Security Boulevard

TEST SB

The post TEST SB appeared first on Security Boulevard.

I’ve spent my career building solutions to protect the API fabric that powers modern businesses. I founded Salt because I saw that traditional security tools such as WAFs, gateways, and CDNs weren’t designed to see or secure APIs. That gap led to breaches, blind spots, and billions in risk.

Today, we’re facing a new wave of risk that’s even bigger than the last. The rise of Agentic AI has brought us to a true inflection point.

Agentic AI isn’t just another software layer. It’s a fundamentally new computing paradigm. These autonomous agents reason, remember, and take real-time actions across environments. They trigger workflows, access sensitive data, and update systems without a human in the loop.

They are powerful and dangerous.

And they’re all powered by APIs.

The Hard Truth: You Can’t Secure AI Without Securing APIs

Every AI agent is API-connected. Whether it’s pulling data from internal systems, issuing commands to third-party platforms, or coordinating with other agents via the Model Context Protocol (MCP), which acts as an API broker, APIs are the control plane.

But here's the problem: most security teams still treat APIs as just another line item in the stack. Or worse, they assume their existing tools are already covering them.

They’re not.

Agentic AI magnifies every weakness in your API strategy. If you’re not seeing all the API traffic, if you’re not identifying sensitive endpoints, if you’re not understanding behavioral context, you’re flying blind while AI agents operate with full system access.

That’s not just a technical risk. It’s a life safety issue. If an AI-powered agent makes a healthcare decision based on incomplete or manipulated data, the stakes aren’t abstract. They’re personal. My own grandmother’s health relies on systems like these being secure, reliable, and trusted. I won’t accept anything less.

Why Today’s Tools Fall Short

Traditional tools were never built to handle this. They inspect traffic at the edge. They filter payloads based on static rules. But they can’t tell you:

• Which AI agents are active
• What those agents are doing
• Whether they’re acting inside or outside policy
• If rogue agents or shadow APIs are being abused
• If internal APIs are leaking sensitive context

The rise of Agentic AI means we need API security that’s real-time, behavioral, and deeply integrated into how AI agents think and act.

Our Vision: Secure the API Fabric of the Future

At Salt, we believe Agentic AI marks the beginning of a new era of software—and that era must be secured differently.

Here’s our vision:

1. ‍See the entire API fabric, instantly: AI agents operate across thousands of APIs, including internal, partner, shadow, and deprecated ones. Salt provides a complete, continuously updated map without requiring traffic or agents to start.
2. ‍Understand behavior, not just traffic: Salt goes beyond logging API calls. We understand intent, sequence, and context so we can spot anomalies that signal abuse, drift, or misalignment between agent policy and behavior.
3. ‍Secure the Model Context Protocol (MCP): MCP is becoming the lingua franca of AI agents. It defines what agents know, what actions they can take, and how they think. Salt is building the industry’s first purpose-built security for MCP traffic and agent coordination.
4. Prevent the next-generation of AI attacks: From prompt injection to API abuse, Salt detects and stops attacks that slip past traditional defenses. And we provide the intelligence you need to adapt policy in real time before incidents escalate.
5. Enable responsible AI adoption: Security can’t slow innovation. Salt is designed for speed and ease of deployment. We integrate directly with cloud environments, such as AWS, providing teams with instant visibility without disrupting operations.

The Road Ahead

We’ve entered a world where software can think and act. That’s thrilling. But it also demands a radical shift in how we think about security.

At Salt, we’re committed to leading the way. We’ll secure the AI agents reshaping how businesses operate. We’ll protect the APIs that make those agents possible. And we’ll keep building toward a future where innovation and trust go hand in hand.

Because this isn’t just about digital systems, it’s about the real-world impact they have on customers, partners, and employees.

‍

Roey Eliyahu, ‍Co-founder & CEO, Salt Security

The post Securing the Next Era: Why Agentic AI Demands a New Approach to API Security appeared first on Security Boulevard.

If you’re reading this, there’s a fair chance the thought has crossed your mind: “Was this written by a human… or by one of those AI models everyone’s talking about?” That’s a fair question, and as someone who has spent years in cybersecurity, I’ll tell you—this isn’t just an academic curiosity. It’s a real, growing […]

The post Cybersecurity in the AI Era – How Do You Know This Article Wasn’t Written by a Machine? appeared first on HolistiCyber.

The post Cybersecurity in the AI Era – How Do You Know This Article Wasn’t Written by a Machine? appeared first on Security Boulevard.

Creator/Author/Presenter: Ben Stav

Our deep appreciation to Security BSides - San Francisco and the Creators/Authors/Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView / AMC Metreon - certainly a venue like no other; and via the organization's YouTube channel.

Additionally, the organization is welcoming volunteers for the BSidesSF Volunteer Force, as well as their Program Team & Operations roles. See their succinct BSidesSF 'Work With Us' page, in which, the appropriate information is to be had!

Permalink

The post BSidesSF 2025: Trace to Triage: How to Connect Product Vulnerabilities to Security Paths appeared first on Security Boulevard.

The Big News: Palo Alto Networks Moves on CyberArk Palo Alto Networks today announced a landmark agreement to acquire CyberArk Software in a deal valued at approximately $25 billion. Under the terms, CyberArk shareholders will receive $45 in cash plus 2.2005 shares of Palo Alto Networks common stock per share—representing a 26% premium to CyberArk’s unaffected..

The post Palo Alto’s Acquisition of CyberArk Could Set Off a Wave of Consolidation in the Cyber World appeared first on Security Boulevard.

The security breach of the popular women-only safe-dating app Tea widened over the weekend, when a second database storing 1.1 million DMs between members was compromised. News of the exposure came days after an initial investigation found that a database holding older data, including photos, was breached.

The post Tea App Data Breach Deepens, with 1.1 Million User Chats Exposed appeared first on Security Boulevard.

Palo Alto Networks Inc. is in discussions to acquire CyberArk Software for more than $20 billion in one of tech’s biggest deals this year, as vendors scramble to fortify their cybersecurity defenses. Palo Alto Networks could finalize a deal for the identity management software maker — its largest ever — as soon as this week,..

The post Palo Alto Networks In Talks to Acquire CyberArk for $20 Billion: Report appeared first on Security Boulevard.

For years, primarily driven by regulatory compliance mandates, such as the Sarbanes-Oxley Act of 2002, identity and access management has been treated as a regulatory compliance exercise, rather than the security exercise it should be — and simply checking off compliance requirements leaves many organizations with a dangerous and false sense of security. This is..

The post Mapping Mayhem: Security’s Blind Spots in Identity Security appeared first on Security Boulevard.

The current status of AppSec presents a significant challenge for many organizations in improving their application security.

The post Alert Fatigue and Talent Gaps Fuel AppSec Weaknesses appeared first on Security Boulevard.

For decades, network security followed a simple model: the castle and moat design philosophy. We built strong perimeters with firewalls and relied on Network Access Control (NAC) to act as a guardian, checking credentials at the door. Once inside, users and devices were assumed to be trusted. Today, the assumptions have all changed. Thanks to..

The post Nile Gives Your Campus Network More Than Just a Password appeared first on Security Boulevard.

Intruder this week made available an open-source tool that scans application programming interfaces (APIs) for broken authorization vulnerabilities.

The post Intruder Open Sources Tool for Testing API Security appeared first on Security Boulevard.

Christina Marie Chapman, an Arizona resident, was sentenced to 8.5 years in prison for her role in a wide-ranging North Korean IT worker scam that sent $17 million to the outlaw country. Chapman ran a laptop farm from her home, validated stolen U.S. identities for the scammers, and transferred money overseas to the bad actors.

The post U.S. Woman Sentenced to 8.5 Years for Role in North Korean Worker Scam appeared first on Security Boulevard.

Clorox is suing IT giant Cognizant, claiming their help desk handed over employee passwords to hackers — no phishing, no malware… just gave them away.

The post “Bleach Wasn’t Strong Enough: Clorox Sues Cognizant After Help Desk Allegedly Gave Away Passwords to Hackers” appeared first on Security Boulevard.

Chennai, India, 25th July 2025, CyberNewsWire

The post xonPlus Launches Real-Time Breach Alerting Platform for Enterprise Credential Exposure appeared first on Security Boulevard.

Clorox is suing Cognizant for $380 million, saying the IT services provider's service desk put in place to protect the multinational company from cyber risks in 2023 gave hackers password resets and other credentials when asked without verifying the identities of people making the requests.

The post Cognizant Agents Gave Hackers Passwords, Clorox Says in Lawsuit appeared first on Security Boulevard.

Vibe coding is here. And it’s not just a fad — it’s reshaping how we build, deploy and even conceive of software. But unless we hit the brakes and bake in security now, we’re setting ourselves up for another generation of vulnerabilities, exploits and blame games.

The post The “S” in Vibe Coding Stands for Security appeared first on Security Boulevard.

Amazzon Beee Buzzzz: It records everything you say (and what people around you say, too).

The post Amazon AI Privacy Panic — Bee Brings Bezos Panopticon appeared first on Security Boulevard.

A new ransomware variant dubbed "Crux" was detected by Huntress researchers in three attacks this month, with the group favoring RDP for initial access and legitimate processes to make it more difficult to detect it. The group also claims to be part of the BlackByte RaaS crew, though Huntress couldn't validate the claim.

The post New Crux Ransomware Emerges in Three Attacks This Month appeared first on Security Boulevard.

BforeAI today disclosed the discovery of a phishing campaign that is leveraging the same core infrastructure to spoof multiple domains.

The post BforeAI Identifies Phishing Campaign Using Same Infrastructure Across Multiple Domains appeared first on Security Boulevard.

We’re seeing fewer attacks, but that doesn’t mean we’re safer. The latest data from NCC Group shows traditional ransomware is down — but threat actors are regrouping, rebranding, and rearming with AI and advanced social engineering.

The post Is Ransomware Dying? Don’t Break Out the Champagne Just Yet appeared first on Security Boulevard.