Aggregator

背后有一些放之四海而皆准的方法论，值得借鉴

Over the last year, I’ve spent countless hours with CISOs, CTOs, and security architects talking about a new wave of technology that’s changing the game faster than anything we’ve seen before: Agentic AI and Model Context Protocol (MCP) servers.

If you think AI is still in the “cool demos and pilot projects” stage, think again. We’re already seeing autonomous agents reasoning, remembering, and taking actions in live production environments. MCP servers are quietly becoming the central nervous system for these agents, brokering instructions, accessing tools, and orchestrating API calls across your systems.

This is no longer an “emerging tech” conversation. It’s a real risk surface conversation. And it’s all powered by APIs.

Why APIs Are Now the Front Line

Every AI agent and MCP server interaction runs on APIs. Those APIs pull data from customer records, update transaction systems, initiate workflows, and often do so without a human in the loop.

Here’s the problem:

• Most current security tooling, like WAFs, API gateways, CDNs, and LLM security wrappers can’t see all of this API traffic.
• The API calls between an MCP server and your internal or third-party data sources often happen deep inside your environment, bypassing the “edge” where traditional tools sit.
• Many of these APIs are new, undocumented, or dynamic, created on the fly as agents take new actions.

Without real-time visibility into this API fabric, you’re blind to:

• What data agents are accessing
• Whether they’re staying within policy
• If an attacker has hijacked an agent or exploited an API to breach your system

The Stakes for CISOs

For CISOs, this is a perfect storm: a technology that’s moving faster than your governance frameworks, with attack surfaces multiplying overnight, all in a domain (APIs) where most organizations already struggle to get full visibility.

The “just secure the AI model” approach doesn’t work here. The model isn’t the thing taking actions; the APIs are. If you don’t secure them, you don’t secure the AI. Period.

The 5 Questions Every CISO Should Be Asking Right Now

When I meet with CISOs today, these are the five questions I tell them to put on the table immediately:

1. Do we have an accurate, up-to-date inventory of every API our AI agents and MCP servers are using? If you don’t know what you have, you can’t protect it.
2. Can we see API traffic between our MCP servers, AI agents, and all internal/third-party data sources in real time? Edge-only visibility isn’t enough. You need to see the whole API fabric.
3. Are our governance and policy controls applied at the API level for AI-driven actions? An AI agent can violate policy just as easily as a human, maybe faster.
4. Do we have threat detection tuned for AI-driven API attacks and abuse patterns? This is not “just another OWASP Top 10” problem. Agentic AI creates new classes of attacks.
5. How fast can we identify and stop a rogue agent or compromised MCP server before it impacts data or systems? Containment speed is everything once something goes wrong.

Where Salt Security Fits

At Salt, we’ve been securing APIs since before “API security” was even a market category. Our platform gives you:

• Complete visibility into all API traffic, including the traffic no other tool sees between MCP servers, AI agents, and data sources.
• Continuous discovery so you’re never blindsided by a new or shadow API.
• Real-time threat detection and blocking built for modern API abuse patterns, including those driven by AI agents.
• Governance at scale, so your policies follow the API, no matter how dynamic your environment gets.

If Agentic AI is your new competitive advantage, API security is your new survival strategy. You can’t slow the technology down, but you can be ready for it.

Final Thought

Agentic AI and MCP servers are reshaping the attack surface, whether we like it or not. The organizations that thrive in this new reality will be the ones that treat API security as core infrastructure and not an afterthought. If you’re not already asking the five questions above, now is the time to start.

If your team is exploring agentic AI and wants to talk about securing the foundation it runs on, let’s connect. Request a demo now, and I’ll have one of our AI security experts reach out to you directly.

Also, we are hosting a webinar on August 28 to explore these topics in more depth. You can register for the webinar here.

The post Why AI Agents and MCP Servers Just Became a CISO’s Most Urgent Priority appeared first on Security Boulevard.

索尼做出了一个艰难的决定：宣布从 8 月 21 日起上调美国 PS5 游戏机售价 50 美元。索尼全球营销副总裁 Isabelle Tomatis 称此举是为了应对充满挑战性的经济环境。在这之前，微软的 Xbox 和任天堂的 Switch 也都上调了美国的售价。PS5 Digital Edition 售价从 $450 涨到 $500，标准版 PS5 从 $500 涨到 $550，PS5 Pro 从 $700 涨到 $750。PS5 Pro 使用了更强大的 CPU 和 GPU，因此其价格比标准版要贵得多。

CISA released three Industrial Control Systems (ICS) advisories on August 21, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-233-01 Mitsubishi Electric Corporation MELSEC iQ-F Series CPU Module
• ICSA-25-177-01 Mitsubishi Electric Air Conditioning Systems (Update A)
• ICSMA-25-233-01 FUJIFILM Healthcare Americas Synapse Mobility

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. 

• CVE-2025-43300 Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability

This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. 

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. 

The technology, which may someday be as portable as a smartphone, promises faster and more accurate measurements of radiation exposure, potentially saving lives in critical situations.

Originally published at Answering Your Webinar Questions: What Do Most IT Teams Get Wrong About DMARC? by Levon Vardumyan.

Our recent webinar, “What Do Most IT Teams ...

The post Answering Your Webinar Questions: What Do Most IT Teams Get Wrong About DMARC? appeared first on EasyDMARC.

The post Answering Your Webinar Questions: What Do Most IT Teams Get Wrong About DMARC? appeared first on Security Boulevard.

Google 宣布了其 Pixel 10 系列手机，包括三款智能手机和一款折叠手机，都搭配了 Tensor G5 SoC，支持更多受争议的 AI 功能。三款手机 中 Pixel 10 和 Pixel 10 Pro 配备了 6.3 英寸 OLED 屏幕，而 Pro 配备了分辨率更高的 LTPO 面板，支持更低的刷新率以节省电力。Pixel 10 Pro XL 配备了 6.8 英寸的 LTPO 面板。新手机都支持 Qi 2 无线充电标准，售价分别为 799 美元、999 美元和 1,199 美元，折叠手机 Pixel 10 Pro Fold 售价 1,799 美元。

Learn how to automate your penetration testing, save time, reduce costs, and achieve business logic testing without human-in-the-loop.

The post How to Automate Your Penetration Testing? appeared first on Security Boulevard.

Cybersecurity researchers at CrowdStrike identified and thwarted a sophisticated malware campaign deploying SHAMOS, an advanced variant of the Atomic macOS Stealer (AMOS) malware, orchestrated by the cybercriminal group COOKIE SPIDER. Operating under a malware-as-a-service model, COOKIE SPIDER rents out this information stealer to affiliates who target victims to harvest sensitive data, including login credentials, cryptocurrency […]

The post New SHAMOS Malware Targets macOS Through Fake Help Sites to Steal Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Компания признала критическую ошибку только через неделю молчания.

速更新

速修复

Ohio Medical Alliance exposed a medical marijuana patient database containing 957,000 records, including SSNs, IDs, health files, and…

Noah Urban, linked with the Scattered Spider cybercriminal gang, will also pay $13m in restitution to victims

一个 Reddit 社区 r/ReverseEngineering 致力于逆向工程相关内容的分享与讨论，提供学习资源和交流平台。

AWS’s Trusted Advisor tool, which is supposed to warn customers if their (cloud) S3 storage buckets are publicly exposed, could be “tricked” into reporting them as not exposed when they actually are, Fog Security researchers have found. S3 access protection mechanisms Amazon S3 provides several mechanisms for granting access to storage buckets: IAM users, roles, and policies: Users define who can access their S3 resources using fine-grained permissions Bucket policies: Users define who can access … More →

The post AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged appeared first on Help Net Security.

Security researchers have uncovered a critical series of vulnerabilities in Commvault’s backup and data management software that could enable attackers to achieve remote code execution and compromise on-premises infrastructure. The flaws, discovered by Watchtowr Labs, represent a significant threat to organizations relying on Commvault’s widely-deployed backup solutions. The vulnerability chain consists of four distinct security […]

The post Commvault Backup Suite Flaws Allow Attackers to Breach On-Premises Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

关注安全419,及时获取更新网安招聘信息!

现场各位专家共同探讨新技术、新威胁背景下，如何做好实战过程中的安全运营。