. Empowering national meteorological services across the Global South, along with the Global North, is a priority.  We’re particularly focused on the application of Aurora to help meteorological services develop and strengthen their own forecasting systems that are tailored to their own local environments. This will allow them to adapt, extend, and innovate on top of Aurora, improving the accuracy, reliability, and reach of their forecasts. 

Enabling a cross-industry ecosystem

Aurora is trained on one of the largest collections of atmospheric data ever assembled to develop an AI forecasting model. It’s then fine-tuned to perform a variety of specific tasks, like predicting wave height or air quality, using modest amounts of additional data.  

The application of such a model could unlock innovation across all kinds of other industries. For example, energy companies and commodity traders have expressed interest, particularly in seeing how Aurora can be adapted to better predict renewable power generation, anticipate extreme weather events, and help protect energy grids. 

We are excited to see our work on Aurora graduate from a research project into a truly collaborative, open-source effort. By opening Aurora to the global community, we’re enabling breakthroughs in scientific understanding that we hope will transform humanitarian aid, optimize energy systems, advance sustainability, and even reshape financial services. 

The post The Next Phase of Aurora: Open and Collaborative AI for Weather and Climate Forecasting  appeared first on Microsoft On the Issues.

  •  

Uplifting and empowering young people for an AI future

Today, I had the pleasure of joining a range of leaders for timely, impactful discussions on child well-being in the age of AI at the Vatican, building on thoughtful conversations held during the United Nations General Assembly. These issues are top of mind globally, from parents to policymakers to physicians.

At Microsoft, we remain focused on our goal of empowering young people to use technology safely, mindfully, and in pursuit of social, educational, and economic opportunities. That means taking new steps spurred by regulation, such as new age verification measures for our UK Xbox users, as well as adapting our longstanding commitments to responsible AI and child online safety and privacy to build trust in the AI era. Today, we’re sharing new research on youth perspectives, announcing the AI Futures Youth Council to amplify teen voices, and offering policy recommendations to help families navigate the digital world with confidence.

Centering young people’s voices: Announcing the AI Futures Youth Council and new age assurance research

In 2017, Microsoft led the industry with our first Council for Digital Good—a forum where we could hear directly from young people about their experiences and perceptions of online risk. In 2025, with AI reshaping our world—and their future—we again need to center the voices of young people as we think about responsible design for AI and how we set students up for the future. We are actively working with teens from the Asia-Pacific region to develop our first “for teens, by teens” guide to AI chatbots. Today, I’m pleased to announce the upcoming launch of our first “AI Futures Youth Council,” bringing together teens from the US and Europe to have their say on their future. We’ll share more about the application process soon.

We know that a critical precursor to providing young people positive and productive online experiences is understanding which users are young people. Around the globe, the debate over how to achieve age assurance online continues unabated. We have been grateful to work with CIPL and the WeProtect Global Alliance over the last year to explore how to achieve improved age assurance that is consistent with fundamental rights of privacy and access to information. As with any other safety intervention, our goal is to be proportionate and thoughtful where we take new steps, which is why we have focused on gaming in the first instance—reflecting the responsibilities we have to our youngest users and our ongoing commitment to player safety.

To inform our strategy and the broader policy conversation, we partnered with Praesidio Safeguarding to better understand youth perspectives on age assurance approaches across the UK, Ghana, and Indonesia. We are pleased to share that research today. The findings reinforce the importance of transparency, choice, and trust: teens want clear explanations of how their data is used, express concerns about exclusion where formal proof of age is lacking and show varying comfort levels with the use of biometric and behavioral data. Notably, young people value parental involvement but also highlight the need for independence and privacy as they mature. The results also highlight some of the important differences across geographies. For example, teenagers in Ghana often not only share devices with their families but may also share an account—underscoring a need for nuanced global approaches at multiple layers of the technology stack.

These insights underscore our belief that proportionality—matching safeguards to actual risks—is essential to building trust and empowering youth online. They also highlight the need for age assurance models that are inclusive, flexible, and respectful of youth autonomy—especially in global contexts where device and account sharing are common. We remain committed to ongoing dialogue and innovation, ensuring that our solutions evolve alongside the needs and expectations of children, families, and society at large.

Our policy recommendations: Empower young people to use technology safely

We believe technology should empower young people, not put them at risk. Given the diverse range of online services, it is important to remember there is no single “digital seatbelt” to protect and empower young people online.

We therefore offer the following recommendations as policymakers, regulators, and experts continue to discuss these issues, building on our 2024 blog:

  • Avoid blanket access restrictions. Age assurance requirements that block full access to a service—except in limited cases like sites dedicated to age-restricted content (e.g., pornography)—can unintentionally limit child rights, such as access to information. Instead, age assurance should be applied at the service level, target specific design features that pose heightened risks, and enable tailored experiences for children.
  • Focus on the highest risks for impact, such as content and features associated with documented harms to children, and as determined through democratic processes. Providers should take steps to assess and mitigate risks to children on their services, while ensuring documentation requirements or compliance obligations do not inadvertently undermine safety. A risk-based and proportionate approach—grounded in clear criteria and supported by interoperable standards—can also help ensure that age assurance is applied where most needed, without introducing unnecessary friction. Providers of high-risk services should bear the responsibility of age assurance.
  • Strengthen safeguards for AI companions. Recent tragic events have highlighted the need for continued care in developing AI companions, especially where these may be used by young people. At Microsoft, we are building AI services for empowerment and want the right guardrails in place to protect all users but welcome new, commonsense measures such as those enacted in California and Australia to reduce the potential harms related to suicide and self-injury risks, as well as to sexualized or violent content. We will continue to work closely with researchers and experts to understand and mitigate potential risks to young people in this fast-evolving field.
  • Incentivize age-appropriate design. Banning kids from online services isn’t the answer, but what constitutes an “age-appropriate” experience will vary. We have supported a duty of care approach to child safety where the duty can be implemented flexibly, guided by thoughtful and evidence-based regulatory guidance. Ongoing research and expert engagement are needed to understand how to advance child safety and rights on diverse services—not just social media.
  • Protect the privacy and security of all users. Tailoring age assurance requirements will help enable proportionate approaches to data processing. Current proposals for age verification by app stores risk creating significant privacy risks by collecting sensitive information and sharing unnecessary age data with a wide variety of services while also not solving the challenges lawmakers want to address. We continue to support federal privacy legislation in the US and encourage global efforts to develop standards and certifications for age assurance providers. Trusted credential sharing can also increasingly be enabled by emerging digital identity ecosystems—including government-issued IDs and wallet-based models—that preserve mutual privacy between issuers and relying parties.
  • Support, not overwhelm Our Global Online Safety Survey results show that while parents might underestimate the risks teens face online, teens are most likely to turn to a parent for help. Parents should not face a deluge of notifications nor bear the sole responsibility for safety but have access, awareness, and education on family safety tools that can help them make informed choices appropriate for their family and their values.
  • Foster multistakeholder collaboration. We believe it’s essential to elevate the voices and perspectives of young people, as well as for regulators and industry to engage with civil society and partner to advance practical solutions. As child safety regulations come into force, it will also be important to get feedback from affected communities on where regulation may have adverse rights impacts, as well as to understand where harm may have been averted. Public education will be needed to help all users understand why their online experiences might be changing.

We will continue learning, listening, and collaborating, especially with our new Council, and look forward to sharing our insights.

 

 

The post Uplifting and empowering young people for an AI future appeared first on Microsoft On the Issues.

  •  
❌