GRC stories - Page 4

Coalfire's new DivisionHex service hunts shadow AI and rogue agents as most firms report AI-driven security incidents without proper oversight.

Keysight debuts SBOM Manager to automate software bills of materials as EU and US cyber rules tighten transparency and compliance demands.

Secure.com warns SOCs face rising risk from clunky workflows and alert overload, urging 'human-first' design and greater automation.

RAIDS AI joins Drata and Prescient to deliver ISO 42001-based AI governance, blending automation, monitoring and independent certification.

Smarsh launches AI agents to slash legal discovery and compliance surveillance time and costs for regulated firms handling vast data.

Lineaje launches UnifAI, a security and governance layer to centralise control, discovery and policy for enterprise agentic AI deployments.

Mphasis tells CTOs to overhaul legacy cores as agentic AI scales, backing ontology-driven knowledge graphs to curb automated errors.

As cyber risks and red tape surge, firms turn to ISO 27001 as a unified framework to tame fragmented compliance and build digital trust.

Keeper launches KeeperDB to centralise zero-trust database access, hiding credentials and recording sessions within its existing security vault.

A new Securitybridge index finds SAP Basis the weakest security layer, with just 58% of checks compliant across hardened systems.

Secure Code Warrior launches SCW Trust Agent: AI, giving security teams commit-level visibility and control over AI-influenced code.

Harness has launched AI Security and Secure AI Coding tools to spot and block vulnerabilities in AI-powered apps and AI-generated code.

Unlimited and Themis launch Complaints AI to help banks automate complaint analysis, spot emerging risks and meet tightening regulation.

1Password unveils Unified Access to secure AI agents and machine credentials, promising endpoint-to-agent visibility for security teams.

XM Cyber rolls out AI exposure mapping to track shadow AI, cloud models and MCP servers across hybrid estates in a single attack graph.

Deloitte has sold its audit software venture Auvenir to its management in a buyout, with the business rebranding as Streamworks Tech.

Cloud security startup Native launches from stealth with USD $42m to unify preventive, intent-based controls across major public clouds.

Black Kite weaves Open FAIR into its platform to automate financial loss estimates in third-party cyber risk assessments and reviews.

Secure Code Warrior launches SCW Trust Agent: AI to trace, rate and police AI-generated code risks directly at developers' commit point.

Proofpoint launches intent-based AI security to govern autonomous agents, promising real-time checks on behaviour across enterprise systems.