Legit Security Releases Survey Report on GenAI in Software Development, Revealing Pervasive Security Challenges Despite High Rate of Adoption 

Posted in Commentary on November 19, 2024 by itnerd

Legit Security, the definitive application security posture management (ASPM) leader providing end-to-end visibility and protection across the entire software factory, today announced the release of a new survey report, “Use and Security of GenAI in Software Development.” Capturing the perspectives of security and development professionals to uncover concerns about the visibility into and approaches to managing GenAI, the report’s findings revealed that both teams face critical security challenges when using GenAI in software development. 

GenAI is quickly changing the software development process by automating tasks that once took developers hours, if not days, to complete, bolstering efficiency and productivity. Eighty-eight percent of developers report using it within their development organization, reflecting a broad shift in how development teams augment their capabilities with AI to meet tight deadlines and complex project demands. Despite the high rate of adoption, security is a critical concern. For instance, previous research by Legit revealed that LLMs and AI models contain bugs and vulnerabilities that can lead to AI supply chain attacks.

The report’s key findings include:

  • Increased Use of GenAI in Software Development: 96% of security and software development professionals report that their companies use GenAI-based solutions for building or delivering applications. Among these respondents, 79% report that all or most of their development teams regularly use GenAI.
  • Code Assistant Use Is Worrying: 84% of security professionals are concerned about using code assistants and cite unknown and/or malicious code as their primary concern.
  • Growing Concerns Over GenAI Security: 98% believe that security teams need a better handle on how GenAI-based solutions are used in development. 94% report they need more effective ways to manage GenAI use in their company’s research and development efforts.
  • Apprehension on GenAI Over-Reliance: 85% of developers and 75% of those in security have security concerns over relying too much on GenAI solutions to develop software. 
  • Developers Fear Loss of Critical Thinking: More developers than security professionals report concern over loss of critical thinking due to AI use in development (8% vs. 3%).
  • GenAI is the Future: 95% of respondents predict that software developers will be more reliant on GenAI in the next five years, with none foreseeing reduced reliance. 

The report’s findings underscore GenAI’s importance in software development. However, as organizations increasingly adopt it into their CI/CD pipelines and software supply chains, they need to prioritize security and improve oversight while boosting collaboration between development and security teams. 

To download the report, visit https://info.legitsecurity.com/survey-report-use-and-security-of-genai-in-software-development.

Leave a comment »

Action1 Enhances Microsoft Intune with Advanced, Scalable Security Solutions at Microsoft Ignite 2024

Posted in Commentary with tags on November 18, 2024 by itnerd

Action1, a leading provider of real-time vulnerability discovery and automated patch management solutions, will be presenting their enhanced patch management solution at Microsoft Ignite 2024 in Chicago, November 19-21. As a strategic enhancement to Microsoft Intune, Action1 complements Microsoft’s device management software with advanced cloud-native patching and vulnerability management, designed to scale effortlessly and ensure endpoint security in real time.

Action1 seamlessly integrates with Microsoft Intune, elevating Intune’s device management capabilities with its Autonomous Endpoint Management solution. This advanced approach includes real-time patching and vulnerability assessments for operating systems and third-party applications, along with features like offline device patching and peer-to-peer (P2P) distribution. These capabilities provide an additional layer of compliance and protection tailored for hybrid work environments. With a setup time of under five minutes, Action1 empowers companies to rapidly secure their endpoints, manage them autonomously, and stay ahead of emerging threats.

Key Features of Action1 at Microsoft Ignite 2024

Third-Party Application Patching

Intune’s native support for third-party software patching is minimal, often requiring additional workarounds. Action1, purpose-built for patch management, delivers automated third-party patching across a wide range of applications. This ensures that non-Microsoft software vulnerabilities are promptly addressed without extra steps or integrations.

Real-Time Vulnerability Assessment

Unlike Intune’s scheduled compliance scans, Action1 provides continuous, real-time visibility into endpoint vulnerabilities. This proactive monitoring helps organizations identify and mitigate risks faster, reducing the time between detection and remediation.

Automated Remediation

Action1 streamlines patching with detailed, policy-driven automation for OS and third-party software, significantly reducing manual workloads and ensuring consistent compliance across endpoints.

Peer-to-Peer Patch Distribution

While Intune’s Delivery Optimization is effective for Microsoft updates, it has limitations for third-party applications. Action1’s peer-to-peer patch distribution supports non-Microsoft updates, optimizing bandwidth usage and enabling efficient patch deployment in distributed or bandwidth-constrained environments.

First 100 Endpoints Free Forever

To help organizations experience Action1’s benefits firsthand, a lifetime license for the first 100 endpoints is available at no cost, allowing enterprises to indefinitely trial the solution before full-scale implementation.

Compliance and Security Certifications

Action1’s dedication to compliance is reflected in its certifications, including SOC 2 and ISO 27001—the first in patch management to achieve both standards. Additionally, Action1’s support of HIPAA, PCI DSS, CIS CSC, ACSC, and GLBA/FFIEC enables organizations to meet diverse regulatory requirements and strengthen endpoint security.

Global Reach and Reliability

Action1’s strategically located data centers worldwide ensure fast patch deployment, supporting enterprises in scaling patch management with confidence, backed by robust and globally compliant infrastructure.

Experience Action1 at Microsoft Ignite 2024

Join Action1 at booth #430 at Microsoft Ignite 2024 to witness live demonstrations of our advanced security solutions. Visitors can engage in our “Crack the Code” game for a chance to win LEGO sets, enjoy exclusive Action1 swag, and receive free coffee vouchers for a local coffee shop. For more information, visit www.action1.com.

Leave a comment »

2025 Predictions by Haoyuan Li, Founder and CEO, Alluxio

Posted in Commentary with tags on November 18, 2024 by itnerd

Here are some 2025 Technology Predictions about major developments from Haoyuan Li, founder and CEO of Alluxio. This is what he sees in AI/ML, Data & Analytics, Cloud, Modern Data Center and DevOps in 2025. 

Multi-Modal Training Will Become More Mainstream – In 2025, multi-modal training, which integrates different types of data—such as text, images, audio, and video—will become a more dominant approach in model training. This shift is driven by the need for AI systems to better understand and process the complexity of real-world data, allowing for richer and more context-aware applications. For example, multi-modal models can improve use cases like autonomous driving, where understanding visual, auditory, and textual information is critical. The rise of these models will also spur demand for more advanced hardware and storage solutions, as the complexity of training environments continues to grow.

Pre-Training Will Become a Key Differentiator for Organizations Adopting LLMs – By 2025, pre-training will emerge as a crucial differentiator among organizations developing large language models (LLMs). As the AI landscape evolves, access to vast amounts of high-quality data—especially industry-specific data—will become a major competitive advantage. Companies that can effectively harness big data infrastructure to leverage their large-scale datasets will be better positioned to fine-tune their models and deliver more effective, specialized solutions. However, this also introduces a significant bottleneck. Preparing and curating the right data for pre-training is increasingly complex, and companies without robust big data infrastructure will struggle to keep up. Efficiently handling this data preparation, cleaning, and transformation process will become a critical challenge in the race to develop more powerful and relevant LLMs.

Overcoming Data Access Challenges Becomes Critical for AI Success – In 2025, organizations will face increasing pressure to solve data access challenges as AI workloads become more demanding and distributed. The explosion of data across multiple clouds, regions, and storage systems has created significant bottlenecks in data availability and movement, particularly for compute-intensive AI training. Organizations will need to efficiently manage data access across their distributed environments while minimizing data movement and duplication. We’ll see an increased focus on technologies that can provide fast, concurrent access to data regardless of its location while maintaining data locality for performance. The ability to overcome these data access challenges will become a key differentiator for organizations scaling their AI initiatives.

AI-Driven Cloud Economics Reshape Infrastructure Decisions – In 2025, organizations will fundamentally reshape their cloud strategies around AI economics. The focus will shift from traditional cloud cost optimization to AI-specific ROI optimization. Organizations will develop sophisticated modeling capabilities to understand and predict AI workload costs across different infrastructure options. This will lead to more nuanced hybrid deployment strategies where companies carefully balance the cost-performance trade-offs of training and inference workloads across cloud providers and on-premises infrastructure.

Maximizing GPU Utilization Becomes the New Standard – In 2025, as the size of AI model training datasets continue to grow exponentially, maximizing GPU utilization will become the primary design goal for modern datacenters. Organizations will face mounting pressure to optimize their expensive GPU infrastructure investments. This shift will drive innovations in hardware and software design to sustain the massive read bandwidths necessary for training and minimize checkpoint-saving times that cause training pauses. Success will be measured by how effectively datacenters can keep their GPU resources busy while managing larger model checkpoints and growing data requirements.

MLOps Evolution to AIOps – In 2025, we’ll see the evolution from traditional MLOps to comprehensive AIOps platforms that manage the entire AI system lifecycle. These platforms will integrate sophisticated monitoring and automation capabilities for both models and infrastructure, enabling predictive maintenance and automatic optimization of AI systems. Teams will adopt practices that treat AI models as living systems rather than static deployments, with continuous learning and adaptation capabilities built into the deployment pipeline. This shift will require new tools and practices for version control, testing, and deployment that can handle the complexity of multi-modal models and distributed training environments.

Leave a comment »

New Phishing Attack Leverages AiTM Tactics to Steal Credentials From Legitimate Dropbox Website During Open Enrolment Period

Posted in Commentary with tags on November 18, 2024 by itnerd

Abnormal Security has released its latest blog of a phishing campaign exploiting Dropbox’s platform—blending genuine email elements with adversary-in-the-middle (AiTM) tactics to steal login credentials. 

In this attack, the email claims “Human Resources” has shared a document regarding annual salary increases and open enrolment on Dropbox. Clicking the “View on Dropbox” button sends recipients to Dropbox’s legitimate site, where they are instructed to provide Dropbox login credentials to view the file. What makes this attack unique is that it originated from a trusted sender and includes legitimate embedded links.

From there, employees are redirected to a spoofed Microsoft OneDrive portal and prompted to provide their Microsoft login credentials where credentials are ultimately stolen.

You can read the blog post here: https://abnormalsecurity.com/blog/adversary-in-the-middle-dropbox-phishing-open-enrollment

Leave a comment »

What’s In My Tech Sling – The 2024 Edition

Posted in Products with tags , , , , , , , , , , , on November 17, 2024 by itnerd

When I get a phone call from a client from a client to assist them with some sort of tech issue, I need to grab a handful of things that I know that I will usually need on a job and go. For years, I’ve sort of scrambled to find what I need on a moment’s notice. To make my life easier, I have built up a tech sling bag that has my commonly used items that I need when I go to see a client. By doing this, I simply have to do a “grab and go” and I can add it to my backpack if I need to as it doesn’t take up a lot of space. Let’s start with the bag itself:

The is the tomtoc Explorer-H02 EDC Sling Bag in the 8 inch size which has an outer compartment that holds miscellaneous items, a compartment in the back that holds one item that I will get to in a moment, and a middle compartment that holds the majority of my gear. Because it is a sling bag, it goes over my shoulder which is handy if I am just using it by itself. But it will also fit inside my laptop bag or backpack.

Inside the sling bag is this OWC Envoy 1 TB SSD which recently was added to the sling bag. It doesn’t take up a lot of space, but it is quick. That makes it ideal to travel with and use with my clients.

 The Victorinox Cyber Tool on the right the next item in my sling bag I find this to be extremely handy to do everything from open boxes to disassembling computers. Attached to that is Olight i3E EOS flashlight which makes life easier for me when I need light in a dark corner of a computer case or a room as it gets pretty bright.

I usually have a few random USB sticks with utilities on them. Such as malware scanning or unlocking utilities. But I also have a SanDisk 128GB Extreme PRO flash drive which occasionally comes in handy with clients. Though with the 1TB OWC drive, I have to admit that I am rethinking whether I need to have that in my tech sling.

I’ve got an Apple AirTag in it so that if I misplace the tech sling, I can find it easily. Because I have left a customer’s site a few times without it, and then had an alert pop up on my iPhone telling me so. It’s inside a Belkin AirTag holder which makes sure that I can attach it to a loop inside the sling bag.

I have a plastic bag with batteries. Specifically some AA, AAA, CR1632, and CR2032 batteries. Because there have been numerous times where a customer had an issue that was solved by a battery, and the customer didn’t have any spare ones. Thus I cover myself for that eventuality.

I also carry a bag with some Woosh Screen shine and a microfibre cloth as I never know when I might need to clean a computer’s screen or keyboard. Be it mine or somebody else’s. This stuff works really well and it’s currently my go to for my computer cleaning needs. I also have some Q-Tips in the bag to get to those hard to reach places.

I have a small bag with a bunch of USB-A to USB-C and USB-C to USB-A adapters as they come in handy for customers who need to plug something into a computer and don’t have the right adapter.

Another recent addition to my tech sling is this Anker Ethernet to USB-C adapter that runs at 2.5 Gbps. Ideally, I would want to have a 10 Gbps adapter in my sling, but those are still pretty pricy. Thus this will work for me until prices drop.

To cover off any charging needs that I or others might have, I have a UGREEN Nexode 100W charger that has three USB-C ports and a single USB-A port. I can charge anything from phones to my MacBook Pro to my iPhone. Most of the time, I’ve used it to charge my client’s stuff quickly.

I have a variety of cables in my tech sling, starting with this Anker 100W USB-C power delivery cable for charging purposes only.

I also have an HDMI cable that comes in handy when I have a MacBook Pro and I need to plug into a projector or TV at a client’s site.

I also have a flat Ethernet cable which comes in handy when I need to plug into something using the Anker Ethernet adapter that I spoke of earlier.

The key cable that I carry is a RollingSquare InCharge XL which is my one cable to rule them all. I say that because it will cover any use case that I may need when at a client’s location as it is good for data transfer and for charging.

I also have that cable’s little brother the RollingSquare InCharge X as it it sometimes is handy to have a second cable that doesn’t take up a lot of real estate. It’s beaten up as it once was on my keychain. But it works just fine.

The second last item is this GearAid HeroClip. What this is for is to allow me to hook, hang, and carry my gear. I have it because if I have to use a public restroom, there is often no place to hang a jacket, or the sling bag, or a laptop bag. Thus making this piece of kit extremely handy. I got the large size to make sure that I could hang anything that I needed as it has a 100 pound weight limit.

The last item is this pen. Because everyone needs a pen.

So that’s what is inside my tech sling bag. This works for me, but I would be interested in hearing from you in terms of what you think I should add to it or change. Please leave a comment below and share your thoughts.

2 Comments »

My Every Day Carry (EDC) – The 2024 Edition

Posted in Products with tags , , , , , , , , on November 16, 2024 by itnerd

My every day carry or EDC has evolved slightly since the last time that I covered what my EDC consists of. I’ve tweaked some of the items that I carry not only for meeting my daily needs but to add some style as well. So let’s have a look at what my EDC consists of the following:

I am still using the iPhone 14 Pro as it’s a fast phone and none of the Apple Intelligence stuff or the camera upgrades have enticed me to switch to the iPhone 16 Pro. I have a dbrand Grip Case on it and I protect the screen with a dbrand Prism 2.0 screen protector. The only thing that I have done to the phone is have the battery replaced under AppleCare when the battery health went below 80%. Now for formal occasions I have been known to switch my case to this one from Mujjo, but I might be able to get away with not having to do that as the dbrand case is something that I might be able to roll with for any occasion. We’ll have to see the next time I have to do something super formal.

I now use the original Apple Watch Ultra as that fits with the sports and other athletic activities that I do. I’ve had this for over 2 years and the battery health is currently at 94% which is outstanding after two years. While you see it here with the Apple Nike Sport band, I do have a selection of bands that I can swap to if the need arises. Including this recent addition. I’ve also customized the watch with apps that make it close to a Garmin watch as that fits with the fact that I am a very athletic person.

Next up is the Ekster Carbon Fibre Cardholder which is made of 3K carbon fibre. All the cards and ID that I need are in this slim and light package that I barely notice in my pocket. It does have RFID blocking capabilities which is a good thing. One thing that I should point out is that if I am wanting to slim down what I carry, I can switch to either this MagSafe wallet for formal occasions, or this MagSafe wallet if I am going for a bike ride. In either case, I just take my ID out and place it in the MagSafe wallet of choice and the wallet on the back of my iPhone 14 Pro.

I make sure that I know where my wallet is at all times by having this Zike Smart Tracking Card inside the wallet which integrates with Apple’s Find My network. One thing that I really like about this tracking card is that unlike a lot of them, this one is rechargeable. So when the battery goes dead, I just toss it onto a wireless charger and I get a charge that lasts about six months as opposed to having a card that works for about two years that you then have to replace when the battery goes dead.

If I want to listen to music while I am on the go, my Apple AirPods Pro is my go to as they allow you use active noise cancelling to shut out the outside world, or use transparency mode to stay aware of what’s going on around you. I have been wanting to replace them with the AirPods Pro 2 but these won’t die. They are wrapped up in the dbrand AirPods Pro Grip case to make sure that I don’t drop and damage them. I should also mention that I did replace the stock silicone ear tips with the Comply Foam Tips which not only make the AirPods Pro feel more comfortable in my ears, but they allow the AirPods stay in my ears better. They also sound better and noise cancelling works better.

When I am not driving, my sunglasses of choice are the Rudy Project Zyon’s. My wife originally got them with the prescription inserts. But she then moved onto a different Rudy Project model. Thus I took them, removed the inserts and have been using them ever since. I really like these as they provide a great amount of coverage, which means better protection for my eyes.

My keys are the next things that I grab. My keys are in a KeyPort Pivot 2.0 key holder which on the inside I have a 64GB USB stick, a multi-tool that in a pinch can open an Amazon box, a SIM card ejector tool, and a pen. Oh yeah. It also has my keys as well. One thing that I appreciate about this setup is that keys don’t dig into my thighs and they don’t jingle. I also have my key fob for my condo along with an Apple AirTag on them to find them when I misplace them. Since you can’t directly mount an AirTag to anything, I use the Belkin Secure Holder with the AirTag as it’s secure and cheap relative to the cost of what Apple wants you to pay for their products.

If I am driving I take my car keys with me as well, and they too have an Apple AirTag along with a Belkin Secure Holder on them.

The Groove Life Groove Belt is a great addition to my EDC as I can use it for formal occasions or just wearing jeans. It comes together using some really strong magnets and you feel like a superhero when you put it on. I’ll also point out that you can resize it at will which is handy as I have steadily been losing weight over the last couple of years.

The last item is some Blistex or some other form of lip protection as I get really dry lips.

That’s my EDC or every day carry. What do you think? What do you think I should add to it or change? And were you able to spot the theme? Drop a comment below and share your thoughts. In the meantime, stay tuned for a look at my Tech Sling that I carry with me when I see clients as that has a lot of interesting things in it.

Leave a comment »

Fresh Phish By INKY Covers How Telegram Bots Are Harvesting Your Credentials

Posted in Commentary with tags on November 15, 2024 by itnerd

INKY has just published a new Fresh Phish talking about credential harvesting using controversial telegram bots.

Just as the popular messaging app Telegram makes the news for allowing criminal activity on its platform, a new credential harvesting phishing scheme surfaces. This Fresh Phish goes into the weeds to explore this new attack surface.  

You can read all about it here.

Leave a comment »

Six Canadian businesses each win $200K prize packages through TELUS’ #StandWithOwners program

Posted in Commentary with tags on November 15, 2024 by itnerd

TELUS has announced that six deserving Canadian businesses from across the country were each awarded a $200K grand prize package as part of the fifth annual TELUS #StandWithOwners program.

The following businesses were recognized for demonstrating their exceptional leadership, tangible impact on their communities, use of technology to drive innovation and their proven track record of growth:

  • Blume, North Vancouver, BC, is dedicated to creating a kinder wellness world through superfood rituals.Founded by Karen Danudjaja, the company started selling in local coffee shops in Vancouver and has now expanded to over 4,000 retailers across Canada and the US. Their products find the perfect balance of function and taste as they look to build accessible rituals that fill your cup literally and figuratively.
  • Happly Ai, Montreal, QC: Cofounder Thierry Lindor is using AI for good, leveraging their intuitive platform and technology to help businesses and nonprofits match and secure funding tailored to their needs. With over 100,000 users, the platform has unlocked nearly $70M in funding, transforming how enterprises and organizations access economic opportunities.
  • Kidcrew Medical, Toronto ON: Revolutionizing pediatric healthcare, Kidcrew Medical combines primary, specialized, and allied health services under one roof. Founded by Dr. Dina Kulik, the clinic uses innovative technology and data analytics to serve 100,000 patients, streamlining care for improved patient outcomes across its growing number of locations
    .
  • Legends Haul, Vancouver BC: Focusing on sustainability and continuous innovation, Legends Haul has made a significant impact on the local food ecosystem in Vancouver. Jill and Craig Sheridan launched the business and grew it into a leader in food distribution and manufacturing, with their own house brands and a 30,000-square-foot distribution facility.
  • Stoko, Vancouver BC: Originating from his personal experience with an injury sustained on Grouse Mountain in North Vancouver, Stoko founder Zack Eberwein set out to redefine expectations for knee braces by creating revolutionary medical-grade Supportive Apparel: the world’s only all-in-one knee brace and compression tight designed to help people get active again and stay active for as long as possible.
  • ZoRaw Chocolates: With a focus on societal wellness, ZoRaw Chocolates was founded by Gigi Gill, who along with her partner Tanveer, developed the world’s first protein-fortified, fiber-rich, and sugar-free chocolate bars. Through an innovative production process, the company can produce 30,000 chocolate bars a day, distributing to over 3,000 stores across Canada and the US.

This year’s contest saw record engagement, with the winners being selected out of thousands of applicants based on the strength of their submissions and their entrepreneurial spirit. Since 2020, TELUS has invested $5 million through the #StandWithOwners program, providing essential funding, advertising and technology to help businesses thrive.

Leave a comment »

Targus MiraLogic Connect wins CES 2025 Innovation Award in sustainability

Posted in Commentary with tags on November 15, 2024 by itnerd

Targus today announced that its MiraLogic Connect retrofit adapter has been named a CES 2025 Innovation Award Honoree in the Sustainability, Eco-Design & Smart Energy category. CES’ elite panel of judges recognized MiraLogic Connect for its unique features and benefits that help organizations advance their sustainability initiatives by upgrading mainstream Targus docking stations to IoT-connected smart docks configured for MiraLogic. MiraLogic is a patented, unique workspace intelligence system that enables IT and management teams to remotely control, oversee, and optimize their company’s modular IT ecosystems, anywhere.  

With the MiraLogic Connect adapter, organizations can seamlessly and cost-effectively upgrade their mainstream Targus docking stations to IoT-connected smart docks configured for MiraLogic. This allows their IT and management teams to efficiently analyze, control, and manage their workspace assets anywhere (e.g., power consumption, workspace utilization, and real-time occupancy). By providing valuable, real-time insights to make data-driven decisions about running costs of power, energy, equipment, and desk usage, MiraLogic helps today’s businesses achieve their sustainability goals more effectively while empowering employees to work productively from anywhere.  

MiraLogic Connect is a retrofit adapter that sits between a Targus docking station, specifically DOCK182DOCK192DOCK310, and DOCK315, and host device to incorporate the capabilities of the Targus MiraLogic Workspace Intelligence System into the dock. With this small adapter, Over-the-Air (OTA) Firmware updates and management tasks can also now be performed remotely and automatically through the MiraLogic platform, without attaching to a host device. This eliminates the need to perform time-intensive, manual updates on multiple docks throughout the workplace. Remote OTA firmware updates enable organizations to cut time spent on dock maintenance by more than 90%, according to data from Targus enterprise users.   

Extending MiraLogic’s sustainability benefits, the adapter and product packaging also use recycled materials. The housing has 75% post-consumer recycled (PCR) plastic and the product comes in a recyclable brown box packaging and CPE-07 biodegradable bag which degrades faster than regular plastic once discarded. In the company’s future docking solutions roadmap, Targus is working toward replacing all of its current docking products with 85% Post-Consumer Recycled (PCR) housing and 100% recycled packaging.  

The MiraLogic Workspace Intelligence System, which was named a CES Innovation Award Honoree in 2019 and 2024, combines patented and patent-pending enterprise-grade hardware and proprietary cloud software to give technical and management teams full remote control and visibility over their modular IT ecosystems across the workplace. By providing real-time insights to make data-driven decisions about running costs of power, energy, equipment, and desk usage, organizations can achieve their sustainability goals more effectively while empowering employees to work productively from anywhere.   

MiraLogic Connect is slated for availability in April 2025. Consumers and media can get a firsthand look and technical demonstration of MiraLogic Connect and the MiraLogic Workspace Intelligence System at CES 2025, the world’s most important proving ground for innovation happening in Las Vegas, Jan. 7th-10th. Targus will be showcasing its latest innovations in docking stations, cases, and tech accessories designed to upgrade peoples’ lives at The Venetian in Suite #35-106. Additionally, MiraLogic Connect will be featured in the CES Innovation Awards Showcase and with the MiraLogic Workspace Intelligence System during CES Unveiled, CES’ premier media preview event taking place at the Mandalay Bay Convention Center on the evening of January 5th. 

Leave a comment »

Gartner Cites AppSOC As An AI TRiSM (AI Governance, Trust, Risk and Security) Vendor

Posted in Commentary with tags on November 14, 2024 by itnerd

AppSOC has announced its mention as a Sample AI TRiSM Vendor in the Gartner latest report Use TRiSM to Manage AI Governance, Trust, Risk, and Security. AppSOC was mentioned in all three key categories of the report: AI Governance, AI Security Testing, and AI Runtime Enforcement. We believe this recognition underscores AppSOC’s commitment to providing comprehensive solutions for managing AI’s complex risks and operational integrity.

The Gartner report outlines essential strategies and tools for TRiSM (Trust, Risk, and Security Management) in AI, a critical framework for organizations leveraging AI in high-stakes, rapidly evolving environments. AppSOC’s placement in multiple TRiSM categories reflects its unique capabilities in addressing AI-specific security and compliance needs.

AppSOC’s AI security capabilities include the following:

  • AI Governance: Supports policy compliance, regulatory alignment, and ethical AI practices, enabling transparent and controlled AI deployment.
  • AI Security Testing: Detects vulnerabilities and ensures that AI models are robust, secure, and resistant to potential threats before they go into production.
  • AI Runtime Enforcement: Prevents unauthorized or unsafe AI operations during runtime, ensuring continuous adherence to AI policies and safeguards.

AppSOC is an innovative Silicon Valley security provider, leading the way in AI governance and application security. AppSOC enables AI initiatives with enhanced visibility, robust guardrails and runtime defense, while protecting the entire AI stack from code to cloud to data. Founded by industry veterans, AppSOC brings unparalleled expertise in AI, cloud application security, data protection, and risk management. For more information, please visit www.appsoc.com.

Leave a comment »

« Older Entries
Newer Entries »