Latest news with #CyberNewsWire
Business Insider
7 days ago
- Business
- Business Insider
AccuKnox Named Top AI Security Startup at Security BSides Bangalore 2025
Menlo Park, United States, July 21st, 2025, CyberNewsWire 'Innovator and Leader in AI Security' AccuKnox was given the #1 AI Security Startup of 2025 Award by EmergeX: Unveiling Innovation at the influential BSides Bangalore Cybersecurity Conference in Bangalore. AccuKnox presented its Agentic AI runtime security solution. The competition judges were very accomplished CyberSecurity leaders and voted AccuKnox as the leading innovator. The unique and highly differentiated innovation in the area of AI Agentic Security positions AccuKnox ahead of established industry incumbents in addressing a vexing problem in AI Technology Adoption. The recognition positions AccuKnox as the platform leader and innovator poised ahead of established incumbents who offer legacy/pathwork solutions to this complex problem. AccuKnox presented clear user problems when it comes to security issues faced by users wanting to deploy Agentic AI solutions, such as: Automated Red Teaming to understand the LLM guardrails posture Providing visibility into AI pipelines and helping users to identify Shadow AI Securing untrusted models at Runtime using AccuKnox's patented/developed Sandboxing engine Handling PredML as well as GenAI as part of the same platform Securing AI Infra, Apps, and AI Models/Datasets with full Enterprise integration options The following is a summary of the AccuKnox Agent AI solution Sandboxing Agentic AI deployments Securing datasets leveraged by RAGs and model fine-tuning Automated Red teaming of LLMs AI Security Posture Management for managed and unmanaged deployment A real-time demo was showcased that showed how Guardrails of the popular LLM (Anthropic Claude) can be bypassed by simple prompt engineering and how the AccuKnox solution could be used to prevent the attacks at the next level because of sandboxing. AccuKnox AI Security solutions offer the following unique differentiators: During the EmergeX demo, they showcased how easy the asset onboarding process is, which immediately provides a consolidated view to the users about their AI Security Posture. The Agentic AI solution not only talks about Runtime Prompt Firewall but also about sandboxing the Agentic AI solution. There was a question from one of the judges about the licensing model. AccuKnox's licensing model is based on the number of deployed models, which is easy to quantify. AccuKnox presentation at BSides Bangalore can be viewed here Supporting Quotes " Agentic AI isn't just about automation—it's about intelligent delegation. In a world overwhelmed by complexity, it marks the rise of proactive digital partners that think, plan, and act alongside us", Golan Ben-Oni, CIO, IDT Telecom Congratulations to the AccuKnox team for winning the EmergeX: Unveiling Innovation contest! Your demonstration of cutting-edge AI-driven security solutions showcases the transformative potential of agentic AI across the industry,' said Sujatha Yakasiri, Founder - Security BSides Bangalore and W3-CS (Worldwide Women in Cybersecurity) ' AccuKnox's win at BSides Bangalore is more than a trophy—it's a validation of years of deep research, customer obsession, and fearless innovation. As enterprise buyers shift from bulky, outdated tools to nimble, AI-enhanced platforms, AccuKnox stands at the forefront of this wave. We didn't build this for awards—we built it for the enterprise teams stuck with legacy tech that's failing them,' said Rahul Jadav, co-founder, CTO, AccuKnox. 'Winning EmergeX is incredible validation, but we derive immense satisfaction from the fact that clients can adopt AI-technology and deliver shareholder value and do it most safely and securely.' AccuKnox is a next-generation CNAPP and Zero Trust security platform purpose-built for the cloud-native era. With its roots in open source and research from Stanford, AccuKnox delivers AI-enhanced detection, automated remediation, and seamless policy enforcement to secure enterprise workloads across Kubernetes, VMs, and multi-cloud environments. Contact
Business Insider
10-07-2025
- Business
- Business Insider
INE Security Launches Enhanced eMAPT Certification
Cary, North Carolina, July 10th, 2025, CyberNewsWire Industry's Most Comprehensive Mobile Application Penetration Testing Program Addresses Real-World Mobile Security Challenges. INE Security, a leading provider of cybersecurity education and cybersecurity certifications, today launched its significantly enhanced eMAPT (Mobile Application Penetration Testing) certification. The updated certification delivers the industry's most comprehensive and practical approach to mobile application security testing. CSO Magazine recently recognized eMAPT among the Top 16 OffSec, pen-testing, and ethical hacking certifications for 2025, noting that the eMAPT certifications "offer hands-on training and up-to-date curricula, equipping offensive security professionals with their choice of specialized or broad skill credentialing." The publication specifically highlighted eMAPT as the only certification to focus on mobile application penetration testing among all cybersecurity certifications reviewed. "The enhanced eMAPT certification delivers exactly what pentester professionals need in today's mobile security landscape," said Dara Warn, CEO of INE Security. "The certification training focuses on sophisticated analysis techniques, runtime protection bypasses, and effective communication with development teams. With the enhanced eMAPT, we've built a certification that teaches practical skills while maintaining the technical rigor that advanced mobile security work demands." Mobile Security Skills Gap Threatens Organizations Mobile applications handle financial transactions, healthcare data, and critical business operations, creating an exponentially expanded attack surface. Organizations need security professionals who can think like attackers while understanding the business context of their findings. The enhanced eMAPT certification produces professionals who deliver both technical expertise and clear communication, whether they explain SSL pinning bypasses to development teams or document OWASP MASVS compliance for executives. Dual-Exam Format Validates Real-World Skills The enhanced eMAPT certification features an innovative dual-exam approach that validates both conceptual understanding and practical application. This comprehensive assessment ensures certified professionals have the theoretical knowledge and hands-on abilities to secure mobile applications effectively in professional environments. The enhanced certification delivers: Comprehensive iOS and Android Coverage: Training now covers both major mobile platforms with equal depth and focus Hands-on, Lab-Based Training: Candidates gain practical experience through real-world mobile application testing scenarios Professional-Level Validation: Certification validates knowledge and skills required for professional mobile application penetration testing roles Advanced Technical Skills: Curriculum includes mobile application fuzzing, reverse engineering, and malware analysis Industry Framework Integration: Assessments map to OWASP MASVS, MTTG, and PTES methodologies Business-Ready Communication: Training emphasizes vulnerability documentation and stakeholder reporting Seven Critical Domains Target Real Security Challenges The enhanced eMAPT certification covers seven essential knowledge domains that reflect actual penetration testing workflows: Mobile Application Security Foundations (10%) - Core principles and architectural security concepts Threat Modeling and Attacker Mindset (10%) - Structured assessment methodologies and threat analysis Reconnaissance and Static Analysis (20%) - Advanced binary analysis and code inspection techniques Dynamic Testing and Runtime Manipulation (20%) - Live app testing and security bypass methods API and Backend Security Testing (15%) - Authentication, authorization, and API vulnerability assessment Reverse Engineering & Code Deobfuscation (10%) - Binary analysis and custom tool development Mobile Malware Analysis (10%) - APT campaigns and evasion technique analysis Reporting and Communication (5%) - Documentation and stakeholder engagement Target Audience Spans Multiple Security Disciplines The enhanced eMAPT certification targets intermediate-level cybersecurity professionals across multiple specializations. Pentester professionals gain mobile-specific expertise to expand service offerings. Mobile application security analysts learn to recognize attack patterns and improve incident response. Developers building secure apps gain attacker perspectives to identify flaws during development. Red team operators master mobile attack vectors for comprehensive adversary simulation. Cybersecurity consultants develop hands-on skills for client guidance. Malware analysts acquire mobile-specific reverse engineering capabilities. 'The eMAPT establishes the gold standard for mobile application penetration testing certification,' said Warn. 'While other mobile web application certifications cover some aspects, eMAPT addresses the specific needs of mobile application penetration testing with unmatched depth and practical focus. The certification covers advanced techniques like mobile malware analysis and custom deobfuscation tool development – skills that become increasingly valuable as mobile threats grow more sophisticated.' Immediate Availability with Launch Promotion The enhanced eMAPT certification is available immediately at The corresponding learning path includes comprehensive training materials, hands-on lab environments, and access to an industry-leading mobile security testing tool. It is available with a Premium subscription. Through August 6, 2025, INE Security is offering special launch pricing for early adopters of the enhanced eMAPT certification. About INE Security: INE Security is the award-winning premier provider of online networking and cybersecurity training and certification. Harnessing a powerful hands-on lab platform, cutting-edge technology, a global video distribution network, and world-class instructors, INE is the top training choice for Fortune 500 companies worldwide for cybersecurity training in business and for IT professionals looking to advance their careers. INE's suite of learning paths offers an incomparable depth of expertise across cybersecurity and is committed to delivering advanced technical training while also lowering the barriers worldwide for those looking to enter and excel in an IT career. Contact
Business Insider
30-06-2025
- Business
- Business Insider
SquareX Reveals that Employees are No Longer the Weakest Link, Browser AI Agents Are
Palo Alto, California, June 30th, 2025, CyberNewsWire Every security practitioner knows that employees are the weakest link in an organization, but this is no longer the case. SquareX's research reveals that Browser AI Agents are more likely to fall prey to cyberattacks than employees, making them the new weakest link that enterprise security teams need to look out for. Browser AI Agents are software applications that act on behalf of users to access and interact with web content. Users can instruct these agents to automate browser-based tasks such as flight bookings, scheduling meetings, sending emails, and even simple research tasks. The productivity gains that Browser AI Agents provide make them an extremely compelling tool for employees and organizations alike. Indeed, a survey from PWC found that 79% of organizations have already adopted browser agents today. Yet, Browser AI Agents expose organizations to a massive security risk. These agents are trained to complete the tasks they are instructed to do, with little to no understanding of the security implications of their actions. Unlike human employees, Browser AI Agents are not subject to regular security awareness training. They cannot recognize visual warning signs like suspicious URLs, excessive permission requests, or unusual website designs that typically alert employees of a malicious site. Consequently, Browser AI Agents are more likely to fall prey to browser-based attacks than even a regular employee. Even if it is possible for users to add these guardrails, the overhead required to extensively write the security risk of every task performed by the agent in every prompt would probably outweigh the productivity gains. More importantly, employees using Browser AI Agents are unlikely to have enough security expertise to be able to write such a prompt in the first place. With the popular open-source Browser Use framework used by thousands of organizations, SquareX demonstrated how the Browser AI Agent, instructed to find and register for a file-sharing tool, succumbed to an OAuth attack. In the process of completing its task, it granted a malicious app complete access to the user's email despite multiple suspicious signals - irrelevant permissions, unfamiliar brands, suspicious URLs - that likely would have stopped most employees from granting these permissions. In other scenarios, these agents might expose the user's credit card information to a phishing site while trying to purchase groceries or disclose sensitive data when responding to emails from an impersonation attack. Unfortunately, neither browsers nor traditional security tools can differentiate between actions performed by users and these agents. Thus, it is critical for enterprises working with Browser AI Agents to provide browser-native guardrails that will prevent agents and employees alike from falling prey to these attacks. Vivek Ramachandran, Founder & CEO of SquareX, warns, 'The arrival of Browser AI Agents have dethroned employees as the weakest link within organizations. Optimistically, these agents have the security awareness of an average employee, making them vulnerable to even the most basic attacks, let alone bleeding-edge ones. Critically, these Browser AI Agents are running on behalf of the user, with the same privilege level to access enterprise resources. Until the day browsers develop native guardrails for Browser AI Agents, enterprises must incorporate browser-native solutions like Browser Detection and Response to prevent these agents from being tricked into performing malicious tasks. Eventually, the new generation of identity and access management tools will also have to take into account Browser AI Agent identities to implement granular access controls on agentic workflows.' To learn more about this security research, users can visit . SquareX's research team is also holding a webinar on July 11, 10am PT/1pm ET to dive deeper into the research findings. To register, users can click here. About SquareX SquareX's browser extension turns any browser on any device into an enterprise-grade secure browser. SquareX's industry-first Browser Detection and Response (BDR) solution empowers organizations to proactively detect, mitigate, and threat-hunt client-side web attacks, including malicious browser extensions, advanced spearphishing, browser-native ransomware, genAI DLP, and more. Unlike legacy security approaches and cumbersome enterprise browsers, SquareX seamlessly integrates with users' existing consumer browsers, ensuring enhanced security without compromising user experience or productivity. By delivering unparalleled visibility and control directly within the browser, SquareX enables security leaders to reduce their attack surface, gain actionable intelligence, and strengthen their enterprise cybersecurity posture against the newest threat vector - the browser. Find out more on Contact
Business Insider
23-06-2025
- Business
- Business Insider
Speaker Proposal Deadline Approaches for OpenSSL Conference 2025 in Prague
Newark, United States, June 23rd, 2025, CyberNewsWire The OpenSSL Corporation and the OpenSSL Foundation are issuing a final call for speaker proposals for the inaugural OpenSSL Conference 2025, taking place October 7–9, 2025, at the Vienna House by Wyndham Diplomat Prague. With just 7 days remaining until the submission deadline of June 30, 2025, the organisers invite global contributors from academia, industry, and the open-source community to submit their proposals and help shape the agenda of this landmark event. A Global Stage for Cryptography Innovation The OpenSSL Conference 2025 will bring together a global community of cryptography experts, developers, legal professionals, security researchers, and open-source contributors for three days of focused discussion and exchange. The conference program is structured around four key tracks: The organisers are seeking original research, case studies, and practical insights that push boundaries and inspire new thinking across cryptographic domains. Esteemed Speakers Already Confirmed: Rob Duhart, Senior VP, Oracle Cloud Infrastructure Krishna Narayanaswamy, Founder & CTO, Netskope Peter Schmidberger and Dragan Zuvic, Mercedes-Benz Tech Innovation Jason Lawlor, President, Lightship Security Inc. Hayden Delaney, Partner, Thomson Geer Lawyers Stephen Farrell, Researcher, Trinity College Dublin Tanja Lange, Professor, Eindhoven University of Technology The OpenSSL Conference 2025 promises a premier platform for advancing open standards, securing critical infrastructure, and fostering dialogue among the world's leading cryptographic minds. Proposals slould be submitted by June 30, 2025 Interested speakers can submit proposals and review detailed submission guidelines at: Partnership & Sponsorship Opportunities The OpenSSL Conference also offers customisable sponsorship and partnership packages designed to deliver value through thought leadership, brand visibility, and direct access to a technically influential audience. Organisations of all sizes are encouraged to explore how they can participate meaningfully in this foundational event. For sponsorship inquiries or assistance, users can contact: info@ About The OpenSSL Corporation The OpenSSL Corporation is a global leader in cryptographic solutions, specializing in developing and maintaining the OpenSSL Library – an essential tool for secure digital communications. The OpenSSL Corporation provides a range of services tailored to assist businesses of all sizes to ensure the secure and efficient implementation of OpenSSL solutions. The OpenSSL Corporation also supports projects aligned with its Mission and Values by providing infrastructure, resources, expert advice, and engagement through advisory committees, particularly in the commercial sector. Collaboration among these projects fosters innovation, enhances security standards, and effectively addresses common challenges, benefiting all our communities. Contact MarCom Mgr.
