How red teaming helps safeguard the infrastructure behind AI models

Artificial intelligence (AI) is now squarely on the frontlines of information security. However, as is often the case when the pace of technological innovation is very rapid, security often ends up being a secondary consideration. This is increasingly evident from the ad-hoc nature of many implementations, where organizations lack a clear strategy for responsible AI […]

The post How red teaming helps safeguard the infrastructure behind AI models appeared first on Security Intelligence.

Continue reading How red teaming helps safeguard the infrastructure behind AI models

Stress-testing multimodal AI applications is a new frontier for red teams

Human communication is multimodal. We receive information in many different ways, allowing our brains to see the world from various angles and turn these different “modes” of information into a consolidated picture of reality. We’ve now reached the point where artificial intelligence (AI) can do the same, at least to a degree. Much like our […]

The post Stress-testing multimodal AI applications is a new frontier for red teams appeared first on Security Intelligence.

Continue reading Stress-testing multimodal AI applications is a new frontier for red teams

AI and cloud vulnerabilities aren’t the only threats facing CISOs today

With cloud infrastructure and, more recently, artificial intelligence (AI) systems becoming prime targets for attackers, security leaders are laser-focused on defending these high-profile areas. They’re right to do so, too, as cyber criminals turn to new and emerging technologies to launch and scale ever more sophisticated attacks. However, this heightened attention to emerging threats makes […]

The post AI and cloud vulnerabilities aren’t the only threats facing CISOs today appeared first on Security Intelligence.

Continue reading AI and cloud vulnerabilities aren’t the only threats facing CISOs today

Testing the limits of generative AI: How red teaming exposes vulnerabilities in AI models

With generative artificial intelligence (gen AI) on the frontlines of information security, red teams play an essential role in identifying vulnerabilities that others can overlook. With the average cost of a data breach reaching an all-time high of $4.88 million in 2024, businesses need to know exactly where their vulnerabilities lie. Given the remarkable pace […]

The post Testing the limits of generative AI: How red teaming exposes vulnerabilities in AI models appeared first on Security Intelligence.

Continue reading Testing the limits of generative AI: How red teaming exposes vulnerabilities in AI models

3 proven use cases for AI in preventative cybersecurity

IBM’s Cost of a Data Breach Report 2024 highlights a ground-breaking finding: The application of AI-powered automation in prevention has saved organizations an average of $2.2 million. Enterprises have been using AI for years in detection, investigation and response. However, as attack surfaces expand, security leaders must adopt a more proactive stance. Here are three […]

The post 3 proven use cases for AI in preventative cybersecurity appeared first on Security Intelligence.

Continue reading 3 proven use cases for AI in preventative cybersecurity

FireEye says hackers stole its red-team tools, suggests state-sponsored group is to blame

FireEye, one of the most influential cybersecurity companies in the world, on Tuesday revealed that it had been breached by a suspected state-sponsored hacking group. FireEye CEO Kevin Mandia said that the FBI and security experts at Microsoft were helping investigate the incident, in which attackers accessed the tools FireEye uses to simulate attacks against clients. “Their initial analysis supports our conclusion that this was the work of a highly sophisticated state-sponsored attacker utilizing novel techniques,” Mandia said in a blog post. Attackers stole so-called red team tools, which security firms use to imitate real-world hacks on behalf of their clients. Such red team tools from a respected firm like FireEye would provide malicious attackers with a kind of roadmap on how to subvert defenses, and breach victims. Mandia said his firm was taking the extraordinary step of developing “more than 300 countermeasures for our customers, and the community at […]

The post FireEye says hackers stole its red-team tools, suggests state-sponsored group is to blame appeared first on CyberScoop.

Continue reading FireEye says hackers stole its red-team tools, suggests state-sponsored group is to blame

RangeForce Expands Security Training Cloud Service

RangeForce today unfurled Battle Fortress Cyber Range, a cloud-based service through which red/blue teams can conduct security training using modules and content they can reuse across multiple exercises. Will Munroe, vice president of marketing for Ra… Continue reading RangeForce Expands Security Training Cloud Service

Protect your employees from phishing and social engineering | NCSAM at Synopsys

It was a busy summer for healthcare IT staff. The Minnesota Department of Human Services potentially breached 21,000 patients’ personal data. Gold Coast Health Plan emailed 37,000 patients to warn them their data had been exposed. And UnityPoint … Continue reading Protect your employees from phishing and social engineering | NCSAM at Synopsys

Randori enters automated red-teaming scene with $9.75 million seed investment

“Nation-state” hacking is a phrase often used to talk about the the scariest cyberthreats out there, but cybersecurity startup Randori is using it to market its platform. The company announced on Thursday that it secured $9.75 million in seed funding for its automated red-teaming services. The Boston-based company says that its platform lets customers launch “nation-state caliber” attacks on their own systems in order to assess their risks and vulnerabilities. Randori stresses that its platform carries out real attacks, not ones in simulated environments, in combination with “continuous reconnaissance.” “Despite massive investments of time and capital, organizations often don’t know where they’re vulnerable until after they’re hit. Simulated environments can’t account for the changing tactics of today’s attacker,” said CEO Brian Hazzard in a press release. Hazzard is a former vice president and founding employee of Carbon Black, an endpoint security company that went public earlier this year. Randori company […]

The post Randori enters automated red-teaming scene with $9.75 million seed investment appeared first on Cyberscoop.

Continue reading Randori enters automated red-teaming scene with $9.75 million seed investment

SCYTHE raises $3 million for attack simulation platform

SCYTHE, an Arlington, Va., based cybersecurity company, announced on Monday that it raised $3 million in seed funding for its automated red-teaming platform. The company flagship platform allows customers to simulate attack campaigns against their own networks in order to assess their defensive posture. SCYTHE says that its product uses a catalog of threats to “automatically deploy a combination of threat actor communications and end-point capabilities on the production environment.” Enterprises can customize their own adversarial campaigns then get reports on how well their systems stood up to the threat. Heading SCYTHE is Bryson Bort, a former U.S. Army officer who has worked in various cybersecurity strategy and research and development at multiple outfits. Bryson is the co-founder of ICS Village, a nonprofit that educates the public about risks to industrial control systems through live simulations. He also founded and is the chairman of GRIMM, a cybersecurity consultancy. “We’re constantly adding […]

The post SCYTHE raises $3 million for attack simulation platform appeared first on Cyberscoop.

Continue reading SCYTHE raises $3 million for attack simulation platform