Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver

Eighteen months ago, the AI SOC was a marketing line. Today it's a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowing into AI-powered security operations platforms, agentic SOC tools, and AI co-pilots built into every layer of the...

ExploitBench AI Exploit Benchmark Tool

ExploitBench measures how far AI agents climb, from reaching vulnerable code, to triggering the bug, to building exploit primitives, to arbitrary code execution...

Detecting and mitigating common agent misconfigurations

Organizations are rapidly adopting agents, but attackers are equally fast at exploiting misconfigured AI workflows. Mis-sharing, unsafe orchestration, and weak authentication create new identity and data‑access paths that traditional controls don’t monitor. As agents become integrated into...

Introducing AI Cyber Model Arena: A Real-World Benchmark for AI Agents in Cybersecurity

Wiz Research’s AI Cyber Model Arena benchmarks offensive AI security on 257 real-world challenges zero-days, CVEs, API/web, and cloud across AWS/Azure/GCP/K8s demonstrating what AI models and agents can really do...

Mitigating the OWASP Top 10 for Large Language Models Applications Using Intelligent Agents

Large Language Models LLMs have emerged as a transformative and disruptive technology, enabling a wide range of applications in natural language processing, machine translation, and beyond. However, this widespread integration of LLMs also raised several security concerns highlighted by the Open...

From awareness to action: Building a security-first culture for the agentic AI era

The insights gained from Cybersecurity Awareness Month, right through to Microsoft Ignite 2025, demonstrate that security remains a top priority for business leaders. It serves as a strategic lever for organizational growth, fosters trust, and facilitates the advancement of AI innovation. The Wor...

CVE-2025-12695

The overly permissive sandbox configuration in DSPy allows attackers to steal sensitive files in cases when users build an AI agent which consumes user input and uses the “PythonInterpreter” class...

Wizdom 2025 Product Announcements: Extending the Cloud Operating Model

At Wizdom 2025, we’re unveiling two new AI agents alongside new product innovations that deepen and extend the graph across SaaS, workloads, AI infrastructure, and external exposures. Together, these advances enable teams to secure everything they build and run in the cloud and beyond...

Breaking Agent Backbones: Evaluating the Security of Backbone LLMs in AI Agents

AI agents powered by large language models LLMs are being deployed at scale, yet we lack a systematic understanding of how the choice of backbone LLM affects agent security. The non-deterministic sequential nature of AI agents complicates security modeling, while the integration of traditional...

Exploiting Web Search Tools of AI Agents for Data Exfiltration

Large language models LLMs are now routinely used to autonomously execute complex tasks, from natural language processing to dynamic workflows like web searches. The usage of tool-calling and Retrieval Augmented Generation RAG allows LLMs to process and retrieve sensitive corporate data, amplifyi...

From LLMs to MLLMs to Agents: a Survey of Emerging Paradigms in Jailbreak Attacks and Defenses within LLM Ecosystem

Large language models LLMs are rapidly evolving from single-modal systems to multimodal LLMs and intelligent agents, significantly expanding their capabilities while introducing increasingly severe security risks. This paper presents a systematic survey of the growing complexity of jailbreak...