News for today:
- Sophos identity security play. Sophos launched an identity threat detection and response solution that works with Sophos XDR and MDR; the new solution is based on tech acquired from Secureworks (acquired February 2025). Sophos ITDR uncovers identity risks and is designed to protect and detect against all known MITRE ATT&CK Credential Access techniques with detection rules for all of the techniques The solution performs more than 80 cloud identity posture checks, monitors for compromised credentials on the dark web, and uses AI-driven detections to identify identity-based attacks such as kerberoasting, privilege escalation, account takeover, brute force, and lateral movement. Response playbooks within Sophos ITDR, enable automated remediation actions, including account lock, password reset, multi-factor authentication refresh, and session revocation. Sophos
- Darktrace NEXT and more. Darktrace introduced NEXT – Network Endpoint eXtended Telemetry – that combines network packet data with endpoint process data, and therefore creates a unified perspective for tracing the endpoint root cause of network threats. Analysts no longer have to interrogate different systems, e.g., NDR, EDR, XDR. The integration also feeds into Cyber AI Analyst, which summarizes and prioritizes incidents for human analysts. Darktrace also released updates for its /OT and /Network products, among others. Darktrace
- AI in the Mimecast platform. Mimecast introduced new AI capabilities in its products to defend against AI-powered threats – across three strands: protection by AI, protection from AI, and protection for AI. It’s using AI to analyze 18 billion security events per day to predict and prevent attacks, and now offers the Mihra AI agent for threat investigations. Mimecast is also offering protection from AI-powered attacks, e.g., The platform is designed to provide enhanced protection from emerging threats by detecting and blocking AI-generated attacks that flawlessly replicate internal communication styles—threats capable of evading traditional security filters. It also helps safeguard against account compromise, takeover attempts, and sophisticated multi-vector attacks, providing comprehensive threat defense across both email and collaboration suites. Availability will flow across Q4 2025. Mimecast
- Stamus Networks released Clear NDR Enterprise U42. Stamus released a major update to its Clear NDR Enterprise system for security operations. Clear NDR Enterprise U42 addresses critical challenges facing modern security teams: integrating AI into security workflows, reducing alert fatigue in SIEM systems, and scaling detection capabilities to match growing network demands. The release introduces seven major capabilities that transform how organizations leverage network intelligence for threat detection and response. Stamus Networks
- New director of intelligence at GreyNoise. Nishawn Smagh, most recently at the U.S. Cyber Command, joined GreyNoise as the Director of Intelligence. At GreyNoise, Smagh will strategically advise government and commercial enterprises on how to counter sophisticated adversaries, defend critical networks, and outpace rapidly evolving APT tradecraft. GreyNoise
- Kitakami Shinkin Bank on continuous threat exposure. To reduce risk and improve security, Kitakami Shinkin Bank in Japan announced it will be using XM Cyber’s solutions to gain continuous threat exposure across its on-premises and cloud environments, rather than relying on point in time, quickly outdated vulnerability testing and pen testing. XM Cyber transforms traditional vulnerability management programs into a holistic CTEM program to identify vulnerabilities, overly permissive identities and credential issues, and misconfigurations. It then contextualizes them to potential attack paths, prioritizes them based on risk to critical assets, and mobilizes teams around fixing them for optimal outcomes. XM Cyber
- OPSWAT in Hungary. OPSWAT opened a new cybersecurity centre in Hungary for exploring the protection of critical infrastructure – for customers, partners, students, and academic researchers. In addition to R&D labs, the facility features the company’s largest and most visually advanced CIP lab, which, for example, allows visitors to easily distinguish between harmless and malicious data flows. With 135 m2 of demonstration space and further educational areas, it is designed for technology meetups, educational sessions, and partner showcases. It also includes a state-of-the-art studio with interactive educational modeling built to create professional cybersecurity training videos. OPSWAT