The post Life in the Swimlane with Chris Mallow, Partner Solutions Architect appeared first on AI Security Automation.
The post Life in the Swimlane with Chris Mallow, Partner Solutions Architect appeared first on Security Boulevard.
Session 13D: Software Security: Code and Compiler
Authors, Creators & Presenters: Ruishi Li (National University of Singapore), Bo Wang (National University of Singapore), Tianyu Li (National University of Singapore), Prateek Saxena (National University of Singapore), Ashish Kundu (Cisco Research)
PAPER
Translating C To Rust: Lessons From A User Study
Rust aims to offer full memory safety for programs, a guarantee that untamed C programs do not enjoy. How difficult is it to translate existing C code to Rust? To get a complementary view from that of automatic C to Rust translators, we report on a user study asking humans to translate real-world C programs to Rust. Our participants are able to produce safe Rust translations, whereas state-of-the-art automatic tools are not able to do so. Our analysis highlights that the high-level strategy taken by users departs significantly from those of automatic tools we study. We also find that users often choose zero-cost (static) abstractions for temporal safety, which addresses a predominant component of runtime costs in other full memory safety defenses. User-provided translations showcase a rich landscape of specialized strategies to translate the same C program in different ways to safe Rust, which future automatic translators can consider.
ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.
Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the Organizations' YouTube Channel.
The post NDSS 2025 – Translating C To Rust: Lessons From A User Study appeared first on Security Boulevard.
Explore how AI-driven behavioral heuristics and post-quantum security protect Model Context Protocol (MCP) deployments from advanced AI-age threats.
The post AI-Driven Behavioral Heuristics for Quantum-Era Threat Detection appeared first on Security Boulevard.
The cybersecurity market was jolted last week after Anthropic dropped a bombshell announcement. The company’s new AI Claude model identified 500 previously unknown high-risk vulnerabilities hidden in widely used software. That is not a minor milestone. It is a technically significant achievement and a clear demonstration of how quickly AI capabilities are advancing.
What came next was just as dramatic as the markets responded almost immediately. Shares of several major cybersecurity firms plunged, with some posting double-digit declines within hours of the news. Investors reacted as though Anthropic’s breakthrough meant the displacement of commercial security tools and services as we know them.
The short answer is no. AI is not replacing cybersecurity vendors. It’s simply making them more capable.
AI is an extraordinarily capable tool. In this case, it was tasked with identifying vulnerabilities in software code and performed impressively. However, vulnerability discovery represents only one segment of a much broader and more complex cybersecurity ecosystem.
Cybersecurity vendors do far more than scan for weaknesses in code. They design and maintain extensive suite of interconnected product portfolios that integrate detection, prevention, response, analytics, orchestration, governance, and compliance capabilities. They operate at enterprise scale. They maintain deep relationships with enterprise clients, understand their operational constraints, and tune defenses against dynamic risks. They invest in research. They maintain global threat intelligence operations. They test and harden their solutions continuously. They work closely with customers to adapt to evolving business risks. And importantly, they incorporate disruptive innovation, such as AI, into their offerings. Their domain spans everything from threat detection and incident response to compliance, identity management, and data protection.
AI just delivered a technological wake-up call regarding vulnerability management. But most leading vendors have already been working to embed AI and ML into their products for some time.
While the stock plunge looked ominous, it’s actually signaling a healthy shift for the cybersecurity sector. Competition driven by valuable capabilities drive maturity. AI is accelerating innovation of efficiency and effectiveness.
Customers will have more freedom to choose the most capable providers rather than being bound by self-contained legacy platforms. Companies with the best ideas will earn market share through proven value, speed, and agility.
This leveling effect is what the cybersecurity industry needs. It encourages experimentation, accelerates technological maturity, and pushes all players to evolve. AI won’t destroy the cybersecurity market. It will make it stronger and more competitive.
The Anthropic announcement didn’t mark a collapse of the industry; it signaled its evolution. AI will empower developers to reduce vulnerabilities before release. It will empower attackers to identify and weaponize weaknesses faster. It will empower defenders to detect, patch, and validate more effectively. And it will empower emerging vendors to compete more directly with incumbents.
As AI flexes it powers the cybersecurity industry becomes more challenging and capable.
The cybersecurity market was jolted last week after Anthropic’s new AI Claude model identified 500 previously unknown high-risk vulnerabilities hidden in widely used software.
Shares of several major cybersecurity firms such as Palo Alto, Okta, and Crowdstrike cratered, with some posting double-digit losses!
Investors panicked in thinking this was upending cybersecurity vendors.
In reality, AI is not replacing such vendors, it will simply contribute to what they offer.
AI is a very powerful tool. It will be used by developers, attackers, and defenders to find vulnerabilities.
Anthropic’s announcement doesn’t mark the collapse of the cybersecurity industry. It is a signal of its evolution.
The post AI Shocks the Cybersecurity Market appeared first on Security Boulevard.
How Can Non-Human Identities Strengthen Cybersecurity? Are organizations truly leveraging the full potential of Non-Human Identities (NHIs) in their quest for robust cybersecurity? With cybersecurity threats continue to evolve, there’s a pressing need to adopt innovative solutions that go beyond traditional security measures. One such solution is the effective management of Non-Human Identities, especially in […]
The post Is the investment in Agentic AI justified by its cybersecurity benefits appeared first on Entro.
The post Is the investment in Agentic AI justified by its cybersecurity benefits appeared first on Security Boulevard.
The Role of Agentic AI in Modern Cybersecurity Are you exploring the future trends making waves in cybersecurity today? One transformative technology, Agentic AI, is reshaping how organizations manage Non-Human Identities (NHI) and Secrets Security Management, allowing businesses to stay ahead of potential cyber threats. Understanding Non-Human Identities Machine identities, also known as Non-Human Identities […]
The post How does Agentic AI help you stay ahead in cybersecurity appeared first on Entro.
The post How does Agentic AI help you stay ahead in cybersecurity appeared first on Security Boulevard.
What is Driving the Buzz Among Tech Leaders Over Non-Human Identities in Cybersecurity? Cybersecurity is evolving at an unprecedented pace, and amidst the dynamic shifts, Non-Human Identities (NHIs) have emerged as a pivotal component that tech leaders are increasingly excited about. The importance of NHIs extends beyond just another layer of security; it signals a […]
The post Why are tech leaders excited about NHI in cybersecurity appeared first on Entro.
The post Why are tech leaders excited about NHI in cybersecurity appeared first on Security Boulevard.
What Drives the Need for Non-Human Identity Management in Cloud-Native Security? How are organizations managing the security risks associated with non-human identities (NHIs) in their cloud environments? With digital transformation advances, the complexity and quantity of machine identities surpass human user identities. These NHIs, essentially machine identities, play an integral role in cloud-native security but […]
The post How does Agentic AI deliver value in cloud-native security appeared first on Entro.
The post How does Agentic AI deliver value in cloud-native security appeared first on Security Boulevard.
Session 13D: Software Security: Code and Compiler
Authors, Creators & Presenters: Nicolas Badoux (EPFL), Flavio Toffalini (Ruhr-Universität Bochum, EPFL), Yuseok Jeon (UNIST), Mathias Payer (EPFL)
PAPER
type++: Prohibiting Type Confusion with Inline Type Information
Type confusion, or bad casting, is a common C++ attack vector. Such vulnerabilities cause a program to interpret an object as belonging to a different type, enabling powerful attacks, like control-flow hijacking. C++ limits runtime checks to polymorphic classes because only those have inline type information. The lack of runtime type information throughout an object's lifetime makes it challenging to enforce continuous checks and thereby prevent type confusion during downcasting. Current solutions either record type information for all objects disjointly, incurring prohibitive runtime overhead, or restrict protection to a fraction of all objects. Our C++ dialect, type++, enforces the paradigm that each allocated object involved in downcasting carries type information throughout its lifetime, ensuring correctness by enabling type checks wherever and whenever necessary. As not just polymorphic objects but all objects are typed, all down-to casts can now be dynamically verified. Compared to existing solutions, our strategy greatly reduces runtime cost and enables type++ usage both during testing and as mitigation. Targeting SPEC CPU2006 and CPU2017, we compile and run 2,040 kLoC, while changing only 314 LoC. To help developers, our static analysis warns where code changes in target programs may be necessary. Running the compiled benchmarks results in negligible performance overhead (1.19% on SPEC CPU2006 and 0.82% on SPEC CPU2017) verifying a total of 90B casts (compared to 3.8B for the state-of-the-art, a 23× improvement). type++ discovers 122 type confusion issues in the SPEC CPU benchmarks among which 62 are new. Targeting Chromium, we change 229 LoC out of 35 MLoC to protect 94.6% of the classes that could be involved in downcasting vulnerabilities, while incurring only 0.98% runtime overhead compared to the baseline.
ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.
Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the Organizations' YouTube Channel.
The post NDSS 2025 – type++: Prohibiting Type Confusion With Inline Type Information appeared first on Security Boulevard.
Exploitation of a maximum severity authentication bypass zero-day vulnerability affecting Cisco Catalyst SD-WAN Controller and Manager has been reported. Immediate patching is recommended to thwart ongoing attacks.
Key takeaways:On February 25, Cisco released a security advisory (cisco-sa-sdwan-rpa-EHchtZk) to address a maximum severity severity authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller, formerly known as SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly known as SD-WAN vManage.
CVE Description CVSSv3 CVE-2026-20127 Cisco Catalyst SD-WAN Controller/Manager Authentication Bypass Vulnerability 10.0 AnalysisCVE-2026-20127 is a critical severity authentication bypass vulnerability in Cisco’s Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager. A remote, unauthenticated attacker could exploit this vulnerability by sending crafted requests to an affected system, allowing them to log into an affected device as a high-privileged user. Using this access, the attacker could modify network configurations for the SD-WAN fabric. According to the advisory, this vulnerability has been exploited in the wild in limited attacks. The advisory further clarifies that this flaw affects vulnerable versions regardless of the device's configuration and no workaround steps are available, however temporary mitigation guidance is available in the security advisory.
CISA releases an Emergency Directive for CVE-2026-20127
Coinciding with the release of the security advisory for CVE-2026-20127, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released emergency directive (ED) 26-03 titled Mitigate Vulnerabilities in Cisco SD-WAN Systems. The ED directs Federal Civilian Executive Branch (FCEB) agencies to take immediate action to identify any Cisco Software-Defined Wide-Area Networking (SD-WAN) systems. The ED notes that CVE-2026-20127 and CVE-2022-20775, a path traversal vulnerability affecting SD-WAN devices, pose imminent risk to federal networks. While the ED applies to FCEB agencies, any users who have not yet mitigated their SD-WAN devices for either of these CVEs should take immediate action as threat actors have been observed exploiting these vulnerabilities.
As ongoing exploitation has been observed, Cisco’s security advisory does include indicators of compromise which can aid defenders in identifying if their device has been compromised. Nation state-sponsored actors, including Salt Typhoon and Volt Typhoon have been known for past exploitation of Cisco devices, so it’s imperative that immediate action is taken to remediate these vulnerabilities.
In addition to CISA, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) also released an alert warning of exploitation of CVE-2026-20127. The ACSC was credited in the Cisco security advisory for reporting the flaw to Cisco and the ACSC alert also includes a threat hunting guide co-authored by multiple agencies including CISA, the National Security Agency (NSA), the Canadian Centre for Cyber Security (Cyber Centre), the New Zealand National Cyber Security Centre (NCSC-NZ) and the United Kingdom National Cyber Security Centre (NCSC-UK).
Exploitation attributed to UAT-8616
While the alerts from the government agencies and Cisco's security advisory did not provide attribution for the attacks targeting CVE-2026-20127, Cisco’s Talos threat intelligence team released a blog attributing the threat activity to UAT-8616. Cisco Talos notes that UAT-8616 is assessed “with high confidence” as “a highly sophisticated cyber threat actor.” The blog by Cisco Talos includes guidance for investigating compromised devices as well as details the exploitation activity that they have observed.
Proof of conceptAt the time this blog was published on February 25, no public proof-of-concept (PoC) exploit had been identified. We anticipate that if a PoC is released, additional attackers will begin to leverage the exploit to conduct mass scanning and exploitation against vulnerable devices.
SolutionCisco has released patches for affected versions of Cisco Catalyst SD-WAN devices as outlined in the table below:
Affected Version Fixed Version Versions prior to 20.9 Migrate to a fixed release 20.9 20.9.8.2 (Estimated to be released on February 27) 20.11 20.12.6.1 20.12.5 20.12.5.3 20.12.6 20.12.6.1 20.13 20.15.4.2 20.14 20.15.4.2 20.15 20.15.4.2 20.16 20.18.2.1 20.18 20.18.2.1The advisory notes that versions 20.11, 20.13, 20.14, 20.16 and versions prior to 20.9 have reached their end of maintenance and customers should upgrade to a supported release.
Identifying affected systemsA list of Tenable plugins for these vulnerabilities can be found on the individual CVE pages for CVE-2026-20127 and CVE-2022-20775 as they’re released. This link will display all available plugins for these vulnerabilities, including upcoming plugins in our Plugins Pipeline.
Additionally, customers can utilize Tenable Attack Surface Management to identify public facing assets running Cisco Catalyst SD-WAN devices by using the following query: Document Title contains Cisco Catalyst SD-WAN
Get more informationJoin Tenable's Research Special Operations (RSO) Team on Tenable Connect for further discussions on the latest cyber threats.
Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.
The post CVE-2026-20127: Cisco Catalyst SD-WAN Controller/Manager Zero-Day Authentication Bypass Vulnerability Exploited in the Wild appeared first on Security Boulevard.
AttackIQ has released a new attack graph that emulates the behaviors exhibited by BlackByte ransomware, a strain operated under the Ransomware-as-a-Service (RaaS) model that emerged in July 2021. Since its emergence, BlackByte has targeted organizations worldwide, including entities within U.S. critical infrastructure sectors such as Government, Financial Services, Manufacturing, and Energy.
The post Emulating the Mutative BlackByte Ransomware appeared first on AttackIQ.
The post Emulating the Mutative BlackByte Ransomware appeared first on Security Boulevard.
Tonic.ai is thrilled to join the Microsoft for Startups Pegasus Program. We're bringing our privacy-compliant synthetic data solutions to Microsoft Azure customers.
The post Tonic.ai + Microsoft: Accelerating AI adoption with privacy-compliant synthetic data appeared first on Security Boulevard.
Announcing the Fabricate Data Agent, synthetic data generation via agentic AI. Plus, Structural's Custom Categorical is now AI-assisted, and Model-based Custom Entities are coming to Textual!
The post Tonic.ai product updates: October 2025 appeared first on Security Boulevard.
Informatica has long been a dominant force in enterprise data management. But the landscape is changing. Learn how its shift to cloud-only impacts its viability as a test data management tool.
The post Informatica Test Data Management pros and cons: a complete guide appeared first on Security Boulevard.
A Solutions Architect explores the harsh realities of de-identifying sensitive data by creating custom scripts, including the questions and complexities that arise along the way.
The post Data masking: DIY internal scripts or time to buy? appeared first on Security Boulevard.
via the comic artistry and dry wit of Randall Munroe, creator of XKCD
The post Randall Munroe’s XKCD ‘Chemical Formula’ appeared first on Security Boulevard.
We all know the old “castle and moat” approach to network security is failing. BlackFog CEO Darren Williams sat down with Alan Shimel to talk about why traditional data loss prevention (DLP) struggles in today’s hybrid environments. The reality is that legacy DLP requires far too much manual data classification and relies on a network..
The post Beyond the Perimeter: Anti Data Exfiltration is the New Cybersecurity Standard appeared first on Security Boulevard.
ALISA VIEJO, Calif., Feb. 25, 2026, CyberNewswire—One Identity, a trusted leader in identity security, today announced the appointment of Michael Henricks as Chief Financial and Operating Officer.
This decision reflects the continued growth of the business and a … (more…)
The post News alert: One Identity fills CFO-COO role to strengthen operating discipline amid expansion first appeared on The Last Watchdog.
The post News alert: One Identity fills CFO-COO role to strengthen operating discipline amid expansion appeared first on Security Boulevard.
An analysis of cybersecurity attacks published today by the X-Force arm of IBM finds there was a 44% increase in the exploitation of public-facing applications in 2025. More troubling still, out of the 40,000 vulnerabilities tracked by IBM X-Force, more than half (56%) didn’t require any type of authentication for an attacker to bypass before..
The post IBM X-Force Report Surfaces Increased Exploitation of Public-Facing Apps appeared first on Security Boulevard.
Master granular policy enforcement for decentralized MCP resource access using post-quantum cryptography and 4D security frameworks to protect ai infrastructure.
The post Granular Policy Enforcement for Decentralized MCP Resource Access appeared first on Security Boulevard.
