A Perspective On Russia linked threat actors targeting Signal, WhatsApp and Telegram From Detectify

Posted in Commentary with tags on March 27, 2026 by itnerd

Following up on the recent news of Russia linked threat actors targeting Signal, WhatsApp and Telegram Fredrik Almroth, co-founder and Security Researcher at appsec security firm Detectify serves up some perspective on how messaging apps and personal devices are becoming an increasingly important part of the real attack surface.

“The broader lesson is that organizations should stop treating secure messaging as a silver bullet. Strong encryption matters, but it does not protect you if the endpoint is compromised or the account itself is hijacked. What makes this trend so concerning is that it blurs the line between consumer technology and resilience infrastructure. Messaging apps, smartphones, and linked devices are now woven into how governments, companies, and critical sectors actually function – often adopted at a velocity that traditional security struggles to match.

Modern defense is no longer just about protecting official systems, but about protecting the communications reality people actually operate in. The attack point is often not the ‘secure bunker,’ but the phone in someone’s pocket. From an attacker’s perspective, these channels are attractive precisely because they are trusted, ubiquitous, and often far less visible to defenders than formal enterprise systems. If hostile actors can reach decision-makers, staff, or even suppliers through trusted channels, they can bypass a surprising amount of traditional security.

Often, they do not need to break encryption at all. They just need to compromise the device, hijack the account, abuse a linked-device workflow, or trick the user at the right moment. This is why the communications layer around sensitive institutions is now part of the real attack surface.

In practice, that means paying far more attention to mobile-device hygiene for executives and other high-risk personnel. You don’t just need to secure the network, but also improve the communications habits around your it. Smart attackers will always go for the points of least resistance.You can spend millions hardening formal systems, but if your most sensitive conversations are happening on poorly governed devices and trusted consumer apps, that’s where they’ll go.”

Leave a comment »

NCSC urges industry to secure “vibe coding” as AI-generated software adoption accelerates

Posted in Commentary with tags on March 27, 2026 by itnerd

This week at the RSA Conference, the UK’s National Cyber Security Centre (NCSC) CEO Richard Horne called on the cybersecurity community to develop safeguards around “vibe coding” as adoption of AI-assisted development tools continues to grow and presents both opportunities and risks.

Horne stated that while AI-generated code could help reduce vulnerabilities if implemented securely, it also has the potential to introduce or propagate weaknesses if not properly designed and reviewed. The NCSC emphasized that AI development tools must be secure by design and trained to avoid generating insecure code, as part of a broader effort to improve software security outcomes.

The agency also noted that the rapid growth of AI-assisted development is expected to drive wider adoption of “vibe coding,” making it critical for security professionals to establish controls and best practices early. The NCSC said the industry has both the opportunity and responsibility to ensure that AI-driven software development results in more secure systems over time.

   “To combat this “multi-dimensional” threat, our collective approach to defending our societies must match that, likening cyber defense to a full court press in basketball, where “collective pressure from all actions together” can have greatest impact,” Horne said.

Rajeev Raghunarayan, Head of GTM, Averlon had this to say:

   “Richard Horne is right to flag vibe coding as a security concern. The deeper risk is what it does to the underlying environment. More AI-generated code means more updates, more dependencies, and faster change across systems that security teams are still struggling to keep pace with.

   “The challenge isn’t just whether AI generates insecure code. Environments no longer stay stable long enough to evaluate risk the way teams operated traditionally through point-in-time scans, static prioritization, and backlog-driven remediation. Security must move at the same pace as the introduced changes, meaning it must evaluate and address risk as it happens, not weeks or months later.”

Ryan McCurdy, VP of Marketing, Liquibase adds this comment:

   “AI compresses the time between idea and production, raising the stakes for change control. When database changes reach production without policy enforcement, approvals, drift detection, and auditability, companies multiply risk with every release. The consequences show up in outages, compliance exposure, slower incident response, and inconsistent data that weakens execution across the business.

   “Leaders who govern change well can scale AI with more control, protect business-critical operations, and accelerate transformation without increasing operational risk.”

Michael Bell, Founder & CEO, Suzu Labs follows with this comment:

   “The NCSC’s Richard Horne is right that the cybersecurity community needs to get ahead of vibe coding rather than fight adoption. The commandments his team published at RSA this week are all individually correct. Secure model defaults. AI code reviews. Deterministic guardrails. Secure hosting. But treating them as a checklist misses how security actually works. No single control catches everything.

   “Vibe coding security needs to be defense in depth. Security checks at the model layer, at pre-commit, at the build pipeline, at deployment, and at runtime. Each layer catches what the previous one missed. We’ve already seen what happens when security depends on one check. When researchers examined vibe-coded applications, 10% of apps on one platform had the exact same security misconfiguration, and broader research shows only 10.5% of AI-generated code is secure even when 61% is functionally correct.

   “The NCSC’s CTO imagined a future where AI code ends up more locked down than any SaaS product ever was. That’s achievable. But only if we build layered security infrastructure to match the speed of AI-assisted development. One check at one stage is a half-court trap. The adversary gets around it. Defense in depth is the full court press.”

There a dangers in terms of using AI to write code. Organizations need to be aware of that and take the right mitigations before something really bad happens. And I do mean really bad.

Leave a comment »

Google Warns Q-Day Now Coming in 2029

Posted in Commentary with tags on March 27, 2026 by itnerd

Google has issued a new warning urging companies that they should now prepare for Q-Day in 2029:

As a pioneer in both quantum and PQC, it’s our responsibility to lead by example and share an ambitious timeline. By doing this, we hope to provide the clarity and urgency needed to accelerate digital transitions not only for Google, but also across the industry.

Quantum computers will pose a significant threat to current cryptographic standards, and specifically to encryption and digital signatures. The threat to encryption is relevant today with store-now-decrypt-later attacks, while digital signatures are a future threat that require the transition to PQC prior to a Cryptographically Relevant Quantum Computer (CRQC). That’s why we’ve adjusted our threat model to prioritize PQC migration for authentication services — an important component of online security and digital signature migrations. We recommend that other engineering teams follow suit.

The full statement can be found here: https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/

Lieutenant General Ross Coffman (U.S. Army, Ret.) who currently serves as President of Forward Edge-AI, provided the following comment:

“I am elated by Google’s announcement. We’ve been saying it for two years. The shock clock has started. We don’t know when, but we know Q-Day is coming. It’s time to get ready.” 

This is a real threat that organizations need to prepare for. And preparations need to begin today because 2029 seems like a long time. But it isn’t/

Leave a comment »

DH2i to Host Live Webinar “High Availability, Simplified: What’s New in DxEnterprise v26 & DxOperator v2”

Posted in Commentary with tags on March 26, 2026 by itnerd

DH2i today announced it will host a live webinar titled, “High Availability, Simplified: What’s New in DxEnterprise v26 & DxOperator v2.” This demo-driven event is intended to provide IT teams with a practical, real-world look at how to simplify and strengthen Microsoft SQL Server high availability across increasingly complex, multi-platform environments.

When: April 16 at 12:00 pm Eastern Time / 9:00 am Pacific Time

What: IT teams are under pressure to support more platforms, protect against increasingly diverse security threats, and fulfill higher uptime expectations for SQL Server – and they are often forced to do it with a complex patchwork of platform-limited solutions.

DH2i has unveiled the latest iteration of its high availability software and SQL Server operator for Kubernetes with DxEnterprise v26 and DxOperator v2. This all-in-one software solution introduces brand new capabilities and enhancements to simplify HA management for your most critical workloads, ensure robust network security against modern threats, and streamline cluster management across Windows, Linux, containers, and the cloud.

Join DH2i for this fast-paced session where they will walk through how its latest software release easily layers right on top of any mix of existing infrastructure to enable:

  • SQL Server K8s scale-up AND scale-down automation
  • Granular database-level monitoring with more predictable and reliable failover
  • Seamless integration with K8s StatefulSets for streamlined pod management
  • Optimized security & performance for heterogeneous environments

Featured Speaker: Sasindu Wickramasingha Gamachchige, Sr. Technical Engineer, DH2i 

Sasindu Wickramasingha Gamachchige is DH2i’s behind-the-scenes superhero. By day, a Sr. Technical Support Engineer, by night… still a Sr. Technical Support Engineer (because high availability never sleeps). Armed with deep expertise in complex IT environments and superhuman troubleshooting instincts, he protects mission-critical systems from chaos and downtime. Gamachchige brings calm confidence to even the most stubborn clusters. 

Learn more and register herehttps://dh2i.com/webinar-simplified-high-availability-solution/ 

Leave a comment »

Chinese Hackers Plant Digital Sleeper Cells in Telecom Backbone

Posted in Commentary with tags on March 26, 2026 by itnerd

Researchers at Rapid 7 have uncovered evidence of an advanced China-nexus threat actor, Red Menshen, placing stealthy digital sleeper cells in telecommunications networks to carry out high-level espionage, including against government networks.

Rapid 7 has a blog post on this here: https://www.rapid7.com/blog/post/tr-bpfdoor-telecom-networks-sleeper-cells-threat-research-report/

Lieutenant General Ross Coffman (U.S. Army, Ret.) who currently serves as President of Forward Edge-AI, provided the following comment:

“Chinese hackers caught deep in the backbone of telecommunications infrastructure are doing so for high-level espionage.

Anyone that’s surprised by this news should be embarrassed. This is not the end nor the beginning. We’re in a fight to protect our data. PWC technologies that protect data inflight need to be deployed across verticals to protect the US and the free world against China and other malicious actors.”

This shows how far threat actors are willing to go to execute whatever plans that they have. This is crafty and stealthy and dangerous. Defenders should bear that in mind.

Leave a comment »

AI Infrastructure Emerges as Cyber War Target Says CloudSEK

Posted in Commentary with tags on March 26, 2026 by itnerd

Cybersecurity firm CloudSEK has published research showing that the infrastructure organisations use to train and deploy AI systems is dangerously exposed. The report focuses on MLOps platforms, the operational backbone of modern AI, and finds that leaked credentials and misconfigured deployments are handing adversaries quiet, persistent access to systems that were never designed with security in mind.

The timing matters. After US and Israeli forces struck Iranian nuclear and military sites on February 28, 2026, Iranian APT groups, including MuddyWater, APT34, APT33, and APT35 showed clear signs of heightened activity. But CloudSEK’s analysts note that the footholds these groups hold inside Western defence, financial, and aviation networks were not built in response to that escalation. They were built before it.

What CloudSEK Found

In a 72-hour scan of public GitHub repositories and internet-facing infrastructure, the research team identified:

  • Over 100 exposed credential instances tied to platforms including ClearML, MLflow, Kubeflow, Metaflow, ZenML, and Weights & Biases. Keys were hardcoded directly into source files, configuration scripts, and environment files that were left public.
  • More than 80 MLOps deployments are sitting open on the public internet with weak or no authentication. Basic scanning tools like Shodan and FOFA were enough to find them.
  • Multiple platforms where anyone could create an account, walk into the dashboard, browse active projects, pull model artifacts, and access connected cloud storage credentials with no barriers at all.
     

None of this required exploiting a software vulnerability. It used the same interfaces that engineers use every day.

Why MLOps Platforms Are Worth Targeting

MLOps platforms coordinate everything in an AI operation: training pipelines, model storage, cloud integrations, and execution agents that run around the clock. Getting inside one of these platforms gives an attacker far more than a data breach. It gives them four things:Dataset exfiltration: training data typically contains surveillance feeds, telemetry, and behavioural analytics. Studying it tells an adversary exactly what signals a model trusts and where its blind spots are.

Model theft: downloaded model files can be analysed offline to reverse-engineer the decision logic behind AI systems used in targeting, surveillance, or autonomous operations. Training data poisoning: with write access to a pipeline, adversaries can subtly corrupt retraining inputs. The model degrades over time, with no forensic trace and no security alert. Execution environment abuse: MLOps workers trust instructions from the control plane. Attackers can use that trust to run arbitrary code inside the compute infrastructure connected to sensitive internal networks.

A Multi-Actor Threat Landscape

The MLOps threat does not sit with Iran alone. North Korea’s Lazarus Group and TraderTraitor have spent years hiding malicious packages inside npm and PyPI ecosystems, quietly compromising developer infrastructure at scale. Chinese APT groups have a direct strategic interest in understanding how Western militaries use AI-assisted decision-making. Russia, too, has been watching.

Proxy groups add further complexity. Hamas-affiliated MOLERATS, Hezbollah-linked operators, and Houthi-aligned actors have all been documented running cyber operations in parallel with kinetic activity, often targeting the same organisations their backers have in their sights.

The report’s sharpest point is about intent. These actors do not need to destroy an AI system. They need to make it unreliable. A targeting model whose thresholds shift through poisoned retraining data, an anomaly detector tuned to ignore a specific pattern: that is battlefield sabotage. It leaves no forensic trace, triggers no security alert, and has no obvious point of attribution.

The Security Gap No One Is Talking About

The core problem is not a software bug. It is a maturity gap. CI/CD systems and cloud IAM services have been hardened through more than a decade of real-world attack exposure. Most MLOps platforms have not. They were built to speed up model development, and security was rarely part of the original brief.

One finding stands out. Cloud storage credentials for AWS S3, Google Cloud Storage, and Azure Blob are routinely stored inside MLOps platform interfaces in a form that can simply be retrieved. Anyone who gets into the platform gets the keys to the cloud storage too. One breach becomes two.

What Organisations Should Do Now

CloudSEK lays out four immediate steps:

  • Stop hardcoding credentials. API keys, access tokens, and cloud credentials have no place in source code or config files. Use a dedicated secrets manager and rotate regularly.
  • Take MLOps platforms off the public internet. Enforce authentication, segment networks, and switch off open self-registration on any externally accessible instance.
  • Drop static cloud storage keys in favour of short-lived, role-based credentials. It limits how far a compromise can spread.
  • Treat MLOps like the critical infrastructure it is. Monitor access to datasets, models, and pipelines with the same rigour applied to CI/CD systems and cloud control planes.
     

Note on Responsible Disclosure

This research was conducted using publicly accessible information. All validation was performed passively, with no modifications made to any systems, pipelines, datasets, or models. All sensitive details, including credential values and organizational identifiers, have been redacted.

For More Details, Read The Full Report

Leave a comment »

Radiant Logic and Badge Enter into an OEM Agreement 

Posted in Commentary with tags on March 26, 2026 by itnerd

Radiant Logic today announced an OEM agreement with Badge Inc. Under the agreement, Badge’s patented zero-knowledge authentication is embedded directly into the RadiantOne platform, enabling enterprises to unify authentication and authorization across unfederated identity domains — including complex Active Directory environments, cloud identity providers, and AI agent ecosystems. 

The Cross-Domain Identity Problem 

Enterprises operating across multiple Active Directory forests, Kerberos realms, and cloud identity providers face one of the most persistent and expensive challenges in IT: enabling secure cross-domain access without rearchitecting their directory infrastructure. This problem intensifies during mergers and acquisitions, healthcare system consolidations, and government agency modernizations, where unfederated domains must coexist for months or years. 

The emergence of AI agents compounds the challenge. Organizations deploying agentic AI have limited visibility into which agents exist across their environment, what permissions they hold, and how they authenticate across domain boundaries. 

RadiantOne with Badge: A Platform-Level Solution 

The RadiantOne platform now combines Radiant Logic’s identity data unification and observability capabilities with Badge’s zero-knowledge, device-independent authentication to solve these challenges end to end: 

Identity Unification and Observability. RadiantOne aggregates and correlates identity data from directories, cloud platforms, databases, and AI systems into a single authoritative view. This provides security teams with real-time visibility into all identities — human, machine, and agent — along with continuous risk detection and governance across the full IAM ecosystem. 

Agent Governance and Cryptographic Binding. Building on this unified view, Badge creates a cryptographic binding to each discovered agent, establishing verifiable identity and appropriately limiting the scope of what each agent can do. Together, this delivers runtime identity governance for AI — ensuring agents operate only within defined boundaries. 

Zero-Knowledge Authentication Across Unfederated Domains. Badge’s patented on-demand key derivation eliminates stored secrets, passwords, and device-bound credentials. Users and agents enroll once and authenticate across any domain — including unfederated AD forests, Kerberos realms, and identity platforms such as Entra ID, CyberArk, Okta, and Ping — without requiring forest trusts or manual federation.  

This is zero trust applied to the identity layer itself: no stored secrets, no implicit trust, continuous verification. By combining Radiant Logic’s identity unification with Badge’s passwordless, deviceless authentication, the partnership bridges a security ecosystem where every identity — human, machine, or agent — is discovered, verified, and governed end to end. 

Cross-Domain Access Without Rearchitecting. The solution issues X.509 certificates that work across unfederated identity domains, enabling secure cross-domain access from day one of a merger, consolidation, or modernization initiative. Organizations integrate additional identity providers incrementally without disruption. 

Availability 

The integrated solution is available immediately as part of the RadiantOne platform, deployed as scalable SaaS or on-premises. For more information, visit https://www.badgeinc.com/badge-radiant-partnership. 

Leave a comment »

Binalyze Launches Magellan to Bring Investigative e-Discovery to the SOC

Posted in Commentary with tags on March 26, 2026 by itnerd

Binalyze today announced the launch of Magellan, a new capability that brings ‘e-discovery’ of file contents directly into the Security Operations Center (SOC) to help close the ‘content blind spot’ for organizations.

Despite years of investment in detection technologies such as EDR, XDR, and SIEM, most SOCs investigate incidents without direct visibility into file contents. This reliance on metadata such as filenames, hashes, and access logs blinds investigators to crucial context such as what actual data was involved; how it was misused; and what the potential consequences are.

Magellan introduces investigative e-discovery capabilities at the endpoint, allowing teams to go beyond detecting suspicious activity to determine the true potential impact of an incident without affecting the speed of an investigation. In contrast to legacy e-discovery solutions, Magellan removes the need to centrally index and create copies of data that already exists. This enables security teams to search and examine the contents of files across endpoints and hybrid environments in real-time. This results in a clear understanding of what’s in a file, where it’s stored, who has access, and whether it’s being used appropriately.

Embedded within the Binalyze AIR platform, Magellan enables distributed full-text search directly on the device where the data resides. By removing the need to export files or wait for centralized indexing, security teams can quickly examine file contents across large environments, giving a full picture of the extent of a breach and what data is at risk. Moreover, it also helps security teams to proactively spot issues before breaches occur, especially when confidential files are being accessed by users whom wouldn’t usually have authorization to access them.

Closing the Visibility Gap in Cyber Investigations

Magellan addresses a broader shift in cybersecurity priorities. As attacks become more complex and regulatory expectations increase, organizations need deeper investigative capabilities to understand exactly what happened during an incident.

Yet these organizations also have to deal with rapidly growing data volumes across their endpoints – from both cloud services, and remote environments – alongside rising insider threats and accidental data exposure. Security teams can easily study indirect indicators such as metadata or access logs, but deeper inspection requires involvement from forensic specialists, IT teams, or legal workflows. These delays can extend investigations and increase uncertainty around the scope of an incident. 

Magellan gives security teams the capability to search across their entire infrastructure; investigate insider threats and data exposure directly at the source; and provide evidence-based answers to key stakeholders and regulators.

Availability

Magellan is available immediately as a new module within the Binalyze AIR platform.

Leave a comment »

Hammerspace Data Platform Wins 2026 Artificial Intelligence Excellence Award

Posted in Commentary with tags on March 25, 2026 by itnerd

Hammerspace today announced it has been named a winner in the 2026 Artificial Intelligence Excellence Awards in the Internet and Technology category. Presented by the Business Intelligence Group, the award recognizes organizations, products, teams, and individuals that are applying artificial intelligence in ways that drive real, measurable impact.

At a time when AI infrastructure is constrained less by compute than by data bottlenecks, the Hammerspace Data Platform redefines how unstructured data is accessed, orchestrated, and delivered to GPU-intensive workloads – without requiring proprietary clients, new storage silos or disruptive data migrations.

Hammerspace provides the foundation to activate unstructured data at scale, wherever it lives. Instead of forcing enterprises to copy data into yet another AI storage silo, Hammerspace creates a unified global data environment that orchestrates data across existing infrastructure. The result is less manual effort, fewer unnecessary copies, lower operational drag, and a much faster path to production AI.

Built on standard Linux NFS and pNFS v4.2, and advanced through years of upstream kernel innovation, Hammerspace delivers true parallel performance and linear scalability using the native clients already deployed across most GPU environments. That means high-performance data access without proprietary software, infrastructure lock-in, or the operational drag of introducing another specialized storage stack.

Hammerspace also extends performance further with Tier 0, which turns underutilized NVMe inside GPU servers into a shared, ultra-low-latency data tier. Combined with topology-aware data placement, Hammerspace aligns data with compute automatically – keeping GPUs fed faster, reducing bottlenecks, and increasing the efficiency of existing infrastructure.

Together, these outcomes demonstrate that Hammerspace delivers tangible business value: faster AI pipelines, higher utilization of costly GPU resources, lower infrastructure spend and reduced operational complexity – while maintaining flexibility across on-premises and cloud environments.

The Artificial Intelligence Excellence Awards spotlight organizations advancing AI into practical, accountable deployment. The 2026 program recognized winners across 36 industries and more than 15 countries.

Learn More: Hammerspace Data Platform Overview

Leave a comment »

SAP Showcases New AI, Integrated Travel and Expense Enhancements, and Global Partnerships at SAP Concur Fusion 2026

Posted in Commentary with tags on March 25, 2026 by itnerd

At SAP Concur Fusion 2026, we’re bringing together finance and travel decision-makers, customers, and partners to explore how AI-enabled innovation is transforming integrated travel, expense, and invoice management.

New innovations and new and expanded partnerships announced at the event reflect our focus on smarter automation that drives efficiency and compliance, deeper visibility that supports better decision-making, and solutions that help organizations control costs while improving employee experiences.


Joule Integration, New Agents and Innovations Streamline Travel and Expense Workflows

Building on the integration between Joule and Microsoft 365 Copilot, SAP Concur is bringing AI-enabled travel and expense management directly into the Microsoft applications employees use every day. Available now, employees can create and submit expense reports, track expense status, ask policy-related questions, upload receipts, book travel, and more without having to leave the application they’re working in to log into Concur solutions. With this enhanced organizational context, Joule introduces greater business intelligence into the flow of work, helping employees complete travel and expense tasks more easily, offering guidance, and reducing manual effort while maintaining compliance. Bringing Concur experiences into the tools employees already use regularly removes friction, streamlines workflows and improves productivity.

Existing Joule Agents from SAP Concur focus on intelligent receipt analysis and expense report validation, automatically enriching expense data, detecting errors, and guiding employees to submit accurate, compliant reports. Now, two new Joule Agents join the SAP Concur lineup to further streamline expense compliance and reporting.

  • Expense Automation Agent: A Joule Agent that acts as a virtual delegate creating the expense report and automatically adding transactions, including populating custom fields based on contextual details and user history. Employees can simply review and refine the report before submitting, reducing manual data entry and saving considerable time. This agent delivers a modern expense management experience – the expense report that practically manages itself.
  • Expense Pre-Submit Audit Agent: A Joule Agent that provides accurate, relevant receipt checks early in the expense report process. It proactively flags discrepancies in receipts before submission, helping address inaccuracies early, reduce report rejections and review cycles, and shorten reimbursement timelines. Drawing on decades of expertise and innovation in expense report auditing, SAP Concur delivers an agent that ensures receipt validation is robust and precise.

Concur Expense will soon support new capabilities to submit receipts via text message, offering another easy way for employees to capture receipts without manual data entry.

Expense Pre-Submit Audit Agent, Expense Automation Agent, and receipt texting capabilities are currently in the SAP Early Adopter Care program, with general availability expected later this year.

Expense Automation Agent will be available as part of Joule Premium for Travel and Expense.

Additionally, leveraging the power of the SAP Business Suite, the SAP Sales Cloud solution now integrates with Booking Agent to streamline workflows and enhance productivity for sales teams. Salespeople can use Joule within the SAP Sales Cloud solution to book travel for planned client visits. Joule recognizes key details of the client visit and presents personalized travel itinerary options for the salesperson to choose from for quick, seamless booking within the existing workflow. This eliminates the need to manage separate workflows for client visits and trip bookings, as Joule connects planned visits directly with easy booking options. The integration is planned for general availability in Q2 2026.

Simplified Administration, Stronger Compliance and Increased Automation Across Travel and Expense Processes

New AI-based rule creation tools simplify the complex process of managing policy rules in Complete by SAP Concur and Amex GBT, Concur Travel, and Concur Expense, especially for administrators without a technical background. These tools help customers automate enforcement of even the most nuanced policies using natural language or company policy documents as the input. Now, administrators can manage rule creation efficiently and confidently. Administrators can upload a travel policy document, and the travel rules will automatically be created or modified, saving time and strengthening policy compliance. This capability will be available as part of the SAP Early Adopter Care program in Q2 2026. Concur Expense administrators can create and manage audit rules using natural language starting in Q2 2026. The ability to create rules from uploaded policy documents is planned for later in 2026

Additionally, SAP Concur is strengthening two key financial industry partnerships to further streamline expense reporting and compliance.

SAP Concur and American Express (Amex) are deepening their partnership to enable joint customers to create and manage American Express Virtual Cards in Concur Expense. An American Express Virtual Card features a uniquely generated card number and security code associated with an employer’s Amex Corporate Card account, reducing the burden of out-of-pocket expenses by supporting online payments and transactions on-the-go through a digital wallet.

American Express Virtual Cards with SAP Concur enable employees to make purchases in just a few clicks, while providing organizations with enhanced visibility, stronger controls, and greater efficiency. They also can be used as a payment method within Concur Travel. This capability is available now to select U.S.-based American Express® Corporate and Business customers using Concur Expense with availability for all such customers planned for Q3 2026.

Last year, SAP Concur and Amex launched a real-time notification (RTN) capability that automatically generates and categorizes eligible business expenses from Amex Corporate Card purchases in Concur Expense. Enrolled cardholders will get real-time notification via the Concur mobile app when making a purchase, so they never miss key details like uploading a receipt or adding attendees for a meal.

SAP Concur teams up with Visa to drive greater integration between Concur Expense and Visa through the Visa Commercial Integrated Partner program. The first integration milestone will be for Concur Expense to enable real-time notifications to automatically create expenses from Visa card swipes and reduce the risk of lost receipts or duplicates. The capability will be available as part of the SAP Early Adopter Care Program in Q3 2026.

SAP Concur will now support RTN from all major credit card networks.

Corporate Travel Experience Enhancements and New AI-Enabled Capabilities

SAP Concur is advancing the corporate travel experience with new capabilities, expanded global availability, and enhanced partner integrations designed to support travelers and travel managers worldwide

SAP Concur and American Express Global Business Travel (Amex GBT) are announcing new innovations to Complete, an AI-enabled, co-developed solution for booking, servicing, payments, and expensing. New capabilities include AI-enabled travel support with hand-off to a live travel counselor and a specialized home page for travel managers. Concur Expense also integrates with Amex GBT Egencia for customers worldwide. For more about these co-innovations, visit the Concur blog.

For all customers using the new Concur Travel experience, it now fully supports guest bookings, offering an improved reservation workflow for hosting guest travel. Enhanced booking capabilities provide a streamlined experience, allowing guest profiles to be created quickly without having to establish new profiles for recurring visitors each time.

Starting in Q2, India joins more than 150 countries with access to the new Concur Travel experience. With expanded content from Cleartrip that supports all fare brands, seats, bags, and ancillaries, combined with new One-Way Faring capability and mobile user experience, travelers can shop IndiGo and SpiceJet, as well as new supplier additions including Akasa Air and Air India Express.

TripIt by SAP Concur is also enhancing the travel experience with new intelligent, on-device capabilities that help travelers organize plans effortlessly while staying informed about potential disruptions in real time.

  • TripIt Pro Image to Plan with Apple Intelligence: Travelers can turn photos or PDFs—including tickets, reservations, event flyers, and receipts—into organized TripIt plans in just a few taps. Using Apple Intelligence’s on-device foundation models, TripIt Pro securely extracts key details such as dates, times, locations, confirmation numbers, and costs, all without leaving the device.
  • Expanded TripIt Pro Risk Alerts: Based on the address entered with a trip plan, TripIt Pro monitors breaking news that may disrupt the itinerary. Travelers will now receive proactive, timely alerts about incidents that could affect lodging, car rental, rail, activities, and other plans, in addition to flights, airlines and airports.

These new capabilities in TripIt Pro are generally available now.

To learn more about announcements at SAP Concur Fusion, or to join the virtual event, visit here.

Leave a comment »

« Older Entries