News for today:
- Strata AI Identity Gateway and Validation Sandbox. Strata Identity released the AI Identity Gateway, which authenticates, authorizes, and observes every action taken by AI agents across connected services. The AI Identity Gateway enforces least-privilege access via OPA/Rego policy-based authorization at multiple layers, including both initial access and delegated token exchange for short-lived credentials. By validating proof of possession and maintaining comprehensive audit logs of all agent requests, responses, and token exchanges, it prevents over-privileged security threats while ensuring full operational visibility. It also released a sandbox for testing / experimenting with agent identity controls. Strata Identity
- StackHawk and Endor Labs collaboration. StackHawk and Endor Labs announced a collaboration that combines Endor’s SAST (static app security testing) with StackHawk’s DAST (dynamic app security testing) so appsec teams and developers have the full picture on vulnerabilities in code. Endor Labs’ AI-Native SAST identifies code-level flaws, traces how untrusted input flows through the application, determines exploitability, and provides actionable remediation guidance to developers. StackHawk validates whether those vulnerabilities are discoverable and exploitable at runtime. Together, they solve the essential developer question: “What should I actually fix?” StackHawk Endor Labs
- Social media and online marketplaces are scam hotbeds. Malwarebytes shared new research on scammer activity on social media sites and online marketplaces. Scammers take advantage of everyday shopping habits and seasonal stress by imitating trusted brands, sellers or creators in ways that feel entirely authentic. Fifty-one percent of people encounter scams on social media weekly while 27% encounter scams daily. For marketplace shoppers, 36% are hit with a scam weekly and 15% experience one daily. See the full report. Malwarebytes
- See Bitdefender for the same warning.
- See KnowBe4 for a complementary warning for retailers.
- OPSWAT’s manufacturing facility in Florida. OPSWAT opened its new production facility in Florida for critical infrastructure cybersecurity solutions. Manufacturing the hardware in-house provides OPSWAT with greater control and quality assurance throughout every stage of production. Dedicated Quality Assurance and Product Management teams oversee rigorous testing and compliance processes to ensure the highest standards are consistently met. The move also enables OPSWAT to accelerate product development and respond swiftly to emerging cybersecurity challenges and customer needs. OPSWAT