Reports
AI-generated structured vendor updates
Cloudflare as Customer Zero: Layered Defense Architecture Against Frontier AI Threats
Cloudflare reveals its production defense architecture against frontier AI models, using itself as customer zero. Combines WAF Attack Score, API Shield, Bot Management, Zero Trust, and MCP Server Portal. Core insight: architecture around the vulnerability matters more than patch speed, using ML scoring and positive security models to block attack variants before they hit, and contain lateral movement after a breach.
Cloudflare Embeds Live Threat Intel into WAF, Shifting Control from Manual Rules to Automated Engine
Cloudflare announces integration of real-time threat intelligence (from Cloudforce One) into its WAF engine, enabling proactive rules based on IP, attacker names, target industries, etc. Uses always-on detection with O(1) constant-time lookup for negligible latency. Currently IP-based, with plans for JA3 and domain matching.
Cisco AI Defense + AppOmni Extends Runtime Guardrails to SaaS AI Agents
Cisco integrates AI Defense with AppOmni, using AgentGuard as a real-time intercept layer inside SaaS environments. Custom guardrails now apply to Microsoft 365 Copilot, ServiceNow Now Assist, and other SaaS agents, monitoring MCP, chat, and agent-to-agent channels to block prompt injection, tool exploitation, and data exfiltration with a unified policy engine.
Cisco Talos Threat Hunting Expands Across Endpoint, Network, and Identity Domains
Cisco Talos expands threat hunting to network (Cisco Firewall) and identity (Cisco Duo) domains, using an AI-driven engine for hypothesis-based searches. Findings are delivered via Cisco Security Cloud Control, targeting stealthy threats that evade alert-based detection.
NVIDIA BlueField DPU In-Silicon Security Shifts AI Factory Control from Software to Hardware
NVIDIA unveils DOCA security stack (Argus, Vault, Flow) on BlueField-4 DPU, enabling hardware-isolated runtime threat detection via zero-copy memory analysis, zero-trust file access, and 800 Gb/s network enforcement. This shifts security control from host OS to DPU silicon, delivering distributed full-stack protection without compromising AI throughput, but deeply ties to Vera Rubin platform, creating ecosystem lock-in.
Check Point Agentic Exposure Validation: AI Agents Counter Autonomous Exploitation
Check Point launches Agentic Exposure Validation (AEV), using AI agents that reason like attackers. It correlates exposure data, asset context, and live threat intelligence to safely prove what is exploitable. Part of CTEM, it enables evidence-based reduction before AI-driven adversaries act.
Hardcoded ASP.NET Machine Keys Enable ViewState Deserialization RCE in KnowledgeDeliver LMS
Mandiant reveals that KnowledgeDeliver LMS uses hardcoded ASP.NET machineKeys, enabling unauthenticated RCE (CVE-2026-5426). Attackers craft malicious ViewState payloads, deploy BLUEBEAM in-memory webshell, and infect visitors.
Google Antigravity Control Plane Redefines AI Development, Locks Agent Orchestration
At I/O 2026, Google launched Antigravity 2.0 desktop app and CLI/SDK as a unified agent control plane, alongside Gemini 3.5 Flash/Omni models, Managed Agents API, and native Android support in AI Studio. This aims to streamline AI development from prototype to production, but effectively locks developers into Google's ecosystem and cloud services.
Cloudflare Tests Anthropic Mythos: AI-Driven Exploit Chain Construction and Proof Generation
Cloudflare's Project Glasswing tested Anthropic's Mythos Preview, revealing its ability to automatically chain multiple low-severity bugs into exploitable PoCs with runnable code. They built a multi-stage harness to manage noise and context limits, achieving a significant leap in vulnerability discovery quality.
Cisco Publishes Model Provenance Constitution, Defining Weight-Level Derivation Standards
Cisco published the 'Model Provenance Constitution' to provide a normative definition for AI model supply chain safety. The standard strictly hinges on the verifiable derivation history of model weights, clearly delineating five types of provenance links (e.g., direct descent, distillation) and eight exclusions (e.g., independent reproduction), aiming to resolve industry inconsistencies in model provenance definitions.
Cisco Open Sources Model Provenance Kit, Targeting AI Supply Chain Security Governance
Cisco released the open-source Model Provenance Kit, which uses a tiered strategy to analyze model metadata, tokenizer structure, and weight-level signals to generate unique fingerprints and verify the lineage and integrity of AI models. This aims to address risks of tampering, forgery, and compliance in the AI model supply chain.
Cisco Pushes Service Providers to Monetize Embedded Security
Cisco's blog argues that service providers must shift from viewing security as a cost to treating it as a growth engine. The core premise is that by embedding security natively into network infrastructure, providers can offer high-value security-as-a-service and capture new B2B revenue in a commoditized bandwidth market.
Google Opens TPU Hardware to On-Prem, 8th-Gen Chips Target Nvidia
Google announces 8th-gen TPUs (8t for training with 3x performance over Ironwood, 8i for inference with 80% better perf/dollar) and plans to deliver TPU hardware directly to customer data centers. Also closed Wiz acquisition to bolster AI security. This marks a strategic pivot from cloud-only to hardware supplier.
Google Cloud Next '26: Agent Gateway Seizes Control Plane, TPU 8i Locks Inference
Google Cloud Next '26 announces 8th-gen TPUs (8t for training, 8i for inference), Agent Platform with Agent Gateway, Agent Identity, Agent-to-Agent Orchestration, Agentic Data Cloud, and Agentic Defense integrating Wiz. The move shifts control from infrastructure to agent orchestration, locking enterprises into a vertically integrated stack.
Cisco Research Uncovers New Multimodal Prompt Injection Risks and Defense Signals
Cisco's AI security research team published a report systematically assessing typographic prompt injection attacks against Vision-Language Models. The study found that visual transformations like font size, blur, and rotation significantly impact attack success rates. It also proposes text-image embedding distance as a lightweight, model-agnostic signal for flagging risky inputs, offering a new approach for building multimodal AI security defenses.
Cisco Demonstrates AI Security Architecture Integration via Unified Platform at MWC 2026
At the MWC 2026 S/NOC, Cisco operated its AI-ready firewall, SSE, AI Defense, Splunk SIEM, and XDR as a unified platform. It demonstrated multi-layered AI security from DNS to application layer, with automated response, and highlighted discovery and risk control for GenAI applications.
Cisco's Annual Report Reveals AI-Era Security Strategy: Expanding from Personal Data to Industrial Data Governance
Cisco's FY25 Purpose Report emphasizes security, privacy, and trust as business imperatives in the AI era. The core shift is the expanded mandate of its Privacy Center of Excellence (PCOE), moving beyond personal data to govern regulated 'industrial data'. The report also details AI-powered threat detection engines like SnortML and DNS Security Service.
Microsoft Partners with Domestic Operators to Build Sovereign AI Infrastructure in Japan
Microsoft announced a $10B investment in Japan over four years, with a key pillar being a collaboration with Sakura Internet and SoftBank. This partnership will offer GPU-based AI compute services through Azure, managed by domestic providers to ensure data residency within Japan. This addresses the demand for sovereign AI infrastructure for sensitive workloads.
Check Point Launches AI Defense Plane to Shift Security Control from Models to Runtime
Check Point launched the 'AI Defense Plane', aiming to provide unified security control for AI-driven enterprises. Its core is an AI-native security engine that extends protection from model safety guardrails to runtime behavior control of AI in live environments, covering employee usage, AI applications, and autonomous agentic systems.
Fortinet to Announce First Quarter 2026 Financial Results
Fortinet will host a conference call on May 6, 2026, at 1:30 p.m. Eastern Time to discuss its first quarter 2026 financial results. A live webcast and replay will be available on the company's investor relations website.