Threat Actors and Security Vendors: A Complex Web of Interests

Threat Actors and Security Vendors: A Complex Web of Interests

The Shadowy World of Adversaries Targeting Security Vendors

The recent attacks on SentinelOne, a leading cybersecurity company, have highlighted the vulnerability of security vendors to complex and sophisticated threats. These attacks not only demonstrate the evolving tactics, techniques, and procedures (TTPs) of financially motivated criminals but also the increasing involvement of nation-state actors in insider threats. Inside the World of Insider Threats

One of the most notable examples of this is the case of DPRK-affiliated IT workers attempting to secure remote employment within Western tech companies, including SentinelOne. These actors have been refining their process, leveraging stolen or fabricated personas, and adapting their outreach tactics to mirror legitimate job seekers in increasingly convincing ways.

  • 360 fake personas and over 1,000 job applications linked to DPRK IT worker operations applying for roles at SentinelOne
  • These attackers are honing their craft beyond the job application and recruitment process
  • They are developing a network of front companies to enable further laundering and logistics

The attackers are not just applying blindly; they are refining their process, leveraging stolen or fabricated personas, and adapting their outreach tactics to mirror legitimate job seekers in increasingly convincing ways. Our team has tracked roughly 360 fake personas and over 1,000 job applications linked to DPRK IT worker operations applying for roles at SentinelOne. Engagement and Adversary Interaction

Instead of staying passive, we made a deliberate choice towards intelligence-driven engagement. In coordination with our talent acquisition teams, we developed workflows to identify and interact with suspected DPRK applicants during the early phases of their outreach. Our attempted interactions offered rare insights into the craftiness and persistence of these infiltration campaigns — particularly the ways in which adversaries adapt to the friction they encounter. The attackers are honing their craft beyond the job application and recruitment process. An operation of this scale and nature requires a different kind of backend infrastructure, such as a sprawling network of front companies to enable further laundering and logistics. Collaboration with Hiring Teams

A key takeaway in working on this investigation was the value of intentionally creating inroads and sharing threat context with different teams not normally keyed into investigations. By doing so, we were able to create a shared understanding of the situation among the teams involved. We brought campaign-level understanding that was combined with tactical insights from our talent team. The payoff was immediate. Recruiters began spotting patterns on their own, driving an increase in early-stage escalation of suspicious profiles. They became an active partner that continues to flag new sightings from the frontlines. In turn, we are codifying these insights into automated systems that flag, filter, enrich, and proactively block these campaigns to lower the burden on our recruiters and hiring managers, and reduce the risk of infiltration. The Growing Trend of Adversaries Exploiting Sales Processes

Another threat vector we’ve observed involves adversaries impersonating legitimate businesses to acquire security products through trusted resellers. This approach is epitomized by the Nitrogen ransomware group. Nitrogen impersonates real companies — spinning up lookalike domains, spoofed email addresses, and cloned infrastructure to convincingly pose as legitimate businesses. Nitrogen then purchases official licenses for EDR and other security products under these false pretenses. This kind of social engineering is executed with precision. Nitrogen typically targets small, lightly vetted resellers — keeping interactions minimal and relying on resellers’ inconsistent KYC practices to slip through the cracks. This highlights a growing challenge for the security industry: reseller diligence and KYC enforcement are clearly part of the threat surface. When those controls are weak or absent, adversaries like Nitrogen gain powerful new ways to elevate their campaigns — often at a lower cost and lower risk than the black market. The PurpleHaze Activity Cluster

Our analysis of the PurpleHaze cluster has reinforced several key insights around operational security and supply chain monitoring. Even when our own infrastructure remained untouched, the targeting of an external service provider previously associated with business logistics surfaced important considerations. One immediate reminder is the necessity of maintaining real-time awareness not only over internal assets but also over adjacent service providers — particularly those with past or current access to sensitive employee devices or logistical information. By integrating threat context into asset attribution workflows, organizations can enhance their ability to trace supply chain touchpoints that may be at risk. Lessons Learned

Our analysis of the PurpleHaze cluster has taught us several lessons about the importance of threat intelligence and operational security. One key takeaway is the value of collaboration between different teams and functions within an organization. By working together, teams can create a shared understanding of the situation and develop effective strategies for mitigating threats. Another key takeaway is the importance of integrating threat intelligence into asset attribution workflows. This enables organizations to enhance their ability to trace supply chain touchpoints that may be at risk. Finally, our analysis has highlighted the need for organizations to maintain real-time awareness of their internal assets and adjacent service providers. This is particularly important in today’s threat landscape, where adversaries are increasingly targeting security vendors for insider access, abuse of legitimate channels, and supply chain infiltration. The Strategic Value of Cyber Threat Intelligence

Cyber threat intelligence has evolved from a niche function into an essential pillar of enterprise defense — particularly for private sector organizations operating in the security space. One of the most tangible examples of the value of cyber threat intelligence is in internal talent acquisition and insider threat defense. Intelligence has become a frontline asset in identifying attempts by North Korean IT workers and other state-backed operatives to embed themselves in organizations under false pretenses. By flagging suspicious applicant patterns, cross-referencing alias histories, and tracking known tradecraft, CTI teams help hiring managers and HR avoid potential insider incidents before they start. Our CTI capabilities must also directly support sales and channel operations. As criminal groups increasingly impersonate legitimate businesses to acquire security products through trusted resellers, intelligence plays a key role in verifying customer legitimacy and identifying anomalous purchase behaviors. Internally, threat intelligence informs and enhances how we defend our own technology and supply chain against highly targeted APT activity. From understanding how adversaries reverse-engineer our software to uncovering which parts of our technology stack they seek to compromise, CTI enables proactive hardening, smarter telemetry prioritization, and meaningful collaboration with product and engineering teams. In essence, intelligence acts as an early-warning system and a strategic guide — ensuring our defenses stay one step ahead of evolving threats. The Future of Cyber Threat Intelligence

As the threat landscape continues to evolve, the role of cyber threat intelligence will only continue to grow. Organizations must remain vigilant and proactive in defending against emerging threats. By leveraging the power of cyber threat intelligence, organizations can stay ahead of the threats and ensure their defenses remain effective. In conclusion, the threat actors and security vendors are intertwined in a complex web of interests. The recent attacks on SentinelOne have highlighted the vulnerability of security vendors to complex and sophisticated threats. To stay ahead of the threats, organizations must prioritize threat intelligence and operational security. By working together and integrating threat intelligence into asset attribution workflows, organizations can create a more robust defense against insider threats and supply chain infiltration. As the threat landscape continues to evolve, the importance of cyber threat intelligence will only continue to grow. Organizations must remain vigilant and proactive in defending against emerging threats. In the end, it is not just about defending against threats, but also about building a stronger and more resilient organization that can withstand the attacks of the future.

Dublin, April 30, 2025 (GLOBE NEWSWIRE) — The “China Application Security Market Opportunity and Future Growth Dynamics (Databook) – Market Size and Forecast, Spend Analysis by Industry, Security Type, Deployment, and Enterprise Size – Q1 2025 Update” report has been added to ResearchAndMarkets.com’s offering.

The application security market in China is expected to grow by 14% on an annual basis to reach US$12.62 billion in 2025.

The application security market in China has experienced robust growth during the period of 2020-2024, achieving a compound annual growth rate (CAGR) of 12.9%. This upward trajectory is expected to continue, with the market forecast to grow at a CAGR of 13.0% during the period of 2025-2029. By the end of 2029, the application security sector is projected to expand from its 2024 value of USD 11.07 billion to approximately USD 23.66 billion.

This report provides a detailed data-centric analysis of the application security industry in China, covering market opportunities and risks across a range of cybersecurity domains.

With over 80+ KPIs at the country level, this report provides a comprehensive understanding of application security market dynamics, market size and forecast, and market share statistics.

Key Insights

Looking ahead, the outlook for China’s application security industry remains promising as digital transformation continues rapidly. Organizations are better equipped to mitigate sophisticated cyber threats with sustained investments in emerging technologies like AI, cloud security, and automation. Executives increasingly view robust application security as a strategic asset critical to long-term business resilience and growth. The convergence of state-led initiatives, private-sector innovation, and ongoing talent development will drive next-generation security solutions. As China navigates an increasingly complex cyber landscape, a forward-thinking and integrated approach to application security will be essential for safeguarding sensitive data and sustaining global competitiveness.

Introduction & Digitalization Trends

China is rapidly accelerating its digital transformation, driven by extensive investments in cloud computing, artificial intelligence, and IoT solutions. In 2024-2025, government initiatives and private sector innovation are propelling the country into a new era of digital ecosystems, where secure applications are essential to support vast digital infrastructures. This shift fundamentally reshapes industries ranging from e-commerce and fintech to smart manufacturing.

Market Opportunity

China’s expanding digital economy offers significant opportunities for application security investments. One prominent example is Huawei, which has recently enhanced its application security framework across its enterprise and cloud services. By deploying advanced threat intelligence, automated vulnerability assessments, and real-time monitoring, Huawei has set a benchmark for secure digital transformation within the region. Huawei’s strategic approach to integrating security into its product development lifecycle has reduced vulnerabilities and boosted customer confidence across diverse sectors such as telecommunications, finance, and government services. This case study illustrates the tangible benefits of investing in robust application security, reinforcing how proactive security strategies can drive market growth and position companies as industry leaders.

China’s Cybersecurity Landscape

Strong state-led initiatives and dynamic public-private partnerships characterize China’s cybersecurity landscape. Key agencies such as the Ministry of Industry and Information Technology (MIIT) and the Cyberspace Administration of China play pivotal roles in establishing national cybersecurity policies and standards. These coordinated efforts aim to protect critical infrastructure and promote secure digital practices across all sectors. From 2024 to 2025, China has seen a marked increase in investments to incorporate artificial intelligence and machine learning into cybersecurity operations. Collaborative frameworks have enhanced threat intelligence sharing and accelerated incident response, reinforcing a resilient security ecosystem. This proactive environment is crucial for addressing the challenges of sophisticated cyber threats in a rapidly digitizing economy.

Current Market for Application Security

Over the past year, China’s application security market has experienced robust growth fueled by accelerating digital transformation across key sectors such as finance, healthcare, and manufacturing. Recent market reports from 2024-2025 indicate that companies are significantly increasing their budgets to deploy automated vulnerability scanning, cloud-native security solutions, and AI-enhanced threat detection systems. This surge in investment reflects a heightened awareness of the financial and reputational risks cyber incidents pose. Organizations are embedding security measures throughout the software development lifecycle to mitigate risks and ensure resilient operations. The momentum in the application security market is reshaping investment strategies and driving innovation in security technologies, setting new benchmarks for digital protection across the nation.

Competitive Landscape of the Application Security Industry

The competitive environment in China features a dynamic mix of global technology leaders and innovative domestic players. International vendors such as Checkmarx and Veracode have established a presence in the market, while homegrown companies like Qihoo 360 and NSFOCUS are rapidly advancing their security offerings tailored to local needs. This diverse ecosystem fosters rapid innovation and continuous improvement in application security solutions. In the past year, competitive pressures have driven companies to integrate advanced technologies such as machine learning, behavioral analytics, and real-time threat intelligence into their platforms. This healthy competition raises industry standards and encourages strategic partnerships and joint ventures, ensuring that security solutions remain adaptive to evolving cyber threats. The vibrant, competitive landscape is central to maintaining a robust and effective application security market.

Regulatory Changes

Recent regulatory updates have significantly shaped China’s application security environment. In the last year, authorities, including the MIIT and the Cyberspace Administration of China, have introduced new guidelines that mandate stricter security protocols for critical sectors such as finance, telecommunications, and healthcare. These regulations emphasize continuous risk assessments, rapid incident reporting, and enhanced data protection measures. The updated regulatory framework aligns with international best practices and compels organizations to adopt comprehensive security controls throughout their digital ecosystems. This proactive regulatory approach not only drives higher investments in advanced security technologies but also reinforces the overall resilience of China’s digital infrastructure against emerging cyber threats.

Report Scope

This report provides in-depth data-centric analysis of application security industry in China through 88 tables and 109 charts. Below is a summary of key market segments:

  • China Application Security Spend Market Share by Cybersecurity Domains
  • Application Security
  • Cloud Security
  • Data Privacy
  • Data Security
  • Identity Access Management
  • Infrastructure Protection
  • Integrated Risk Management
  • Network Security Equipment
  • Other Information Security Software
  • Security Services
  • Consumer Security Software
  • China Application Security Spend Market Share by Industry
  • IT and Telecommunications
  • BFSI
  • Healthcare and Life Sciences
  • Retail & Consumer Goods
  • Manufacturing & Distribution
  • Government & Defense
  • Travel & Hospitality
  • Media, Entertainment & Leisure
  • Others
  • China Application Security Spend Market Share by Security Type
  • IT and Telecommunications Industry Application Security Spend by Security Type
  • BFSI Industry Application Security Spend by Security Type
  • Healthcare and Lifesciences Industry Application Security Spend by Security Type
  • Retail & Consumer Goods Application Security Spend by Security Type
  • Manufacturing & Distribution Application Security Spend by Security Type
  • Government & Defense Industry Application Security Spend by Security Type
  • Travel & Hospitality Industry Application Security Spend by Security Type
  • Media, Entertainment & Leisure Industry Application Security Spend by Security Type
  • Other Industries Application Security Spend by Security Type
  • China Application Security Spend Market Share by Deployment
  • Cloud
  • On-premises
  • Hybrid
  • China Application Security Spend Market Share by Solution
  • Software Solution
  • Services
  • China Application Security Spend Market Share by Software Solution
  • Application Firewalls
  • Security Information and Event Management (SIEM) Systems
  • Identity and Access Management (IAM) Solutions
  • Dynamic Application Security Testing (DAST)
  • Static Application Security Testing (SAST)
  • Runtime Application Self-Protection (RASP)
  • Other
  • China Application Security Spend Market Share by Enterprise Size
  • For more information about this report visit https://www.researchandmarkets.com/r/h9jwp1

About ResearchAndMarkets.com

ResearchAndMarkets.com is the world’s leading source for international market research reports and market data. We provide you with the latest data on international and regional markets, key industries, the top companies, new products and the latest trends.

RSAC 2025: Cybersecurity Vendors Make Big Moves with AI-Powered Products and Acquisitions

Cybersecurity vendors have made a significant impact at the recent RSAC 2025 conference in San Francisco, with numerous major announcements, including new AI-powered products, acquisitions, and funding rounds. While the presence of AI is undeniable at the conference, the tools leveraging emerging AI capabilities are now entering a new phase of usefulness.

Many top industry vendors, including Palo Alto Networks, CrowdStrike, and SentinelOne, have unveiled new AI-powered products and capabilities, marking a significant shift in the cybersecurity landscape.

Some of the key announcements include:

  • Palo Alto Networks’ debut of Cortex XSIAM 3.0 with major updates, including the introduction of advanced email security.
  • CrowdStrike’s launch of two new agentic AI tools for its Charlotte AI platform, as well as Falcon Adversary OverWatch Next-Gen SIEM and Falcon Data Protection enhancements.
  • SentinelOne’s debut of Purple AI Athena, which includes agentic AI functionality that aims to mirror security reasoning and orchestration of experienced security operations analysts.

In addition to these major announcements, several other vendors have made significant moves, including:

Cyera’s hiring of an industry veteran, Dave Rogers, as channel chief, aimed at accelerating its work with partners and enabling AI adoption for customers.

Malwarebytes’ launch of several new channel initiatives, including a trial option for its ThreatDown OneView platform for MSPs.

Akamai Technologies’ debut of its latest protections for AI-powered applications, including Firewall for AI, providing multilayered defense against attacks and abuse targeting AI apps.

Blackpoint Cyber’s launch of its new CompassOne platform, which builds on the company’s MSP-focused managed detection and response (MDR) offering, with new features for security posture rating and cloud posture.

Huntress’ unveiling of two major product updates, including an enhanced version of its Managed Identity Threat Detection and Response (ITDR) offering and general availability of its Managed SIEM offering.

Veza’s raising of $108 million in a Series D round of funding aimed at accelerating its growth and achieving a valuation of $808 million.

Upwind’s acquisition of Nyx Security, a startup that focuses on providing threat detection at the application layer.

These announcements demonstrate the growing importance of AI in the cybersecurity landscape and the increasing adoption of AI-powered products and capabilities by top industry vendors.

As the cybersecurity industry continues to evolve, it’s clear that AI will play an increasingly vital role in protecting against emerging threats and ensuring the security of complex systems.

The RSAC 2025 conference has provided a glimpse into the future of cybersecurity, with many vendors committing to investing in AI-powered products and capabilities that will shape the industry in the years to come.

With the increasing focus on AI and machine learning in cybersecurity, it’s essential for organizations to stay informed about the latest developments and trends in the industry.

By understanding the implications of AI on cybersecurity and the emerging trends in the industry, organizations can better prepare themselves for the challenges ahead and ensure the security of their systems and data.

The future of cybersecurity is AI-driven, and the RSAC 2025 conference has provided a clear indication of this trend.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By embracing AI and machine learning, organizations can improve their cybersecurity posture and better protect against emerging threats.

The RSAC 2025 conference has demonstrated the growing importance of AI in the cybersecurity landscape, and it’s clear that the industry is on the cusp of a major transformation.

With the increasing focus on AI and machine learning in cybersecurity, the future of the industry looks bright, and organizations can expect to see significant advancements in the years to come.

The RSAC 2025 conference has provided a glimpse into the future of cybersecurity, and it’s clear that AI will play an increasingly vital role in protecting against emerging threats and ensuring the security of complex systems.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By embracing AI and machine learning, organizations can improve their cybersecurity posture and better protect against emerging threats.

RSAC 2025: Top Cybersecurity Vendors Make Major Moves with AI-Powered Products and Acquisitions

The recent RSAC 2025 conference in San Francisco has seen a surge in major announcements from top cybersecurity vendors, including new AI-powered products, acquisitions, and funding rounds. Palo Alto Networks, CrowdStrike, and SentinelOne have all made significant moves at the conference, including the launch of new AI-powered products and capabilities.

Some of the key announcements include:

• Palo Alto Networks’ debut of Cortex XSIAM 3.0 with major updates, including the introduction of advanced email security.

• CrowdStrike’s launch of two new agentic AI tools for its Charlotte AI platform, as well as Falcon Adversary OverWatch Next-Gen SIEM and Falcon Data Protection enhancements.

• SentinelOne’s debut of Purple AI Athena, which includes agentic AI functionality that aims to mirror security reasoning and orchestration of experienced security operations analysts.

These announcements demonstrate the growing importance of AI in the cybersecurity landscape and the increasing adoption of AI-powered products and capabilities by top industry vendors.

Cybersecurity vendors are increasingly investing in AI-powered products and capabilities, with many making significant moves at the RSAC 2025 conference.

The conference has provided a glimpse into the future of cybersecurity, with many vendors committing to investing in AI-powered products and capabilities that will shape the industry in the years to come.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By understanding the implications of AI on cybersecurity and the emerging trends in the industry, organizations can better prepare themselves for the challenges ahead and ensure the security of their systems and data.

The future of cybersecurity is AI-driven, and the RSAC 2025 conference has provided a clear indication of this trend.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By embracing AI and machine learning, organizations can improve their cybersecurity posture and better protect against emerging threats.

The RSAC 2025 conference has demonstrated the growing importance of AI in the cybersecurity landscape, and it’s clear that the industry is on the cusp of a major transformation.

With the increasing focus on AI and machine learning in cybersecurity, the future of the industry looks bright, and organizations can expect to see significant advancements in the years to come.

The RSAC 2025 conference has provided a glimpse into the future of cybersecurity, and it’s clear that AI will play an increasingly vital role in protecting against emerging threats and ensuring the security of complex systems.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By embracing AI and machine learning, organizations can improve their cybersecurity posture and better protect against emerging threats.

RSAC 2025: Top Cybersecurity Vendors Make Major Moves with AI-Powered Products and Acquisitions

The recent RSAC 2025 conference in San Francisco has seen a surge in major announcements from top cybersecurity vendors, including new AI-powered products, acquisitions, and funding rounds. Palo Alto Networks, CrowdStrike, and SentinelOne have all made significant moves at the conference, including the launch of new AI-powered products and capabilities.

Some of the key announcements include:

• Palo Alto Networks’ debut of Cortex XSIAM 3.0 with major updates, including the introduction of advanced email security.

• CrowdStrike’s launch of two new agentic AI tools for its Charlotte AI platform, as well as Falcon Adversary OverWatch Next-Gen SIEM and Falcon Data Protection enhancements.

• SentinelOne’s debut of Purple AI Athena, which includes agentic AI functionality that aims to mirror security reasoning and orchestration of experienced security operations analysts.

These announcements demonstrate the growing importance of AI in the cybersecurity landscape and the increasing adoption of AI-powered products and capabilities by top industry vendors.

Cybersecurity vendors are increasingly investing in AI-powered products and capabilities, with many making significant moves at the RSAC 2025 conference.

The conference has provided a glimpse into the future of cybersecurity, with many vendors committing to investing in AI-powered products and capabilities that will shape the industry in the years to come.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By understanding the implications of AI on cybersecurity and the emerging trends in the industry, organizations can better prepare themselves for the challenges ahead and ensure the security of their systems and data.

The future of cybersecurity is AI-driven, and the RSAC 2025 conference has provided a clear indication of this trend.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By embracing AI and machine learning, organizations can improve their cybersecurity posture and better protect against emerging threats.

The RSAC 2025 conference has demonstrated the growing importance of AI in the cybersecurity landscape, and it’s clear that the industry is on the cusp of a major transformation.

With the increasing focus on AI and machine learning in cybersecurity, the future of the industry looks bright, and organizations can expect to see significant advancements in the years to come.

The RSAC 2025 conference has provided a glimpse into the future of cybersecurity, and it’s clear that AI will play an increasingly vital role in protecting against emerging threats and ensuring the security of complex systems.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By embracing AI and machine learning, organizations can improve their cybersecurity posture and better protect against emerging threats.

RSAC 2025: Top Cybersecurity Vendors Make Major Moves with AI-Powered Products and Acquisitions

The recent RSAC 2025 conference in San Francisco has seen a surge in major announcements from top cybersecurity vendors, including new AI-powered products, acquisitions, and funding rounds. Palo Alto Networks, CrowdStrike, and SentinelOne have all made significant moves at the conference, including the launch of new AI-powered products and capabilities.

Some of the key announcements include:

• Palo Alto Networks’ debut of Cortex XSIAM 3.0 with major updates, including the introduction of advanced email security.

• CrowdStrike’s launch of two new agentic AI tools for its Charlotte AI platform, as well as Falcon Adversary OverWatch Next-Gen SIEM and Falcon Data Protection enhancements.

• SentinelOne’s debut of Purple AI Athena, which includes agentic AI functionality that aims to mirror security reasoning and orchestration of experienced security operations analysts.

These announcements demonstrate the growing importance of AI in the cybersecurity landscape and the increasing adoption of AI-powered products and capabilities by top industry vendors.

Cybersecurity vendors are increasingly investing in AI-powered products and capabilities, with many making significant moves at the RSAC 2025 conference.

The conference has provided a glimpse into the future of cybersecurity, with many vendors committing to investing in AI-powered products and capabilities that will shape the industry in the years to come.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By understanding the implications of AI on cybersecurity and the emerging trends in the industry, organizations can better prepare themselves for the challenges ahead and ensure the security of their systems and data.

The future of cybersecurity is AI-driven, and the RSAC 2025 conference has provided a clear indication of this trend.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By embracing AI and machine learning, organizations can improve their cybersecurity posture and better protect against emerging threats.

The RSAC 2025 conference has demonstrated the growing importance of AI in the cybersecurity landscape, and it’s clear that the industry is on the cusp of a major transformation.

With the increasing focus on AI and machine learning in cybersecurity, the future of the industry looks bright, and organizations can expect to see significant advancements in the years to come.

The RSAC 2025 conference has provided a glimpse into the future of cybersecurity, and it’s clear that AI will play an increasingly vital role in protecting against emerging threats and ensuring the security of complex systems.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By embracing AI and machine learning, organizations can improve their cybersecurity posture and better protect against emerging threats.

RSAC 2025: Top Cybersecurity Vendors Make Major Moves with AI-Powered Products and Acquisitions

The recent RSAC 2025 conference in San Francisco has seen a surge in major announcements from top cybersecurity vendors, including new AI-powered products, acquisitions, and funding rounds. Palo Alto Networks, CrowdStrike, and SentinelOne have all made significant moves at the conference, including the launch of new AI-powered products and capabilities.

Some of the key announcements include:

• Palo Alto Networks’ debut of Cortex XSIAM 3.0 with major updates, including the introduction of advanced email security.

• CrowdStrike’s launch of two new agentic AI tools for its Charlotte AI platform, as well as Falcon Adversary OverWatch Next-Gen SIEM and Falcon Data Protection enhancements.

• SentinelOne’s debut of Purple AI Athena, which includes agentic AI functionality that aims to mirror security reasoning and orchestration of experienced security operations analysts.

These announcements demonstrate the growing importance of AI in the cybersecurity landscape and the increasing adoption of AI-powered products and capabilities by top industry vendors.

Cybersecurity vendors are increasingly investing in AI-powered products and capabilities, with many making significant moves at the RSAC 2025 conference.

The conference has provided a glimpse into the future of cybersecurity, with many vendors committing to investing in AI-powered products and capabilities that will shape the industry in the years to come.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By understanding the implications of AI on cybersecurity and the emerging trends in the industry, organizations can better prepare themselves for the challenges ahead and ensure the security of their systems and data.

The future of cybersecurity is AI-driven, and the RSAC 2025 conference has provided a clear indication of this trend.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By embracing AI and machine learning, organizations can improve their cybersecurity posture and better protect against emerging threats.

The RSAC 2025 conference has demonstrated the growing importance of AI in the cybersecurity landscape, and it’s clear that the industry is on the cusp of a major transformation.

With the increasing focus on AI and machine learning in cybersecurity, the future of the industry looks bright, and organizations can expect to see significant advancements in the years to come.

The RSAC 2025 conference has provided a glimpse into the future of cybersecurity, and it’s clear that AI will play an increasingly vital role in protecting against emerging threats and ensuring the security of complex systems.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By embracing AI and machine learning, organizations can improve their cybersecurity posture and better protect against emerging threats.

RSAC 2025: Top Cybersecurity Vendors Make Major Moves with AI-Powered Products and Acquisitions

The recent RSAC 2025 conference in San Francisco has seen a surge in major announcements from top cybersecurity vendors, including new AI-powered products, acquisitions, and funding rounds. Palo Alto Networks, CrowdStrike, and SentinelOne have all made significant moves at the conference, including the launch of new AI-powered products and capabilities.

Some of the key announcements include:

• Palo Alto Networks’ debut of Cortex XSIAM 3.0 with major updates, including the introduction of advanced email security.

• CrowdStrike’s launch of two new agentic AI tools for its Charlotte AI platform, as well as Falcon Adversary OverWatch Next-Gen SIEM and Falcon Data Protection enhancements.

• SentinelOne’s debut of Purple AI Athena, which includes agentic AI functionality that aims to mirror security reasoning and orchestration of experienced security operations analysts.

These announcements demonstrate the growing importance of AI in the cybersecurity landscape and the increasing adoption of AI-powered products and capabilities by top industry vendors.

Cybersecurity vendors are increasingly investing in AI-powered products and capabilities, with many making significant moves at the RSAC 2025 conference.

The conference has provided a glimpse into the future of cybersecurity, with many vendors committing to investing in AI-powered products and capabilities that will shape the industry in the years to come.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By understanding the implications of AI on cybersecurity and the emerging trends in the industry, organizations can better prepare themselves for the challenges ahead and ensure the security of their systems and data.

The future of cybersecurity is AI-driven, and the RSAC 2025 conference has provided a clear indication of this trend.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By embracing AI and machine learning, organizations can improve their cybersecurity posture and better protect against emerging threats.

The RSAC 2025 conference has demonstrated the growing importance of AI in the cybersecurity landscape, and it’s clear that the industry is on the cusp of a major transformation.

With the increasing focus on AI and machine learning in cybersecurity, the future of the industry looks bright, and organizations can expect to see significant advancements in the years to come.

The RSAC 2025 conference has provided a glimpse into the future of cybersecurity, and it’s clear that AI will play an increasingly vital role in protecting against emerging threats and ensuring the security of complex systems.

As the industry continues to evolve, it’s essential for organizations to stay informed about the latest developments and trends in AI-powered cybersecurity products and capabilities.

By embracing AI and machine learning, organizations can improve their cybersecurity posture and better protect against emerging threats.

RSAC 2025: Top Cybersecurity Vendors Make Major Moves with AI-Powered Products and Acquisitions

The recent RSAC 2025 conference in San Francisco has seen a surge in major announcements from top cybersecurity vendors, including new AI-powered products, acquisitions, and funding rounds. Palo Alto Networks, CrowdStrike, and SentinelOne have all made significant moves at the conference, including the launch of new AI-powered products and capabilities.

Some of the key announcements include:

• Palo Alto Networks’ debut of Cortex XSIAM 3.0 with major updates, including the introduction of advanced email security.

• CrowdStrike’s launch of two new agentic AI tools for its Charlotte AI platform, as well as Falcon Adversary OverWatch Next-Gen SIEM and Falcon Data Protection enhancements.

Emerging Email Threats: A Growing Concern for Organisations

Email threats are on the rise, and organisations need to be vigilant to protect themselves against these emerging threats. In recent months, Barracuda threat analysts have identified three new email threats that are targeting organisations globally. These threats are using tactics designed to evade detection and exploit vulnerabilities in security controls. The first threat involves the use of poisoned calendar invites crafted using phishing-as-a-service (PhaaS) kits. These kits are widely available online and can be used to create fake calendar invites that appear to be legitimate. The invites often contain event details and a phishing link that redirects the recipient to a malicious page designed to steal Microsoft credentials. • The phishing links are often disguised as legitimate calendar invites, making it difficult to distinguish between genuine and fake invites. • The use of iCalendar (ICS) files makes the phishing links more attractive to security tools, which may not be able to detect the malicious content. • The attacks often involve a CAPTCHA verification, which can make it difficult for recipients to distinguish between legitimate and fake invites. Barracuda advises organisations to be cautious of emails that:

• Are not expected from a sender, especially if the sender is not known or not frequently communicated with. • Contain links to calendar invites that appear to be legitimate but lack context or a covering message. • Are suspicious in nature, such as emails that claim to be notifications from services like SharePoint or DocuSign. The second threat involves phishing kits exploiting the ShareFile document-sharing platform. Several hundred attacks have been observed using these techniques, which involve hosting fraudulent login forms on ShareFile and distributing the corresponding URLs to targeted individuals. • The phishing kits used are Tycoon 2FA and Mamba 2FA, which employ various evasion strategies to evade detection. • The attacks often involve using proxy servers, short-lived and rotating phishing links, and sending unwanted traffic to unrelated sites to interfere with security tool analysis. • The phishing emails often impersonate notifications from services like SharePoint or DocuSign, making it difficult for recipients to distinguish between genuine and fake emails. Barracuda highlights the need for organisations to be cautious of emails that:

• Are not expected from a sender, especially if the sender is not known or not frequently communicated with. • Contain links to ShareFile that are not generally used by the organisation. The third threat involves the resurgence of voicemail-based phishing, or “vishing”. This type of attack involves emails that claim to be alerts about new voicemail messages and entice recipients to click a link to “play” the message. The link leads to a form hosted on trusted platforms like Monday or Zoho, where victims are asked to enter their credentials. • The attacks often involve using Tycoon 2FA and Mamba 2FA phishing kits and redirects via the professional social media platform LinkedIn. • The attacks often involve pressure to act quickly or respond to the message, which can make it difficult for recipients to verify the authenticity of the message. Barracuda advises organisations to be cautious of emails that:

• Are not expected from a sender, especially if the sender is not known or not frequently communicated with. • Contain links to voicemail messages that are not expected or unsolicited. Barracuda outlines its email protection measures, stating that it offers a comprehensive suite of features designed to defend against advanced email threats. The features include:

• Email Gateway Defense, which protects against phishing and malware. • Impersonation Protection, which safeguards against social engineering attacks. • Incident Response and Domain Fraud Protection to mitigate risks associated with compromised accounts and fraudulent domains. • Cloud-to-Cloud Backup and Security Awareness Training to enhance overall email security posture. Barracuda combines artificial intelligence and deep integration with Microsoft 365 to provide a comprehensive cloud-based solution that guards against potentially devastating, hyper-targeted phishing and impersonation attacks.

Threat Description Characteristics
Phishing kits using calendar invites Phishing kits crafted using PhaaS kits to create fake calendar invites Use of iCalendar (ICS) files, CAPTCHA verification, and links to malicious pages
Phishing kits exploiting ShareFile Phishing kits using ShareFile to host fraudulent login forms Use of proxy servers, short-lived and rotating phishing links, and unwanted traffic to unrelated sites
Voicemail-based phishing (vishing) Emails claiming to be alerts about new voicemail messages Use of Tycoon 2FA and Mamba 2FA phishing kits, redirects via LinkedIn, and pressure to act quickly

The use of calendar invites in phishing attacks is on the rise, with several reports of Google calendar invites being spoofed in phishing campaigns. Since ICS files are often considered harmless and not all security tools can spot malicious invites, this represents a new opportunity for attackers to bypass security controls and snare victims. Barracuda suggests that organisations should be vigilant and report any suspicious emails to their security team. They should also verify the source of the email and check with the sender directly to ensure that the message is legitimate. By taking these precautions, organisations can reduce the risk of falling victim to these emerging email threats.

“The use of calendar invites in phishing attacks is on the rise, with several reports of Google calendar invites being spoofed in phishing campaigns. Since ICS files are often considered harmless and not all security tools can spot malicious invites, this represents a new opportunity — for a while at least — for attackers to bypass security controls and snare victims.”

Barracuda Email Protection

Barracuda Email Protection offers a comprehensive suite of features designed to defend against advanced email threats. It includes capabilities such as Email Gateway Defense, which protects against phishing and malware, and Impersonation Protection, which safeguards against social engineering attacks. Additionally, it provides Incident Response and Domain Fraud Protection to mitigate risks associated with compromised accounts and fraudulent domains. Cloud-to-Cloud Backup and Security Awareness Training

Barracuda Email Protection also includes Cloud-to-Cloud Backup and Security Awareness Training to enhance overall email security posture. The service combines artificial intelligence and deep integration with Microsoft 365 to provide a comprehensive cloud-based solution that guards against potentially devastating, hyper-targeted phishing and impersonation attacks. Barracuda Combines Expertise with Microsoft 365

Barracuda combines its expertise with Microsoft 365 to provide a comprehensive cloud-based solution that guards against potentially devastating, hyper-targeted phishing and impersonation attacks. This solution is designed to provide real-time protection against advanced email threats and to enhance overall email security posture.

Definitions:

*

Phishing kits

: Pre-built packages of malicious code used to create and distribute phishing emails. *

PhaaS (Phishing-as-a-Service)

: A service that provides pre-built phishing kits and other malicious tools to attackers. *

ICS (iCalendar)

: A standard for sharing calendar information and scheduling events. *

Tycoon 2FA and Mamba 2FA

: Phishing kits used to exploit ShareFile and other platforms.

Australia’s Big Four Banks Compromised: Millions of Passwords Stolen

In a shocking revelation, an investigation by a leading Australian research tech firm, Dvuln, has exposed that over 31,000 passwords from Australia’s Big Four banks have been compromised and shared with cyber criminals online.

  • Per ABC News, the investigation, led by cyber intelligence researchers, revealed that passwords “belonging to at least 14,000 Commbank customers, 7,000 ANZ customers, 5,000 NAB and 4,000 Westpac customers,” have been made available for cyber criminals on Telegram and the dark web.
  • The breach was not due to any security issues within the banks themselves, but rather the result of devices being infected with infostealer malware, which was then used to steal the passwords.

The malware, as stated by Jamie O’Reilly, Dvuln’s founder, is a type of program designed to suck out valuable data from devices and send it to cyber criminals. This type of malware can attack and obtain passwords, credit card details, cryptocurrency wallets, personal files, browser data, and much more.

Characteristics of Infostealer Malware Effects on Users
Infostealer malware can steal passwords, credit card details, and cryptocurrency wallets. Users can lose access to their online accounts, personal files, and sensitive information.
The malware can also attack browser data and personal files. Users may experience issues with their online banking, shopping, and other online activities.

The Australian Banking Association CEO, Anna Bligh, has stated that the bank’s top priority is to keep customers secure online. The data breach was not due to a security issue at the bank, but rather from personal devices being infected with the malware.

“If customers have any concerns about their account details, they should get in touch with their bank as soon as possible.”

Dvuln’s founder, Jamie O’Reilly, has emphasized the importance of taking proactive measures to protect passwords and sensitive information. He advises customers to rotate passwords, move passwords to secure devices, stay on top of antivirus updates, and utilize the bank’s multi-factor authentication.

However, even with these measures in place, no security system is completely unhackable.

Why Passwords May Be Past Their Expiry Date

The Problem with Passwords Today

* Cyber security professionals are urging the public to strengthen their password hygiene, but our over-reliance on passwords is becoming a major security risk. * Verizon’s Data Breach Investigations Report (2024) found that 81% of breaches still involve weak or stolen passwords. * According to Nordpass, the weak password of “123456” can be easily cracked within 1 second by hackers.

Newer Threats Accelerate This Risk

* Brute-force attacks have moved from CPUs to high-speed GPUs, enabling hackers to guess over a million password combinations per second. * AI-enhanced tools are making it possible for hackers to crack even the strongest passwords in minutes. * The underground market for stolen credentials is vast and lucrative, with over 24.6 billion username-password combinations currently circulating across cybercriminal marketplaces.

The Dark Side of Passwords: A Cybercrime Economy

* The most valuable logins include banking, email, cloud, crypto, corporate VPNs, and social media accounts, which are commonly reused for phishing, identity theft, malware campaigns, and business email compromise. * Behind these thefts are some of the world’s most sophisticated threat groups, including Kimsuky (North Korea), MuddyWater (Iran), and APT28/29 (Russia). * In 2024 alone, 3.9 billion credentials were compromised via malware infections across 4.3 million devices.

The Rise of Passwordless Authentication

* Companies like Google, Microsoft, and Shopify are rolling out Passkeys — encrypted cryptographic keys tied to biometric or device-based authentication. * Microsoft wants its over 1 billion users to stop using passwords to log into their Microsoft accounts. * Gartner predicts that 60% of enterprises will eliminate passwords for most use cases by 2025.

Country Government-backed Digital Identity System
Singapore Singpass
India Aadhaar
Australia Digital ID roadmap

Behavioral Resistance: Why We Still Cling to Passwords

* Despite security advances, people still trust what they know — and passwords feel familiar. * Passwords are easily guessed, forgotten, shared, or stolen. * Check Point notes that poor password hygiene continues to be a major weak link in corporate and personal security.

Risks of Staying with Passwords in a Post-AI World

* Deep learning models are trained on billions of leaked passwords and can predict common patterns faster than ever. * Voice- and video-based impersonation attacks using deepfakes can bypass even multi-factor authentication. * Cloud-based GPUs are democratising the power to break passwords at scale.

What Organisations Should Do Now

* Pilot passwordless systems using biometrics, tokens, or Passkeys. * Use tools like Check Point Harmony to prevent password reuse and phishing. * Enforce Privileged Access Management (PAM) solutions and Zero Trust architectures.

A Call to Action

* World Password Day shouldn’t just be about creating stronger passwords. It should be a prompt to imagine a future without them. * The tools exist. The threats demand it. The only thing missing is our willingness to let go. Stay Secure with Check Point

Check Point Software Technologies Ltd. is a leading AI-powered, cloud-delivered cyber security platform provider protecting over 100,000 organisations worldwide. Check Point leverages the power of AI everywhere to enhance cyber security efficiency and accuracy through its Infinity Platform, with industry-leading catch rates enabling proactive threat anticipation and smarter, faster response times. Follow Check Point

* LinkedIn: https://www.linkedin.com/company/check-point-software-technologies

* Twitter: https://www.twitter.com/checkpointsw

* Facebook: https://www.facebook.com/checkpointsoftware

* Blog: https://blog.checkpoint.com

* YouTube: https://www.youtube.com/user/CPGlobal

About Check Point Software Technologies Ltd.

Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading AI-powered, cloud-delivered cyber security platform provider protecting over 100,000 organisations worldwide. Check Point leverages the power of AI everywhere to enhance cyber security efficiency and accuracy through its Infinity Platform, with industry-leading catch rates enabling proactive threat anticipation and smarter, faster response times. The comprehensive platform includes cloud-delivered technologies consisting of Check Point Harmony to secure the workspace, Check Point CloudGuard to secure the cloud, Check Point Quantum to secure the network, and Check Point Infinity Platform Services for collaborative security operations and services.

Bangkok-Based AquaOrange Software Co., Ltd. Drives Digital Transformation Across Southeast Asia

Thai tech company expands its tech solutions, offering cutting-edge AI, cloud, and custom software to drive business innovation.

  • Bangkok’s dynamic business landscape provides AquaOrange with a strategic advantage.
  • The company is a key player in Thailand’s thriving tech industry.
  • AquaOrange Software Co., Ltd. is driving digital transformation, enabling business success through comprehensive IT support, network, hardware rentals, and cutting-edge software solutions.

AquaOrange is headquartered in Bangkok and has built a reputation for excellence since its inception.

The company offers a comprehensive suite of services, including custom software development, cloud solutions, and enterprise application integration.

AquaOrange’s commitment to innovation and client-centric approach sets it apart in a competitive market.

AquaOrange’s Key Services

AquaOrange offers a range of services, including:

  1. Custom software development
  2. Cloud solutions
  3. Enterprise application integration
  4. IT support
  5. Hardware rentals
  6. Network services
  7. Firewall systems
  8. Endpoint security solutions
  9. IT infrastructure management
  10. Digital services

With a focus on scalability and efficiency, the company’s software offerings are customizable to meet the evolving needs of modern enterprises.

AquaOrange also provides cloud computing, secure and scalable cloud infrastructure to help organizations optimize performance while reducing operational costs.

The company’s expertise in hybrid and multi-cloud environments ensures seamless digital transitions for businesses of all sizes.

Security Solutions

AquaOrange designs, installs, and maintains customized firewall systems against cyber threats.

The company also provides endpoint security solutions, with trusted brands like Bitdefender, ESET, and Palo Alto Networks.

Robust encryption and compliance protocols ensure the delivery of innovative and secure digital ecosystems.

Partnerships and Collaborations

AquaOrange partners with global technology leaders to deliver enterprise business solutions.

The company leverages its experience and expertise in IT support services, IT infrastructure management, and cutting-edge digital services to ensure smooth system operations through onsite and remote assistance.

Customer Testimonials

AquaOrange has a strong reputation for delivering high-quality solutions that drive business success.

Businesses across industries, from finance to healthcare, have leveraged the company’s expertise to streamline operations and enhance productivity.

Conclusion

AquaOrange Software Co., Ltd. is a trusted partner for businesses seeking end-to-end IT solutions that drive efficiency, security, and growth.

With a focus on scalable, secure, and customized technology, the company delivers cutting-edge systems tailored to the financial, healthcare, and retail sectors.

About AquaOrange Software Co., Ltd.

AquaOrange Software Co., Ltd. is a premier Bangkok-based technology solutions provider specializing in enterprise software development, cloud computing, and digital transformation services.

Recognized for its expertise in AI-driven applications, blockchain integration, and cybersecurity solutions, the company helps businesses across Southeast Asia optimize operations and drive innovation.

The company is headquartered at 1 The Empire Tower, Sathorn 47th Floor, 4703, Bangkok, Thailand, and can be reached at +66 (0)2-686-3440 or info@aquaorange.co.th.

Contact Information Address
AquaOrange Software Co., Ltd. 1 The Empire Tower, Sathorn 47th Floor, 4703, Bangkok, Thailand
Phone +66 (0)2-686-3440
Email info@aquaorange.co.th

Staying ahead of technological trends is a hallmark of AquaOrange.

NetApp Enhances Cyber Resiliency Capabilities

New Data Security Capabilities Strengthen Cyber Resiliency

NetApp, the intelligent data infrastructure company, has announced new data security capabilities that help customers strengthen their cyber resiliency. Security teams can now leverage NetApp, the most secure storage on the planet, to take a proactive approach to data security at the storage layer and strengthen their overall security posture. The increasing accessibility of AI has enabled malicious actors to automate cyberattacks, requiring businesses to use machine learning to automate threat detection. And as quantum computing approaches viability, businesses urgently need to protect their data from malicious hackers who may look to steal and store sensitive information today, holding it for the promise of easily accessible quantum-powered decryption in the near future. NetApp is a pioneer of comprehensive, secure-by-design intelligent data infrastructure, giving customers confidence in their ability to protect and access data without disruption backed by a guarantee of 99.9999 percent availability. Building on that track record, NetApp is announcing new cyber resiliency capabilities that augment and elevate in-depth security strategies for customers. “Security teams need to factor storage into their security strategies because it is the last line of defense for their data and the right storage can play an active role in protecting the enterprise,” said Gagan Gulati, Senior Vice President and General Manager, Data Services at NetApp.

Key Cyber Resiliency Capabilities

  • Post-Quantum Cryptography: NetApp has embedded post-quantum cryptography into its storage portfolio for file and block workloads.
  • NetApp BlueXP Ransomware Protection Update: Updates to BlueXP ransomware protection strengthen the service’s ability to provide a comprehensive, orchestrated ransomware defense for NetApp ONTAP workloads.
  • NetApp BlueXP Backup and Recovery Workload Support: NetApp BlueXP backup and recovery provides a simple, secure, and cost-effective integrated data protection service for ONTAP data.
  • NetApp Security Professional Services: NetApp is offering expanded professional security assessment and security hardening services to help customers evaluate and further tighten their security posture.

These updates build on NetApp’s comprehensive security capabilities that include security built-in, ransomware protection, backup, disaster recovery, data classification—all delivered via BlueXP ransomware protection. This SaaS-based control plane also includes features like SIEM integration to further enable connections between storage and overall security postures. “Building resiliency against cyber-attacks into the data storage infrastructure has never been more important. Approximately 80 percent of respondents in our Cybersecurity Decision Maker IQ research indicated having experienced a significant security incident over the past 12 months, and 40 percent counted data loss and compromise as one of the most significant consequences of their organization’s worst security incident,” said Krista Case, Research Director for The Futurum Group.

Quantum-Ready Storage

NetApp’s post-quantum cryptography capabilities provide a quantum-ready storage solution that keeps customers’ data protected against quantum threats. By leveraging encryption algorithms standardized by NIST—a globally recognized standards body and authority—businesses can rely on a defense that is thoroughly tested and capable of carrying them into the future with quantum-ready storage.

Enhanced Protection for Native Cloud Workloads

The new features of NetApp BlueXP ransomware protection provide enhanced protection for native cloud workloads. The updates include ransomware-specific role-based access controls, which empower security teams with granular permissions tailored to combat ransomware threats effectively, and support for ransomware protection for native cloud workloads.

Introducing NetApp Security Professional Services

NetApp is offering expanded professional security assessment and security hardening services to help customers evaluate and further tighten their security posture. These services enable customers to take a proactive approach to data security at the storage layer and strengthen their overall security posture.

Expert Insights

“Building resiliency against cyber-attacks into the data storage infrastructure has never been more important,” said Krista Case, Research Director for The Futurum Group. “Approximately 80 percent of respondents in our Cybersecurity Decision Maker IQ research indicated having experienced a significant security incident over the past 12 months, and 40 percent counted data loss and compromise as one of the most significant consequences of their organization’s worst security incident.”

About NetApp

NetApp is the intelligent data infrastructure company, combining unified data storage, integrated data, operational and workload services to turn a world of disruption into opportunity for every customer. NetApp creates silo-free infrastructure, harnessing observability and AI to enable the industry’s best data management. As the only enterprise-grade storage service natively embedded in the world’s biggest clouds, our data storage delivers seamless flexibility. In addition, our data services create a data advantage through superior cyber resilience, governance, and application agility. Our operational and workload services provide continuous optimization of performance and efficiency for infrastructure and workloads through observability and AI. No matter the data type, workload, or environment, with NetApp you can transform your data infrastructure to realize your business possibilities.

Additional Resources

Beyond the Breach: Storage Turns Cyber Defense into Resilience

The Post-Quantum Cryptography Countdown: Why your Data’s Safety Net is Fraying

Post-Quantum Cryptography: The Most Secure Storage on the Planet is Ready for the Quantum World

BlueXP Ransomware Protection: Outsmart Ransomware

BlueXP Backup and Recovery: Full Spectrum 3-2-1 Backup for ONTAP

Data Security Services: Securing Your Data is Our Top Priority

About NetApp

NETAPP, the NETAPP logo, and the marks listed at www.netapp.com/TM are trademarks of NetApp, Inc. Other company and product names may be trademarks of their respective owners. View source version on businesswire.com: https://www.businesswire.com/news/home/20250429989841/en/

Protect Your Data with NetApp

NetApp is committed to helping businesses protect their data and maintain their overall security posture. With its new cyber resiliency capabilities, NetApp is providing customers with the tools they need to take a proactive approach to data security at the storage layer. NetApp’s post-quantum cryptography capabilities provide a quantum-ready storage solution that keeps customers’ data protected against quantum threats. The company’s BlueXP ransomware protection service provides a comprehensive, orchestrated ransomware defense for NetApp ONTAP workloads, and its backup and recovery service provides a simple, secure, and cost-effective integrated data protection service for ONTAP data. NetApp’s security professional services enable customers to evaluate and further tighten their security posture. The company’s data security services provide a data advantage through superior cyber resilience, governance, and application agility. With NetApp, businesses can transform their data infrastructure to realize their business possibilities.

Take a Proactive Approach to Data Security

Don’t wait until it’s too late. Take a proactive approach to data security with NetApp. With its new cyber resiliency capabilities, NetApp is providing customers with the tools they need to protect their data and maintain their overall security posture.

Learn More

To learn more about NetApp’s new cyber resiliency capabilities, visit the NetApp booth #259 at the RSA Conference 2025, April 28-May 1 at the Moscone Center in San Francisco.

NetApp Enhances Cyber Resiliency Capabilities

NetApp, the intelligent data infrastructure company, has announced new data security capabilities that help customers strengthen their cyber resiliency. Security teams can now leverage NetApp, the most secure storage on the planet, to take a proactive approach to data security at the storage layer and strengthen their overall security posture. The increasing accessibility of AI has enabled malicious actors to automate cyberattacks, requiring businesses to use machine learning to automate threat detection. And as quantum computing approaches viability, businesses urgently need to protect their data from malicious hackers who may look to steal and store sensitive information today, holding it for the promise of easily accessible quantum-powered decryption in the near future. NetApp is a pioneer of comprehensive, secure-by-design intelligent data infrastructure, giving customers confidence in their ability to protect and access data without disruption backed by a guarantee of 99.9999 percent availability. Building on that track record, NetApp is announcing new cyber resiliency capabilities that augment and elevate in-depth security strategies for customers. “Security teams need to factor storage into their security strategies because it is the last line of defense for their data and the right storage can play an active role in protecting the enterprise,” said Gagan Gulati, Senior Vice President and General Manager, Data Services at NetApp. NetApp is offering new data security capabilities that help customers strengthen their cyber resiliency. These capabilities include post-quantum cryptography, NetApp BlueXP ransomware protection update, and NetApp BlueXP backup and recovery workload support.

Key Cyber Resiliency Capabilities

  1. Post-Quantum Cryptography: NetApp has embedded post-quantum cryptography into its storage portfolio for file and block workloads.
  2. NetApp BlueXP Ransomware Protection Update: Updates to BlueXP ransomware protection strengthen the service’s ability to provide a comprehensive, orchestrated ransomware defense for NetApp ONTAP workloads.
  3. NetApp BlueXP Backup and Recovery Workload Support: NetApp BlueXP backup and recovery provides a simple, secure, and cost-effective integrated data protection service for ONTAP data.

These updates build on NetApp’s comprehensive security capabilities that include security built-in, ransomware protection, backup, disaster recovery, data classification—all delivered via BlueXP ransomware protection. This SaaS-based control plane also includes features like SIEM integration to further enable connections between storage and overall security postures. “Building resiliency against cyber-attacks into the data storage infrastructure has never been more important. Approximately 80 percent of respondents in our Cybersecurity Decision Maker IQ research indicated having experienced a significant security incident over the past 12 months, and 40 percent counted data loss and compromise as one of the most significant consequences of their organization’s worst security incident,” said Krista Case, Research Director for The Futurum Group. NetApp’s post-quantum cryptography capabilities provide a quantum-ready storage solution that keeps customers’ data protected against quantum threats. By leveraging encryption algorithms standardized by NIST—a globally recognized standards body and authority—businesses can rely on a defense that is thoroughly tested and capable of carrying them into the future with quantum-ready storage. NetApp’s security professional services enable customers to evaluate and further tighten their security posture. These services provide a proactive approach to data security at the storage layer and strengthen the overall security posture.

Expert Insights

“Building resiliency against cyber-attacks into the data storage infrastructure has never been more important,” said Krista Case, Research Director for The Futurum Group. “Approximately 80 percent of respondents in our Cybersecurity Decision Maker IQ research indicated having experienced a significant security incident over the past 12 months, and 40 percent counted data loss and compromise as one of the most significant consequences of their organization’s worst security incident.”

About NetApp

NetApp is the intelligent data infrastructure company, combining unified data storage, integrated data, operational and workload services to turn a world of disruption into opportunity for every customer. NetApp creates silo-free infrastructure, harnessing observability and AI to enable the industry’s best data management. As the only enterprise-grade storage service natively embedded in the world’s biggest clouds, our data storage delivers seamless flexibility. In addition, our data services create a data advantage through superior cyber resilience, governance, and application agility. Our operational and workload services provide continuous optimization of performance and efficiency for infrastructure and workloads through observability and AI. No matter the data type, workload, or environment, with NetApp you can transform your data infrastructure to realize your business possibilities.

Additional Resources

Beyond the Breach: Storage Turns Cyber Defense into Resilience

The Post-Quantum Cryptography Countdown: Why your Data’s Safety Net is Fraying

Post-Quantum Cryptography: The Most Secure Storage on the Planet is Ready for the Quantum World

BlueXP Ransomware Protection: Outsmart Ransomware

BlueXP Backup and Recovery: Full Spectrum 3-2-1 Backup for ONTAP

Data Security Services: Securing Your Data is Our Top Priority

About NetApp

NETAPP, the NETAPP logo, and the marks listed at www.netapp.com/TM are trademarks of NetApp, Inc. Other company and product names may be trademarks of their respective owners. View source version on businesswire.com: https://www.businesswire.com/news/home/20250429989841/en/

NetApp Enhances Cyber Resiliency Capabilities

New Cyber Resiliency Capabilities

NetApp, the intelligent data infrastructure company, has announced new data security capabilities that help customers strengthen their cyber resiliency. Security teams can now leverage NetApp, the most secure storage on the planet, to take a proactive approach to data security at the storage layer and strengthen their overall security posture. NetApp is a pioneer of comprehensive, secure-by-design intelligent data infrastructure, giving customers confidence in their ability to protect and access data without disruption backed by a guarantee of 99.9999 percent availability. Building on that track record, NetApp is announcing new cyber resiliency capabilities that augment and elevate in-depth security strategies for customers. “Security teams need to factor storage into their security strategies because it is the last line of defense for their data and the right storage can play an active role in protecting the enterprise,” said Gagan Gulati, Senior Vice President and General Manager, Data Services at NetApp. NetApp’s post-quantum cryptography capabilities provide a quantum-ready storage solution that keeps customers’ data protected against quantum threats. By leveraging encryption algorithms standardized by NIST—a globally recognized standards body and authority—businesses can rely on a defense that is thoroughly tested and capable of carrying them into the future with quantum-ready storage. NetApp BlueXP ransomware protection update provides a comprehensive, orchestrated ransomware defense for NetApp ONTAP workloads. The new features include ransomware-specific role-based access controls, which empower security teams with granular permissions tailored to combat ransomware threats effectively, and support for ransomware protection for native cloud workloads. NetApp BlueXP backup and recovery workload support provides a simple, secure, and cost-effective integrated data protection service for ONTAP data. With these new updates, customers will benefit from a redesigned user interface that makes it easier to integrate and define a 3-2-1 data protection strategy for their workloads, including Microsoft SQL Server, VMware, and Kubernetes applications. NetApp Security Professional Services enable customers to evaluate and further tighten their security posture. These services provide a proactive approach to data security at the storage layer and strengthen the overall security posture. “Building resiliency against cyber-attacks into the data storage infrastructure has never been more important. Approximately 80 percent of respondents in our Cybersecurity Decision Maker IQ research indicated having experienced a significant security incident over the past 12 months, and 40 percent counted data loss and compromise as one of the most significant consequences of their organization’s worst security incident,” said Krista Case, Research Director for The Futurum Group. NetApp’s cyber resiliency capabilities are designed to help customers strengthen their overall security posture. By leveraging NetApp’s comprehensive security capabilities, businesses can protect their data and maintain their overall security posture.

Expert Insights

“Building resiliency against cyber-attacks into the data storage infrastructure has never been more important,” said Krista Case, Research Director for The Futurum Group. “Approximately 80 percent of respondents in our Cybersecurity Decision Maker IQ research indicated having experienced a significant security incident over the past 12 months, and 40 percent counted data loss and compromise as one of the most significant consequences of their organization’s worst security incident.”

About NetApp

NetApp is the intelligent data infrastructure company, combining unified data storage, integrated data, operational and workload services to turn a world of disruption into opportunity for every customer. NetApp creates silo-free infrastructure, harnessing observability and AI to enable the industry’s best data management. As the only enterprise-grade storage service natively embedded in the world’s biggest clouds, our data storage delivers seamless flexibility. In addition, our data services create a data advantage through superior cyber resilience, governance, and application agility. Our operational and workload services provide continuous optimization of performance and efficiency for infrastructure and workloads through observability and AI. No matter the data type, workload, or environment, with NetApp you can transform your data infrastructure to realize your business possibilities.

Additional Resources

Beyond the Breach: Storage Turns Cyber Defense into Resilience

The Post-Quantum Cryptography Countdown: Why your Data’s Safety Net is Fraying

Post-Quantum Cryptography: The Most Secure Storage on the Planet is Ready for the Quantum World

BlueXP Ransomware Protection: Outsmart Ransomware

BlueXP Backup and Recovery: Full Spectrum 3-2-1 Backup for ONTAP

Data Security Services: Securing Your Data is Our Top Priority

About NetApp

NETAPP, the NETAPP logo, and the marks listed at www.netapp.com/TM are trademarks of NetApp, Inc. Other company and product names may be trademarks of their respective owners. View source version on businesswire.com: https://www.businesswire.com/news/home/20250429989841/en/

NetApp Enhances Cyber Resiliency Capabilities

NetApp, the intelligent data infrastructure company, has announced new data security capabilities that help customers strengthen their cyber resiliency. Security teams can now leverage NetApp, the most secure storage on the planet, to take a proactive approach to data security at the storage layer and strengthen their overall security posture. The increasing accessibility of AI has enabled malicious actors to automate cyberattacks, requiring businesses to use machine learning to automate threat detection. And as quantum computing approaches viability, businesses urgently need to protect their data from malicious hackers who may look to steal and store sensitive information today, holding it for the promise of easily accessible quantum-powered decryption in the near future. NetApp is a pioneer of comprehensive, secure-by-design intelligent data infrastructure, giving customers confidence in their ability to protect and access data without disruption backed by a guarantee of 99.9999 percent availability. Building on that track record, NetApp is announcing new cyber resiliency capabilities that augment and elevate in-depth security strategies for customers. “Security teams need to factor storage into their security strategies because it is the last line of defense for their data and the right storage can play an active role in protecting the enterprise,” said Gagan Gulati, Senior Vice President and General Manager, Data Services at NetApp.

Key Cyber Resiliency Capabilities

  • Post-Quantum Cryptography: NetApp has embedded post-quantum cryptography into its storage portfolio for file and block workloads.
  • NetApp BlueXP Ransomware Protection Update: Updates to BlueXP ransomware protection strengthen the service’s ability to provide a comprehensive, orchestrated ransomware defense for NetApp ONTAP workloads.
  • NetApp BlueXP Backup and Recovery Workload Support: NetApp BlueXP backup and recovery provides a simple, secure, and cost-effective integrated data protection service for ONTAP data.
  • NetApp Security Professional Services: NetApp is offering expanded professional security assessment and security hardening services to help customers evaluate and further tighten their security posture.

These updates build on NetApp’s comprehensive security capabilities that include security built-in, ransomware protection, backup, disaster recovery, data classification—all delivered via BlueXP ransomware protection. This SaaS-based control plane also includes features like SIEM integration to further enable connections between storage and overall security postures. “Building resiliency against cyber-attacks into the data storage infrastructure has never been more important. Approximately 80 percent of respondents in our Cybersecurity Decision Maker IQ research indicated having experienced a significant security incident over the past 12 months, and 40 percent counted data loss and compromise as one of the most significant consequences of their organization’s worst security incident,” said Krista Case, Research Director for The Futurum Group. NetApp’s post-quantum cryptography capabilities provide a quantum-ready storage solution that keeps customers’ data protected against quantum threats. By leveraging encryption algorithms standardized by NIST—a globally recognized standards body and authority—businesses can rely on a defense that is thoroughly tested and capable of carrying them into the future with quantum-ready storage. NetApp’s security professional services enable customers to evaluate and further tighten their security posture. These services provide a proactive approach to data security at the storage layer and strengthen the overall security posture.

Expert Insights

“Building resiliency against cyber-attacks into the data storage infrastructure has never been more important,” said Krista Case, Research Director for The Futurum Group. “Approximately 80 percent of respondents in our Cybersecurity Decision Maker IQ research indicated having experienced a significant security incident over the past 12 months, and 40 percent counted data loss and compromise as one of the most significant consequences of their organization’s worst security incident.”

About NetApp

NetApp is the intelligent data infrastructure company, combining unified data storage, integrated data, operational and workload services to turn a world of disruption into opportunity for every customer. NetApp creates silo-free infrastructure, harnessing observability and AI to enable the industry’s best data management. As the only enterprise-grade storage service natively embedded in the world’s biggest clouds, our data storage delivers seamless flexibility. In addition, our data services create a data advantage through superior cyber resilience, governance, and application agility. Our operational and workload services provide continuous optimization of performance and efficiency for infrastructure and workloads through observability and AI. No matter the data type, workload, or environment, with NetApp you can transform your data infrastructure to realize your business possibilities.

Additional Resources

Beyond the Breach: Storage Turns Cyber Defense into Resilience

The Post-Quantum Cryptography Countdown: Why your Data’s Safety Net is Fraying

Post-Quantum Cryptography: The Most Secure Storage on the Planet is Ready for the Quantum World

BlueXP Ransomware Protection: Outsmart Ransomware

BlueXP Backup and Recovery: Full Spectrum 3-2-1 Backup for ONTAP

Data Security Services: Securing Your Data is Our Top Priority

About NetApp

NETAPP, the NETAPP logo, and the marks listed at www.netapp.com/TM are trademarks of NetApp, Inc. Other company and product names may be trademarks of their respective owners. View source version on businesswire.com: https://www.businesswire.com/news/home/20250429989841/en/

Protect Your Data with NetApp

NetApp is committed to helping businesses protect their data and maintain their overall security posture. With its new cyber resiliency capabilities, NetApp is providing customers with the tools they need to take a proactive approach to data security at the storage layer. NetApp’s post-quantum cryptography capabilities provide a quantum-ready storage solution that keeps customers’ data protected against quantum threats. The company’s BlueXP ransomware protection service provides a comprehensive, orchestrated ransomware defense for NetApp ONTAP workloads, and its backup and recovery service provides a simple, secure, and cost-effective integrated data protection service for ONTAP data.

Cybersecurity: A Threat to Humanity

Human Risk Management is the Key to Effective Cybersecurity

Cybersecurity threats are becoming increasingly sophisticated, and the consequences of falling victim to these threats can be devastating. A single attack can result in massive financial losses, compromised sensitive information, and damage to a company’s reputation. Therefore, it is essential to prioritize human risk management in the cybersecurity landscape.

The Importance of Human Risk Management in Cybersecurity

  • Human error is a significant contributor to cybersecurity breaches
  • Employees are often the weakest link in the cybersecurity chain
  • Human risk management helps to identify and mitigate these risks

Cybersecurity Challenges

Cybersecurity Challenge Description
Phishing Attacks Phishing attacks involve tricking employees into revealing sensitive information such as login credentials or financial information.
Social Engineering Social engineering attacks involve manipulating employees into performing certain actions that compromise security.
Insider Threats Insider threats involve employees or contractors who have authorized access to an organization’s systems and data but compromise security.

Cybersecurity Solutions

KnowBe4’s Human Risk Management Platform

KnowBe4’s Human Risk Management platform is a comprehensive solution that empowers workforces to make better security decisions.

  • AI-driven platform for Human Risk Management
  • Awareness and compliance training
  • Cloud email security
  • Real-time coaching
  • Crowdsourced anti-phishing
  • AI Defense Agents

Benefits of Human Risk Management

  1. Improved security culture
  2. Reduced risk of human-related breaches
  3. Enhanced productivity
  4. Compliance with regulatory requirements

Key Takeaway

Human risk management is a critical component of effective cybersecurity. By prioritizing human risk management, organizations can reduce the risk of human-related breaches and improve their overall security posture.

Cybersecurity: A Threat to Humanity

Why Human Risk Management is Essential

Human risk management is essential in the cybersecurity landscape because it helps to identify and mitigate the risks associated with human error. Employees are often the weakest link in the cybersecurity chain, and human risk management helps to address this vulnerability.

Case Study: KnowBe4’s Human Risk Management Platform

“KnowBe4’s Human Risk Management platform has been instrumental in helping our organization improve our security culture and reduce the risk of human-related breaches. The platform’s AI-driven approach and comprehensive training modules have been a game-changer for us.” – Stu Sjouwerman, Founder and CEO of KnowBe4

Best Practices for Implementing Human Risk Management

Identify and Assess Risks

Identify and assess the risks associated with human error in your organization. This can involve conducting regular security awareness training and reviewing your organization’s policies and procedures.

  • Conduct regular security awareness training
  • Review policies and procedures
  • Identify vulnerabilities in your organization’s security culture

Develop a Human Risk Management Plan

Develop a human risk management plan that outlines the steps your organization will take to mitigate the risks associated with human error.

  • Assign responsibilities
  • Establish clear policies and procedures
  • Provide ongoing training and support

Monitor and Review Progress

Monitor and review the progress of your human risk management plan regularly. This can involve conducting regular security audits and reviews of your organization’s security culture.

  • Conduct regular security audits
  • Review security culture
  • Identify areas for improvement

Conclusion

Human risk management is a critical component of effective cybersecurity. By prioritizing human risk management, organizations can reduce the risk of human-related breaches and improve their overall security posture.

Protecting Your iOS Device from Malware and Cyber Threats

Myth-Busting: iOS Devices are Not Immune to Viruses

Despite what some people may claim, iOS devices are not completely immune to viruses and malware. In fact, they are increasingly being targeted by hackers, scammers, and other cybercriminals. While Apple’s built-in security features provide a high level of protection, it’s still essential to take extra precautions to safeguard your device.

Why You Don’t Need a Traditional Antivirus App for Your iPhone or iPad

So, why don’t you need a traditional antivirus app for your iPhone or iPad? The answer lies in the way iOS is designed. Apple’s operating system is built with security in mind, featuring features like encryption, sandboxing, and strict control over the App Store. These measures make it difficult for malware to spread and infect other apps or the operating system.

  • Encryption: Apple’s encryption technology ensures that data is protected from unauthorized access.
  • Sandboxing: Each app runs in its own environment, isolated from other apps and the operating system.
  • Strict control over the App Store: Apple vettes all apps to ensure they meet security standards and don’t contain malicious code.

What’s Available in the App Store?

While there are no traditional antivirus apps available for iOS, there are many security-focused apps that can provide an additional layer of protection. These apps often include features like:

  1. VPNs (Virtual Private Networks) to protect online browsing
  2. Phishing protection to safeguard against fake emails and websites
  3. Text scam protection to prevent phishing attacks
  4. Web browsing protection on public Wi-Fi
  5. Identity theft protection to safeguard personal data

Some popular antivirus apps for iOS include:

  1. McAfee
  2. Norton
  3. Malwarebytes
  4. AVG
  5. Avast

However, it’s essential to note that these apps often operate within the boundaries of iOS and the App Store, which means they may not be able to scan for malware in the same way as a traditional antivirus app.

Additional Tips for Protecting Your iOS Device

While Apple’s built-in security features provide a high level of protection, there are still steps you can take to safeguard your device:

  1. Enable automatic updates for iOS to ensure you have the latest security patches
  2. Use public chargers with caution, as they can be a security risk
  3. Regularly check your settings and app permissions to ensure only authorized apps have access to your device
  4. Use a VPN and password manager to add an extra layer of security
  5. Consider signing up for identity theft protection if you’ve been a victim of a data breach

Conclusion

By following these tips and practicing good cyber hygiene, you can significantly reduce the risk of falling victim to a cyberattack or malware infection. While iOS devices are not completely immune to viruses, Apple’s built-in security features and the App Store’s strict controls provide a high level of protection. By taking extra precautions and staying informed, you can keep your iOS device safe and secure.