Fortra Launches DSPM Solution to Protect Data From Endpoint to Cloud  

Posted in Commentary with tags on October 29, 2025 by itnerd

Fortra announced today the launch of its new Data Security Posture Management (DSPM) solution to enable organizations to discover, classify, and protect sensitive data across their hybrid cloud. Fortra DSPM expands the company’s comprehensive security portfolio by addressing one of the most critical challenges facing modern enterprises: maintaining visibility and control over data in increasingly complex, distributed environments. 

As organizations increasingly embrace hybrid cloud architectures, sensitive data continues to proliferate across countless shadow repositories, applications, and environments. The modern threat landscape demands that businesses not only know where their critical data resides, but also understand how it’s being accessed, used, and protected. Traditional data protection approaches fall short in today’s dynamic threat environments, creating dangerous blind spots that cybercriminals are quick to exploit. 

Fortra DSPM delivers automated data discovery across on-premises, cloud, and hybrid environments, intelligent classification of sensitive information, and continuous monitoring of data security posture. By providing real-time insights into data risks and compliance gaps, the solution enables security teams to proactively address vulnerabilities before they can be exploited.  

The DSPM solution integrates seamlessly with Fortra’s existing security portfolio, providing customers with a unified approach to protecting their infrastructure and data assets. 

 

Leave a comment »

Vanta State of Trust 2025: AI Threats Outpace Security Expertise

Posted in Commentary with tags on October 29, 2025 by itnerd

Vanta today released its third annual State of Trust Report, an in-depth analysis uncovering global trends in AI, security, compliance, and trust from a survey of 3,500 IT and business leaders across the U.S., U.K., France, Germany and Australia.

Today, 72% of organizations say the security risks for their company have never been higher—a 17 point increase from 2024 when 55% said the same. As AI-driven cyber threats proliferate, organizations admit they can’t keep up, with a majority (59%) of business and IT leaders warning that AI cyber threats are advancing faster than their security team’s expertise to deal with them. In the past year, half of all organizations reported an increase in AI-generated phishing (49%), AI-powered malware (48%), and AI-driven identity theft or fraud (47%). 

On the other hand, companies leveraging AI agents to protect against AI-cyber attacks is increasing sharply, with 8 in 10 leaders currently using AI agents or planning to this year. However, AI usage doesn’t match the understanding of the technology—particularly when it comes to agents with nearly two-thirds (65%) saying their use of agentic AI outpaces their understanding of it. 

Agentic AI adoption is high, but control is low

To combat the surge of new attack vectors, security teams are trusting agentic AI with everything from decision-making to security strategy. But a lack of governance threatens to do more harm than good:

  • 79% of leaders are currently or planning to use AI agents to protect against AI-cyber attacks
  • 61% say they trust agentic AI to override human decision-making in certain scenarios like suspending a risky browser extension or session when a policy violation is detected 
  • 71% of teams feel comfortable with agentic AI giving input on security strategy
  • But AI usage doesn’t match understanding—nearly two-thirds (65%) say their use of agentic AI outpaces their grasp of it 
  • A mere 48% have developed a framework for granting or limiting autonomy in AI systems

Security theater is getting in the way of real protection 
The security paradox of AI means that as customers demand more proof of security, many teams are spending more time proving security, rather than improving it.

While 8 in 10 believe improving security and compliance directly boosts customer trust, leaders say their organizations only spend half of what they should on security—dedicating 10% of IT budgets to security vs a 17% ideal. This amounts to 12 working weeks per year spent on compliance related tasks (vs 11 last year), and 9 working weeks per year on vendor security reviews and risk assessments (vs 7 last year).

As a result, 61% say they spend more time proving security rather than improving it, with 64% saying today’s security frameworks feel like ‘security theater’.

AI banishes cybersecurity team burnout
Amid growing compliance pressure, AI is both a relief valve and a reinvention tool. It’s helping overburdened teams do more with less, automating manual tasks and freeing up time for meaningful security work:

  • 76% of security and compliance leaders say AI and automation tools are reducing burnout and improving day-to-day productivity
  • 95% believe AI and automation have improved security team effectiveness
  • 1 in 2 say that risk assessments and incident response times are faster and more accurate with AI

Vantacon 2025: How AI is rewriting trust 

On November 19, Vanta will host VantaCon 2025: How AI is Rewriting Trust, bringing together security’s brightest minds for a half-day of keynotes and panels exploring how AI is transforming trust, risk and compliance.

Speakers including Alex Stamos, CSO at Corridor & Professor at Stanford, Former Chief of Security at Facebook; Jason Clinton, CISO, Anthropic; Jason Priest, VP, Security / CISO, 1Password; Mandy Matthew Lead Security Risk Program Manager, Duolingo and Andrew Becherer, CISO, Sublime Security. 

To learn more, visit https://www.vanta.com/vantacon

Methodology
In July 2025, quantitative research conducted by Sapio Research was commissioned by Vanta to understand the challenges and opportunities businesses are facing when it comes to security and trust management. Vanta and Sapio Research co-designed the questionnaire and surveyed the behaviors and attitudes of 3,500 business and IT leaders across the U.S., UK, France, Germany and Australia. 

For consistency with prior years’ analyses, the data presented here and in the global report reflects a subset of 2,500 respondents from the U.S., U.K., and Australia. Tracking data from the 2024 State of Trust Report has also been included, sample sizes in 2024 were 1,000 in the UK and U.S. and 500 in Australia.

Leave a comment »

Polygraf AI Closes $9.5M Funding to Scale Its Secure AI Solutions for Enterprise Defense and Intelligence

Posted in Commentary with tags on October 29, 2025 by itnerd

Polygraf AI, based in Austin, Texas, announced the closing of their $9.5M seed round led by Allegis Capital and participation from Alumni Ventures, DataPower VC, Domino Ventures and previous investors to accelerate their mission to bring clarity and trust to enterprise AI. The latest round of funding will fuel product expansion, R&D, and go-to-market efforts focused on enterprise, defense and intelligence sectors. This investment in Polygraf AI comes at a critical moment for AI and cybersecurity intersection as high-stakes environments are leaving black-box AI solutions in-search for on-prem, explainable and auditable AI tools.

Technology pioneer Yagub Rahimov, co-founder and CEO of Polygraf AI, announced the company’s new funding today at the Techcrunch Disrupt in San Francisco to an audience of investors, business leaders, startup-founders and AI innovators.

As enterprises accelerate AI adoption to automate workflows, organizations face unprecedented risks from data leakage, shadow AI operations, deepfakes, and other synthetic threats. Polygraf’s proprietary Small Language Models (SLMs) offer an innovative multi-dimensional AI Security layer, one that protects not only data, but also the integrity of decisions, communications, and content produced by AI systems. Gartner, Inc. predicts that by 2027, organizations will implement small, task-specific AI models, with usage volume at least three times more than those of general-purpose large language models (LLMs).

Over the past year, Polygraf AI has experienced rapid growth across defense, financial services, insurance and healthcare niches, where data privacy and compliance are paramount. Running on as little compute power as 8Gb Ram and 1.3 Ghz CPU, Polygraf’s locally deployed AI modules have been credited with reducing deepfake fraud attempts, exposing insider risks, and providing actionable intelligence in mission-critical environments.

Polygraf’s innovations have been recognized by major industry events and media. In 2025, Polygraf AI was named Best in Show at SXSWBest Insurtech/Fintech at Summerfest Tech, and recognized as the Top AI & Data Product by Products That Count. The company was also recently selected as one of the Top 10 Cybersecurity Startups at TechCrunch’s 2025 Battlefield 200, joining the ranks of the world’s most promising early-stage innovators

Security and compliance teams face growing regulatory pressure and a major increase in AI-driven attacks; Polygraf AI addresses these challenges with its proprietary SLM stack. These SLMs not only detect risks but also explain their decisions, support compliance audits, and align with strict data-sovereignty requirements. With this funding round, the company aims to expand their MSP (Managed Services Providers) & SI (System Integrators) base and to bring SLM’s to more enterprises.

Leave a comment »

Akira Ransomware Group Takes Credit For Pwning 8K Technologies

Posted in Commentary with tags on October 29, 2025 by itnerd

A ransomware group called Akira today took credit for a September 2025 data breach at BK Technologies, a manufacturer of wireless communication devices for police, military, and government agencies.

Commenting on this is Rebecca Moody, Head of Data Research at Comparitech

“Akira is one of this year’s most dominant ransomware strains with over 550 claims to date. We have confirmed 55 of these attacks and nine of these are also on US manufacturers. Across these nine attacks, seven of the companies involved have reported data breaches. This highlights how Akira not only seeks to encrypt systems but is doubling up on its chances of securing a ransom by also stealing data. 

In the case of BK Technologies, we know disruption was minimal but that key data (including that of former and current employees) has been breached. We don’t yet know how many people have been impacted in this breach but anyone potentially impacted should be on high alert for any potential phishing messages and should monitor their accounts for any unauthorized activity.”

Akira is one of a number of ransomware groups that seems to be out there claiming victims left and right. This illustrates why you need to make sure that you’re not the next victim.

Leave a comment »

SecureW2 Advances Continuous Trust Enforcement with New Security Integrations

Posted in Commentary with tags on October 29, 2025 by itnerd

SecureW2 today announced product enhancements that strengthen how identity, device, and risk signals govern certificate issuance and access decisions. New integrations with leading security and MDM platforms give organizations greater control through real-time, condition-aware policies.

The update introduces support for SentinelOne telemetry, joining a growing ecosystem of real-time intelligence sources, including CrowdStrike, Palo Alto Networks, and Microsoft Defender. These integrations power SecureW2’s policy engine, enabling enforcement based on verified identity, device posture, and risk context.

Key Enhancements Include:

  • SentinelOne: SecureW2 now ingests risk signals from SentinelOne’s device telemetry. The platform supports 76 attributes, with 10 used by default to calculate device risk scores categorized as low, medium, high, or critical. Indicators like malware, privilege escalation, and zero-day activity adjust a device’s trust profile in real time, allowing SecureW2 to block, delay, or issue certificates based on policy.
  • Jamf School: Jamf School integration advances from generic SCEP to a full API-based model. Real-time lookups validate device supervision, management, and group membership using attributes like isManaged and isSupervised. Devices are matched by serial number, enabling granular control over certificate issuance in Apple-first environments.
  • Microsoft Entra ID: User risk scores from Microsoft Entra ID can now drive enrollment and authentication policies. These scores reflect behavior anomalies, phishing exposure, and compliance gaps. Organizations can respond to elevated user risk with certificate-level controls, enabling earlier, automated enforcement.

SecureW2’s JoinNow Platform applies these inputs across three strategic layers: pre-certificate issuance validation, live enforcement through Adaptive Defense, and post-issuance integrity. This defense-in-depth framework ensures trust is verified before access is granted, then continuously evaluated and enforced throughout the life of the certificate. If conditions change or anomalies are detected, the system responds automatically based on defined policy.

The release also includes enhanced ACME protocol support with a dual-verification requirement that combines organizational identity with domain control. This added rigor ensures certificates are issued only when both conditions are validated. The process is powered by a real-time intelligence engine that analyzes security signals before issuance and continuously monitors trust throughout the certificate lifecycle. Read more about this release at SecureW2’s blog.

More info here: https://www.securew2.com/blog/adaptive-defense-identity-device-risk-signals

Leave a comment »

Leaseweb Expands GPU Acceleration in Public Cloud with NVIDIA L4 to U.S. and Canada

Posted in Commentary with tags on October 28, 2025 by itnerd

 Leaseweb today announced the availability of NVIDIA L4 GPUs in its Public Cloud platform in the United States and Canada. Already available in Europe, this marks the expansion of GPU acceleration to Leaseweb’s sovereign cloud infrastructure across North America, extending its AI-ready cloud beyond dedicated servers and empowering organizations to run demanding workloads with greater performance, as well as more flexibility and cost efficiency.

The NVIDIA L4 is a versatile GPU that accelerates processing for AI inference, machine learning (ML), video rendering, graphics, and virtual desktop infrastructure (VDI). By introducing L4 GPUs across its North American public cloud, Leaseweb enables customers to scale their GPU usage as needed for variable or short-term projects, while continuing to offer transparent pricing and flexible pay-per-use billing models.

Customers can choose instances with between one and four GPUs, paired with multiple CPU and disk configurations. With 99.99 percent availability and no vendor lock-in, Leaseweb’s GPU-enabled public cloud gives businesses the ability to scale usage on demand – offering a familiar instance structure at a cost that Leaseweb estimates to be up to 30 percent lower than comparable hyperscaler solutions.

Leaseweb Canada will showcase its new NVIDIA L4 GPU-powered public cloud capabilities at SAAS NORTH 2025, taking place November 5–6 at the Rogers Centre in Ottawa, Canada. As Canada’s premier SaaS event – where the fastest-growing SaaS founders, executives, investors, and innovators come to learn, connect, and scale – SAAS NORTH offers the perfect stage to demonstrate how Leaseweb is delivering sovereign, high-performance AI infrastructure built for Canadian innovators. Attendees can meet the Leaseweb team in Booth #C150.

Leave a comment »

Cobalt Helps Organizations Embed Security Into Operations and Reduce Risk Faster

Posted in Commentary with tags on October 28, 2025 by itnerd

Cobalt has undergone a large-scale expansion of its Cobalt Offensive Security Platform to transform offensive security from ad-hoc tests into a continuous, centrally managed program. The human led, AI-powered platform provides the visibility, control, and efficiency needed to secure organizations—from code to company—at scale.

According to the 2025 Gartner® Innovation Insight: Penetration Testing as a Service report, “by 2029, organizations adopting PTaaS will perform penetration testing up to five times more frequently than those relying solely on traditional methods.” 1

Traditional pentesting is fundamentally slow and inflexible, relying on fixed scopes and delivering findings via static PDFs long after testing concludes. This leaves development teams operating in the dark and provides only a point-in-time snapshot, lacking the scale and strategic value modern enterprises demand. This limitation is precisely why Cobalt built the Cobalt Platform: to replace the legacy model with a unified, strategic, and continuous offensive security program.

Cobalt helps organizations transform their pentesting program from a series of manual, disconnected tests into a single, optimized program. It provides the enterprise-grade controls, automation, and visibility businesses need to centralize their offensive security, from initial setup to final reporting. It includes:

  • Pentest Planning and Calendar View: Efficiently schedules pentests to align with each company’s needs, providing the ability to plan the assets they want to test and when.
  • Integrations: Seamlessly integrates with existing workflows. The native integrations or workflow builder automatically connects with 50+ tools.
  • Ability to Create and Manage In-House Pentests: Organizations can launch and manage in-house pentests within the Cobalt Platform. They can set up a pentest, invite their own pentesters, and analyze results in one place.
  • Insights and Benchmarks: Tracks progress over time, benchmarks against peers, and identifies actionable steps to strengthen security posture.

Leave a comment »

Hammerspace Unveils AI Data Platform Solution to Transform Enterprise Data for the Agentic AI Anywhere Era  

Posted in Commentary with tags on October 28, 2025 by itnerd

Hammerspace, the high-performance data platform for AI Anywhere, today unveiled its solution designed to streamline enterprise data access for agentic AI applications. Aligned with the NVIDIA AI Data Platform reference design, this innovative new solution eliminates the need for costly infrastructure overhauls or new storage silos, enabling enterprises to seamlessly harness their existing data for accelerated AI computing. 

Hammerspace — a member of the NVIDIA Inception program — unifies unstructured enterprise data across diverse storage architectures, geographies, and protocols, enabling organizations to convert raw data into AI-ready intelligence with unprecedented speed. By leveraging existing infrastructure and scaling seamlessly with growing needs, the platform delivers a robust foundation for Retrieval-Augmented Generation (RAG), complex agentic workflows, and the emerging era of physical AI. With Hammerspace, enterprises achieve AI-driven outcomes faster, driving innovation and competitive advantage. 

Simplify the Data Estate Without Adding Another Storage Silo  

Traditional AI storage infrastructure requires moving or duplicating massive datasets to specialized silos, creating fragmentation between users, applications, and storage systems.  Hammerspace eliminates this challenge by providing a single global namespace that spans on-premises and cloud resources.  

Using Hammerspace’s automated data objectives and tight integration with AI agents, data is intelligently tagged, tiered, and placed in the right location at the right time — optimizing both performance and cost. This automation ensures that training and inference workloads always have immediate access to the data they need, without manual data movement or complex integration layers, enhancing and accelerating AI queries.  

Multi-protocol support for pNFS, NFS, SMB, and S3, with POSIX-compliant file access, ensures compatibility with existing enterprise applications, while maintaining instant access for users and AI systems alike.  

Accelerate and Transform Enterprise Data for the Agentic Era  

The Hammerspace Data Platform leverages the NVIDIA AI Enterprise software platform and integrates with NVIDIA accelerated computing and NVIDIA networking to deliver unmatched performance and scalability:   

At the core of the architecture, Hammerspace Tier 0 delivers better than line-rate performance by unifying NVMe inside GPU nodes to accelerate processing and maximize resource utilization. The integrated Milvus vector database and Model Context Protocol (MCP) services transform unstructured enterprise data into searchable embeddings and create seamless agents and business data. This combination enables real-time access, reasoning, and retrieval for AI agents operating across the enterprise data estate.  

Streamlined and Scalable AI Data Platform Packaging  

The Hammerspace Data Platform for AI Anywhere is delivered as a validated, easy-to-deploy solution aligned with the NVIDIA AI Data Platform reference design. It enables customers to begin with a small, project-based configuration and scale linearly as AI workloads expand.  

  • Start small: Validate AI initiatives and pilot projects.  
  • Scale linearly: Expand seamlessly to multi-site or global architectures.  
  • Channel-first: Available exclusively through strategic Hammerspace channel partners, ensuring enterprise-class deployment, support, and lifecycle services.  

Availability

The Hammerspace reference design for the NVIDIA AI Data Platform will be showcased at NVIDIA GTC in Washington, D.C. and will be available through authorized Hammerspace partners in late 2025.  

To learn more:  

Leave a comment »

NordStellar introduces brand protection to help companies combat fraud and impersonation at large

Posted in Commentary with tags on October 28, 2025 by itnerd

Bad actors use fraud and impersonation tactics to trick customers into handing over their money or sensitive data while posing as trusted brands. NordStellar has introduced its new brand protection service that monitors the web, social media, and app stores for fraudulent activity, providing brands with actionable insights into fraud and impersonation cases to safeguard their reputation and protect their customers.

Earlier this year, NordStellar introduced its cybersquatting detection feature to help companies combat bad actors that use fake domain names to profit from trademarks belonging to legitimate businesses. The brand protection service takes it a step further by monitoring the publicly available internet to detect fraudulent websites and phishing sites, fake profiles and impersonators on social media platforms, as well as cloned or malicious apps on app stores. Once an incident of fraud or impersonation is detected, NordStellar initiates takedown processes to remove the threats.

How it works:

  • Continuously monitors the web, social media, and app stores for any fraudulent activity.
  • Analyzes the available data to detect anomalies, suspicious activity, or inputs from unauthorized sources.
  • Initiates takedown processes for detected fake websites, social media scams, app store counterfeits, and other forms of brand abuse.
  • Offers detailed monthly performance reports that provide businesses with a complete summary of all detected, resolved, and removed threats.

The brand protection service is now available to all NordStellar users. More information here.

Leave a comment »

Nikon Releases Firmware Version 3.00 for the Nikon Z f

Posted in Commentary with tags on October 28, 2025 by itnerd

Today, Nikon Canada Inc. announced the release of firmware version 3.00 for the full-frame/FX-format Z f camera. This latest firmware update adds the new in-camera Film Grain feature, perfectly complementing the camera’s iconic heritage design. This update is available at no cost for users of both the original Nikon Z f and new silver edition Z f. 

The new Film Grain feature adds a natural-looking grain effect to photos and videos with image processing in the camera, simulating the fun feel and vibe of shooting with an analogue film camera. This feature is customizable, letting the user fine-tune the size and intensity of the grain, while the appearance of grain changes with each shot for a truly unique aesthetic in every frame. This feature can also be used in combination with Imaging Recipes from Nikon Imaging Cloud as well as in-camera Picture Controls to create a distinct feel.

There are more than 20 additional upgrades and enhancements in this firmware. Focusing and composing is easier when using manual focus with either NIKKOR Z or legacy NIKKOR lenses with enhancements to peaking and gridlines. Additional improvements to operability and functionality support creators with the overall shooting and workflow experience.

Nikon has simplified firmware updates with the Nikon Imaging Cloud. With your Nikon Z f connected to this free service, your camera can automatically retrieve and install firmware updates from the cloud, with no computer or memory cards needed. Nikon Imaging Cloud also gives you access to a world of Imaging Recipes, which are custom-curated colour presets that can be used in camera, and in conjunction with the new Film Grain feature. Learn more about Nikon Imaging Cloud here and sign up for free.

Film Grain feature for unique imaging expression

  • The Film Grain feature allows users to enjoy a film-like feel by adding a grainy effect to photos and videos with image processing. Users will be able to achieve more creative imaging expression in accordance with the scene and their intent by adjusting grain size (3 options) and intensity (6 options). As there is no pattern to the combinations of grain position and shape, the grain effect appears differently with each shot, enabling a unique, film-like shooting experience. In addition, combining this feature with free downloadable Imaging Recipes allows users to easily create unique effects with a simple press of the shutter-release button.

Equipped with features that enable more accurate focusing and framing

  • An [Only during zoom] option has been added to [Focus peaking]. When selected, focus peaking is displayed only when enlarging the view for more precise manual focusing, and peaking is not displayed at other times. This makes it easier to check both your focus and composition. What’s more, a [Maximum aperture Lv] item that makes it easier to determine the focus peak with manual focusing has been added. New [Grid type] options, [4:3] for still-image live view and [9:16] for video live view, have also been added. These enable you to capture scenes with the ideal composition for social media use.

Other functions

  • An [Automatic monitor display switch] item has been added. Selecting the [On (when monitor docked)] option prevents unintentional eye-sensor activation of the viewfinder by fingers, body, or straps when the vari-angle monitor is open, allowing for a more comfortable shooting experience.
  • The electronic shutter sound can be turned on for high-speed frame capture + and Pixel Shift shooting.
  • The [Record camera orientation] feature now includes a [Video] option, allowing videos recorded in portrait orientation to be played back and edited in portrait orientation on the importing device.
  • The registration flow of Imaging Recipes in Nikon Imaging Cloud has been simplified with an automatic confirmation dialog on the camera monitor.

For more information about the latest Nikon products, including the wide collection of NIKKOR Z lenses and the entire line of Z series cameras, please visit www.nikon.ca.

Leave a comment »

« Older Entries
Newer Entries »