When I began my career in security, most people accepted as fact that protecting systems came at the expense of productivity. That didn’t have to be true then, and it’s definitely not true now. The cloud, and specifically the AWS Cloud, is a big reason why. But as technology evolves and systems become more complex,
Today, customers use AWS Network Firewall to safeguard their workloads against common security threats. However, they often have to rely on third-party threat feeds and scanners that have limited visibility in AWS workloads to protect against active threats. A self-managed approach to cloud security through traditional threat intelligence feeds and custom rules can result in
Today, Amazon Verified Permissions announced the release of @verifiedpermissions/authorization-clients-js, an open source package that developers can use to implement external fine-grained authorization for Express.js web application APIs in minutes when using Verified Permissions. Express is a minimal and flexible Node.js web application framework that provides a robust set of features for web and mobile applications.
Get ready for AWS re:Inforce 2025, the only learning conference focused exclusively on AWS security solutions, cloud security, compliance and identity. Palo Alto Networks will be there in force, giving attendees the opportunity to learn about overcoming the latest security challenges through highly-focused breakout sessions, hands-on AI security workshops, and in-booth demonstrations designed to show
With remarkable momentum behind its adoption, the Model Context Protocol (MCP) is quickly becoming the de facto interface for connecting large language models (LLMs) to tools, APIs, databases and other services. Think of it as the USB-C of AI development – an elegant, standardized bridge that enables dynamic interaction between AI models and external environments.
In a recent episode of the Threat Vector podcast, host David Moulton chatted with Noelle Russell, founder and chief AI officer at the AI Leadership Institute. She shared a powerful metaphor for artificial intelligence implementation that every security professional should heed: the “baby tiger.” As Russell explains, organizations often begin their AI journeys with an
In 2025, GenAI has moved from experimental to enterprise-critical — transforming how organizations innovate, operate, and protect data. We’ve entered a new age, one where technology isn’t just evolving—it’s transforming at warp speed. At the heart of this revolution lies generative AI (GenAI), a force rapidly reshaping organizations across every conceivable sector. While this transformative
AI agents are set to revolutionize how we work, create and compete, offering unprecedented efficiency and insight as they automate everyday tasks. But how do we ensure these intelligent allies are secure and can be trusted as they become integral to the ways we work and go about our lives? At Palo Alto Networks, we
Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns. “Operated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service (MaaS) on underground forums and has been linked to a wide range of mobile campaigns,”
Cybersecurity researchers have uncovered a new campaign in which the threat actors have published more than 67 GitHub repositories that claim to offer Python-based hacking tools, but deliver trojanized payloads instead. The activity, codenamed Banana Squad by ReversingLabs, is assessed to be a continuation of a rogue Python campaign that was identified in 2023 as