Technology

Related News

Monday Miscellany, 7/7/25

  • Gene Veith
  • Published date: 2025-07-07 10:00:13

Requiring schools to teach fetal development.  Quantum computing and the end of cybersecurity.  And Democrats trying to decide whether to fix public schools or defend them.

Requiring schools to teach fetal development.  Quantum computing and the end of cybersecurity.  And Democrats trying to decide whether to fix public schools or defend them.Ending abortion will requir… [+6837 chars]

What Beginners Often Forget About Crypto Wallets

  • Lawrence Yackulic
  • Published date: 2025-07-07 06:23:27

Entering the world of digital assets opens exciting possibilities, but many newcomers overlook essential facts when it comes to crypto wallets. While

Entering the world of digital assets opens exciting possibilities, but many newcomers overlook essential facts when it comes to crypto wallets. While buying or selling tokens may feel straightforward… [+3863 chars]

Bitcoin to Benefit Immensely from Trump’s Big Beautiful Bill: White House Advisor

  • Talha Arshad
  • Published date: 2025-07-05 12:07:29

US Presidential advisor Bo Hines has tweeted that the crypto economy, especially Bitcoin, is set to benefit immensely from Trump’s recently signed “Big, Beautiful Bill”.

US Presidential advisor Bo Hines has tweeted that the crypto economy, especially Bitcoin, is set to benefit immensely from Trumps recently signed Big, Beautiful Bill. The US House of Representatives … [+2438 chars]

Hand Geometry Biometrics Market Size to Hit USD 19.67 Billion by 2032, at 14.25% CAGR | Research by SNS Insider

  • SNS Insider pvt ltd
  • Published date: 2025-07-03 13:15:00

Hand Geometry Biometrics Market growth is driven by rising demand for secure, contactless access control, workforce management solutions, AI-enhanced accuracy, and multi-modal biometric integration. Hand Geometry Biometrics Market growth is driven by rising d…

Austin, July 03, 2025 (GLOBE NEWSWIRE) -- Hand Geometry Biometrics Market Size & Growth Insights: According to the SNS Insider,The Hand Geometry Biometrics Market Size  was valued at USD 6.83 b… [+7460 chars]

Russell Coker: The Fuss About “AI”

  • None
  • Published date: 2025-07-03 10:21:46

There are many negative articles about “AI” (which is not about actual Artificial Intelligence also known as “AGI”). Which I think are mostly overblown and often ridiculous. Resource Usage Complaints about resource usage are common, training Llama 3.1 could a…

There are many negative articles about “AI” (which is not about actual Artificial Intelligence also known as “AGI”). Which I think are mostly overblown and often ridiculous. Resource Usage Complain… [+9800 chars]

The Promise and Peril of Digital Security in the Age of Dictatorship

  • Carmen Valeria Escobar
  • Published date: 2025-07-03 09:30:00

LGBTIQ+ organizations in El Salvador are using technology to protect themselves and create a record of the country’s ongoing authoritarian escalations against their community. It’s not without risks.

Rodríguez and his collective received digital security training from Amate, another LGBTIQ+ organization that advocates nationally. Since May, Amate has trained 60 people on issues including digital … [+2444 chars]

Curve Pay and Thales Join Forces to Securely Transform Digital Wallets on iPhone

  • Business Wire
  • Published date: 2025-07-03 06:10:23

This collaboration between Curve and Thales provides iOS users with greater control, flexibility, autonomy and digital-security for in-store contactless payments and digital wallets MEUDON, France — Curve, the ultimate digital wallet, today announced deepenin…

This collaboration between Curve and Thales provides iOS users with greater control, flexibility, autonomy and digital-security for in-store contactless payments and digital wallets THIS CONTENT IS … [+6175 chars]

Crypto Billionaire Bit Off Attacker’s Finger in Attempted Kidnapping: Report

  • Vince Dioquino
  • Published date: 2025-07-02 19:02:06

Billionaire investor and entrepreneur Tim Heath shared his experience amid a growing trend of “wrench attacks” against crypto holders.

In brief <ul><li>In court last week, billionaire crypto investor and entrepreneur Tim Heath shared his experience of being attacked in a failed kidnapping attempt last year.</li><li>Attackers tracke… [+4405 chars]

Why passkeys are the next frontier in digital security

  • theweek.com
  • Published date: 2025-07-02 18:06:17

The traditional password that generations of computer users have come to love and hate may soon be replaced by something called a "passkey." You've likely even been prompted to create one. While many people may not know just how easy it is to start experiment…

The traditional password that generations of computer users have come to love and hate may soon be replaced by something called a "passkey." You've likely even been prompted to create one. While many… [+144 chars]

Microsoft Is Erasing Your Passwords Next Month. Do This ASAP

  • Dashia Milden
  • Published date: 2025-07-02 17:30:00

The app's autofill feature will stop working this month, but the biggest change is one month away.

Starting this month, you'll no longer be able to use Microsoft Authenticator's autofill password function, a move the company is making to transition from passwords to passkeys. Last month, Microsoft… [+3505 chars]

AT&T Launches Wireless Account Lock To Stop SIM Swapping Attacks, Gives Users Full Control Over Account Changes And Warns It Will Never Ask To Disable

  • Ezza Ijaz
  • Published date: 2025-07-02 10:25:58

Companies are increasingly looking for ways to give more control to users and to protect their privacy. This is especially the case with the telecommunication service providers who are taking more initiatives to ensure greater digital security. Such protectiv…

Companies are increasingly looking for ways to give more control to users and to protect their privacy. This is especially the case with the telecommunication service providers who are taking more in… [+2301 chars]

Podcast Episode: Cryptography Makes a Post-Quantum Leap

  • Josh Richman
  • Published date: 2025-07-02 07:05:17

The cryptography that protects our privacy and security online relies on the fact that even the strongest computers will take essentially forever to do certain tasks, like factoring prime numbers and finding discrete logarithms which are important for RSA enc…

The cryptography that protects our privacy and security online relies on the fact that even the strongest computers will take essentially forever to do certain tasks, like factoring prime numbers and… [+33998 chars]

Qantas cyberattack becomes Australia's most significant data breach in recent years, with over six million customers exposed

  • Global Desk
  • Published date: 2025-07-02 01:37:10

Qantas Airways faced a cyberattack. This incident compromised personal data of six million customers. Information like names and contact details got exposed. Financial data remained secure. Vanessa Hudson apologised and initiated an investigation. Cybersecuri…

Qantas Airways has confirmed that a cyberattack on one of its customer call centers has exposed the personal data of up to six million customers, potentially becoming one of Australias most significa… [+2649 chars]

Shield Your Inbox: 6 Common Phishing Emails You Can’t Ignore

  • Talk Android
  • Published date: 2025-06-30 15:30:17

In today's digital landscape, email scams continue to evolve with alarming sophistication. According to recent studies, over 55% of internet users encounter

In today's digital landscape, email scams continue to evolve with alarming sophistication. According to recent studies, over 55% of internet users encounter phishing attempts on a monthly basis. What… [+6355 chars]

Georgia’s last thread of press freedom is about to snap – but we independent journalists will not give up

  • f_barca
  • Published date: 2025-06-30 14:12:44

Georgia is experiencing a severe authoritarian shift. Assaults on journalists are increasing, as are censorship, surveillance and repressive legislation. Despite the risks, the independent media is persevering, says Mariam Nikuradze, a reporter who is in the …

Eight months after Georgias rigged parliamentary elections, the government in Tbilisi is reaching new milestones of democratic backsliding. It has begun to censor opposition TV channels for using ter… [+8963 chars]

Get a lifetime of cloud storage for up to 70% off — no subscription required

pCloud is offering up to 70% off its lifetime cloud storage plans through July 7. The deal lets you back up your files without having to deal with subscription fees.

Storing files in the cloud helps you keep backups of your files, sync data across devices, and have better peace of mind when it comes to images, documents, and videos. It can be an expensive endeavo… [+2753 chars]

The Law Bytes Podcast, Episode 238: David Fraser on Why Bill C-2’s Lawful Access Powers May Put Canadians’ Digital Security At Risk

  • Michael Geist
  • Published date: 2025-06-30 12:15:55

The Bill C-2 lawful access focus has thus far primarily centred on the creation of a new warrantless information demand power and the expansion of production orders to access information. Those provisions are found in Part 14 of the bill, but there is also a …

The Bill C-2 lawful access focus has thus far primarily centred on the creation of a new warrantless information demand power and the expansion of production orders to access information. Those provi… [+1050 chars]

How dangerous is encoded reasoning?

  • Artyom Karpov
  • Published date: 2025-06-30 11:54:12

Published on June 30, 2025 11:54 AM GMTEncoded reasoning occurs when a language model (LM) agent hides its true reasoning inside its chain-of-thought (CoT). It is one of the three types of unfaithful reasoning[1] and the most dangerous one because it undermin…

Encoded reasoning occurs when a language model (LM) agent hides its true reasoning inside its chain-of-thought (CoT). It is one of the three types of unfaithful reasoning[1] and the most dangerous on… [+23850 chars]

News alert: SquareX research finds browser AI agents are proving riskier than human employees

  • None
  • Published date: 2025-06-30 00:00:00

None

<div class="entry" morss_own_score="5.647473560517039" morss_score="61.05706057945836"> <img decoding="async" src="https://www.lastwatchdog.com/wp/wp-content/uploads/SH_FYI_logo-sepia-1850px-960x462.jpg"> <p>Palo Alto, Calif., Jun. 30, 2025, CyberNewswire–Every security practitioner knows that employees are the weakest link in an organization, but this is no longer the case.</p> <p><a href="https://www.lastwatchdog.com/wp/wp-content/uploads/SquareX-logo.png"><img decoding="async" src="https://www.lastwatchdog.com/wp/wp-content/uploads/SquareX-logo.png"></a><a href="https://sqrx.com/?utm_campaign=15399438-YOBB%20-%20June%202025&amp;utm_source=pressrelease&amp;utm_medium=pressrelease">SquareX</a>’s research reveals that Browser AI Agents are more likely to fall prey to cyberattacks than employees, making them the new weakest link that enterprise security teams need to look out for.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div> <p>Browser AI Agents are software applications that act on behalf of users to access and interact with web content. Users can instruct these agents to automate browser-based tasks such as flight bookings, scheduling meetings, sending emails, and even simple research tasks.</p> <p>The productivity gains that Browser AI Agents provide make them an extremely compelling tool for employees and organizations alike. Indeed, a survey from PWC found that 79% of organizations have already adopted browser agents today.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="200296caa7466fe31f69f1e9-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="200296caa7466fe31f69f1e9-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div> <p>Yet, Browser AI Agents expose organizations to a massive security risk. These agents are trained to complete the tasks they are instructed to do, with little to no understanding of the security implications of their actions.</p> <p>Unlike human employees, Browser AI Agents are not subject to regular security awareness training. They cannot recognize visual warning signs like suspicious URLs, excessive permission requests, or unusual website designs that typically alert employees of a malicious site. Consequently, Browser AI Agents are more likely to fall prey to browser-based attacks than even a regular employee.</p> <p>Even if it is possible for users to add these guardrails, the overhead required to extensively write the security risk of every task performed by the agent in every prompt would probably outweigh the productivity gains. More importantly, employees using Browser AI Agents are unlikely to have enough security expertise to be able to write such a prompt in the first place.</p> <p><a href="https://www.lastwatchdog.com/wp/wp-content/uploads/250630_SquareX-graphic-1.png"><img decoding="async" src="https://www.lastwatchdog.com/wp/wp-content/uploads/250630_SquareX-graphic-1-520x232.png"></a>With the popular open-source Browser Use framework used by thousands of organizations, SquareX demonstrated how the Browser AI Agent, instructed to find and register for a file-sharing tool, succumbed to an OAuth attack. In the process of completing its task, it granted a malicious app complete access to the user’s email despite multiple suspicious signals – irrelevant permissions, unfamiliar brands, suspicious URLs – that likely would have stopped most employees from granting these permissions.</p> <p>In other scenarios, these agents might expose the user’s credit card information to a phishing site while trying to purchase groceries or disclose sensitive data when responding to emails from an impersonation attack.</p> <p>Unfortunately, neither browsers nor traditional security tools can differentiate between actions performed by users and these agents. Thus, it is critical for enterprises working with Browser AI Agents to provide browser-native guardrails that will prevent agents and employees alike from falling prey to these attacks.</p> <div><a href="https://www.lastwatchdog.com/wp/wp-content/uploads/Vivek-Ramachandran.png"><img decoding="async" src="https://www.lastwatchdog.com/wp/wp-content/uploads/Vivek-Ramachandran-100x135.png"></a> Ramachandran</div> <p><a href="https://www.linkedin.com/in/vivekramachandran/">Vivek Ramachandran</a>, Founder &amp; CEO of <a href="https://sqrx.com/?utm_campaign=15399438-YOBB%20-%20June%202025&amp;utm_source=pressrelease&amp;utm_medium=pressrelease">SquareX</a>, warns, “The arrival of Browser AI Agents have dethroned employees as the weakest link within organizations. Optimistically, these agents have the security awareness of an average employee, making them vulnerable to even the most basic attacks, let alone bleeding-edge ones.</p> <p>Critically, these Browser AI Agents are running on behalf of the user, with the same privilege level to access enterprise resources. Until the day browsers develop native guardrails for Browser AI Agents, enterprises must incorporate browser-native solutions like Browser Detection and Response to prevent these agents from being tricked into performing malicious tasks.</p> <p>Eventually, the new generation of identity and access management tools will also have to take into account Browser AI Agent identities to implement granular access controls on agentic workflows.”</p> <p>To learn more about this security research, users can visit <a href="http://sqrx.com/browser-ai-agents">http://sqrx.com/browser-ai-agents</a> .</p> <p>SquareX’s research team is also holding a webinar on <strong>July 11, 10am PT/1pm ET</strong> to dive deeper into the research findings. To register, users can click <a href="https://getstarted.sqrx.com/browser-ai-agents-webinar">here</a>.</p> <p><strong><em>About SquareX: </em></strong><a href="https://sqrx.com/?utm_campaign=15399438-YOBB%20-%20June%202025&amp;utm_source=pressrelease&amp;utm_medium=pressrelease"><em>SquareX</em></a><em>’s browser extension turns any browser on any device into an enterprise-grade secure browser. SquareX’s industry-first Browser Detection and Response (BDR) solution empowers organizations to proactively detect, mitigate, and threat-hunt client-side web attacks, including malicious browser extensions, advanced spearphishing, browser-native ransomware, genAI DLP, and more. Unlike legacy security approaches and cumbersome enterprise browsers, SquareX seamlessly integrates with users’ existing consumer browsers, ensuring enhanced security without compromising user experience or productivity. By delivering unparalleled visibility and control directly within the browser, SquareX enables security leaders to reduce their attack surface, gain actionable intelligence, and strengthen their enterprise cybersecurity posture against the newest threat vector – the browser. Find out more on </em><a href="http://www.sqrx.com/"><em>www.sqrx.com</em></a><em>.</em></p> <p><em> <strong>Media contact: </strong>Junice Liew, Head of PR, SquareX, </em><a href="/cdn-cgi/l/email-protection#59332c37303a3c192a282b21773a3634"><em><span class="__cf_email__" data-cfemail="462c33282f2523063537343e6825292b">[email protected]</span></em></a></p> <p><strong><em>Editor’s note:</em></strong><em> This press release was provided by </em><a href="https://cybernewswire.com/">CyberNewswire</a><em> as part of its press release syndication service. The views and claims expressed belong to the issuing organization.</em></p> <p> <a href="https://www.facebook.com/sharer.php?u=https://www.lastwatchdog.com/news-alert-squarex-research-finds-browser-ai-agents-are-proving-riskier-than-human-employees/"><img decoding="async" src="https://www.lastwatchdog.com/wp/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png" title="Facebook"></a><a href="https://plus.google.com/share?url=https://www.lastwatchdog.com/news-alert-squarex-research-finds-browser-ai-agents-are-proving-riskier-than-human-employees/"><img decoding="async" src="https://www.lastwatchdog.com/wp/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/google.png" title="Google+"></a><a href="/cdn-cgi/l/email-protection#b18ec2c4d3dbd4d2c58cffd4c6c2948381d0ddd4c3c58b948381e2c0c4d0c3d4e9948381c3d4c2d4d0c3d2d9948381d7d8dfd5c2948381d3c3dec6c2d4c3948381f0f8948381d0d6d4dfc5c2948381d0c3d4948381c1c3dec7d8dfd6948381c3d8c2dad8d4c3948381c5d9d0df948381d9c4dcd0df948381d4dcc1dddec8d4d4c297d0dcc18ad3ded5c88c948381d9c5c5c1c28b9e9ec6c6c69fddd0c2c5c6d0c5d2d9d5ded69fd2dedc9edfd4c6c29cd0ddd4c3c59cc2c0c4d0c3d4c99cc3d4c2d4d0c3d2d99cd7d8dfd5c29cd3c3dec6c2d4c39cd0d89cd0d6d4dfc5c29cd0c3d49cc1c3dec7d8dfd69cc3d8c2dad8d4c39cc5d9d0df9cd9c4dcd0df9cd4dcc1dddec8d4d4c29e"><img decoding="async" src="https://www.lastwatchdog.com/wp/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/email.png" title="Email"></a></p> <p>June 30th, 2025 <span> | <a href="https://www.lastwatchdog.com/category/news-alerts/">News Alerts</a> | <a href="https://www.lastwatchdog.com/category/top-stories/">Top Stories</a></span></p> <p> </p></div><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.lastwatchdog.com">The Last Watchdog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by bacohido">bacohido</a>. Read the original post at: <a href="https://www.lastwatchdog.com/news-alert-squarex-research-finds-browser-ai-agents-are-proving-riskier-than-human-employees/">https://www.lastwatchdog.com/news-alert-squarex-research-finds-browser-ai-agents-are-proving-riskier-than-human-employees/</a> </p>

The Rise of Agentic AI: Uncovering Security Risks in AI Web Agents

  • None
  • Published date: 2025-06-30 00:00:00

None

<p>In our <a href="https://www.imperva.com/blog/the-rise-of-agentic-ai-from-chatbots-to-web-agents/">first post</a>, we introduced the world of AI web agents – defining what they are, outlining their core capabilities, and surveying the leading frameworks that make them possible. Now, we’re shifting gears to look at the other side of the coin: the vulnerabilities and attack surfaces that arise when autonomous agents browse, click, and act on our behalf.</p><p>From startups to tech giants, everyone is racing to embed these agentic capabilities into their products and services, making AI agents central to modern operations. But as adoption accelerates, a harsh truth emerges: their power comes with exposure. In this post, we’ll explore how vulnerabilities in AI web agents are emerging as critical security risks, especially when these tools are embedded into larger agentic workflows and systems.</p><h2>Web Agents Recap</h2><p>Before we dive into specific threats, it helps to recap how AI web agents operate under the hood. At a high level, AI web agents are software tools powered by large language models (LLMs) with an automation engine, typically a headless browser or API client, to turn natural-language instructions into concrete web actions. They’ll navigate to a page, authenticate or fill out forms, invoke API endpoints, parse responses, and even manage cookies or session state to complete each step. These agents can break down complex prompts into discrete actions and carry them out via a browser or even the underlying operating system.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><p>Frameworks like <strong>Browser-Use</strong> and <strong>Skyvern </strong>focus on browser automation, while tools like <strong>ACE (by General Agents)</strong>, <strong>OpenAI’s Operator</strong>, or <strong>Claude’s Computer Use</strong> extend control to desktop environments. In practice, an agent may fetch live data, maintain context in an internal memory, and coordinate with other specialized agents to execute multi-stage workflows.</p><p>This blend of LLM logic, automation layers, and external integrations not only creates a rich functionality and advanced capabilities but also, as we’ll see, exposes new attack surfaces in modern AI web agents.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="00daac404f7bae23fed02e19-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="00daac404f7bae23fed02e19-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><h2>Risks &amp; Vulnerabilities in AI Web Agents</h2><p>Despite their impressive capabilities, AI web agents have clear weak points that attackers can exploit. Although this field is still in its early days, researchers have already started mapping out risks and vulnerabilities affecting AI agents.</p><p>In this blog, we’ll dive into one of the pressing threats to AI web agents: <strong>Agent Hijacking.</strong> This occurs when an attacker interferes with how an agent perceives information or makes decisions. By feeding it misleading inputs or tampering its internal logic, attackers can trick the agent to trust false data, leak sensitive information, or take actions that are unsafe, unintended, or even malicious. To keep things simple, let’s split hijacking attacks into two categories:</p><ul> <li><strong>Perception &amp; Interface Hijacking: </strong>Manipulating what the agent “sees” or how it interacts with the web environment.</li> <li><strong>Prompt-Based Hijacking: </strong>Tampering with the agent’s “thought process” by feeding it with misleading or malicious instructions.</li> </ul><p>This two-part breakdown helps clarify where and how agents can be taken over, and why defence strategies must protect both their internal reasoning and their external senses.</p><h3>Perception &amp; Interface Hijacking</h3><p>This type of attack goes after the agent’s “senses” and “actions” in the browser. It focuses on the external layer – the browser, UI, or environment the AI agent interacts with. By messing with what the agent sees or clicks on, attackers can trick it into performing unauthorized actions. Perception hijacking occurs in the following sequence of events:</p><ol> <li><strong>DOM/Page manipulation:</strong> tweaking the page’s HTML to mislead the agent, for instance, replacing a legitimate links or buttons with malicious ones. This can be done with known attack vectors like stored XSS, but also through normally benign tools like markdown formatting within applications.</li> <li><strong>Visual confusion: </strong>these manipulated web elements cause confusion to the web agent, tricking it into taking actions it should not.</li> <li><strong>Actions:</strong> the agent then clicks on manipulated buttons and links within the page, expecting a certain outcome, and are then redirected to potentially malicious locations.</li> </ol><p>In the following video, we show how a simple markdown comment in a standard web forum can hijack the AI web agent Browser-Use. By manipulating how the agent views the site, we can influence its behavior and send it to a malicious destination. For the demo we used a realistic clone of a site, similar to Stack Overflow, to illustrate this behaviour.</p><div style="width: 1650px;" class="wp-video"><!--[if lt IE 9]><script>document.createElement('video');</script><![endif]--><br> <video class="wp-video-shortcode" id="video-20076-1" width="1650" height="972" preload="metadata" controls="controls"><source type="video/mp4" src="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-Perception-Hijacking-demo.mp4?_=1"></source><a href="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-Perception-Hijacking-demo.mp4">https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-Perception-Hijacking-demo.mp4</a></video></div><p>Demo 1: Browser-Use Perception Hijacking</p><h3>Prompt-Based Hijacking</h3><p>In contrast to perception-based hijacking, instead of manipulating what the agent sees, this type of attack targets the internal reasoning loop of an AI agent by feeding it crafted language inputs hidden in the web elements ingested from web pages. These hijacks are so dangerous because they exploit the very flexibility that makes the LLMs powerful: bending an agent’s reasoning purely through language, without ever touching its underlying code.</p><p>Building on the previous demo video, we demonstrate how a malicious landing page, in this example a fake login, can be designed to include interactive elements embedding hidden prompt injections. Here we override the agent’s prompts and direct it to watch a legendary video.</p><div style="width: 1568px;" class="wp-video"><video class="wp-video-shortcode" id="video-20076-2" width="1568" height="968" preload="metadata" controls="controls"><source type="video/mp4" src="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-prompt-injection-demo.mp4?_=2"></source><a href="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-prompt-injection-demo.mp4">https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-prompt-injection-demo.mp4</a></video></div><p>Demo 2: Browser-Use Prompt Injection</p><h3>The Interplay Between Prompt and Perception Hijacking</h3><table> <thead> <tr> <td><strong>Category</strong></td> <td><strong>Definition</strong></td> <td><strong>Targets</strong></td> <td><strong>Example Techniques</strong></td> <td><strong>Goal</strong></td> </tr> </thead> <tbody> <tr> <td><strong>Perception &amp; Interface Hijacking</strong></td> <td>Exploits how the agent perceives or interacts with its environment to mislead or trap it.</td> <td>UI, DOM, browser actions, context</td> <td>DOM injection, tooltip poisoning, spoofed buttons or domains</td> <td>Force incorrect actions, leak data, misdirect flow</td> </tr> <tr> <td><strong>Prompt-Based Hijacking</strong></td> <td>Manipulates the agent’s internal reasoning by injecting or modifying natural language input.</td> <td>Prompts, memory, task objectives</td> <td>Prompt injection, memory poisoning, goal redirection</td> <td>Subvert agent behaviour, bypass safeguards</td> </tr> </tbody> </table><p>Think of it like this: <strong>p</strong><strong>rompt-based injection messes with the agent’s “</strong><em>thoughts”</em>,<br> while <strong>perception &amp; interface hijacking</strong> targets its “<strong>senses” and actions.</strong></p><p>In browser<strong>-based agents</strong>, you rarely see <strong>prompt injection on its own.</strong> Unlike chatbots that take direct text input, browser agents rely on scraping<strong> and interpreting </strong>page content. This means that for an attacker to inject prompts, they must first manipulate what the agent sees: through the DOM, hidden elements, tooltips, or spoofed content.</p><p>Here, <strong>the web interface becomes the true injection surface</strong>. Malicious instructions are smuggled into page content that the agent is likely to scrape or summarize, turning perception manipulation into a delivery mechanism for hijacking the agent’s internal reasoning. As a result, even though prompt injection and perception hijacking are conceptually distinct, <strong>they are tightly coupled in web environments</strong>, with interface control often being a <strong>prerequisite</strong> for successful prompt-level compromise.</p><h3>Real-World Consequences of Agents Hijacks</h3><p>Here is what can happen when attackers take over an AI web agent:</p><h4>Cross-Site Manipulation</h4><p>When an agent loads a page containing hidden scripts or cleverly crafted content, that page can influence the agent’s behaviour on other websites – much like XSS (Cross-Site Scripting) or CSRF in traditional web security, but here, the “scripting” is done via content that influences the agent’s decision logic.</p><p>In the demo video below, we show how injecting a prompt into the fake login page can manipulate the browser agent into visiting an online shopping site with a pre-authenticated session. We illustrate how the agent can perform malicious actions on the site, including making purchases.</p><div style="width: 1570px;" class="wp-video"><video class="wp-video-shortcode" id="video-20076-3" width="1570" height="978" preload="metadata" controls="controls"><source type="video/mp4" src="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-Prompt-hijacking-demo.mp4?_=3"></source><a href="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-Prompt-hijacking-demo.mp4">https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-Prompt-hijacking-demo.mp4</a></video></div><p>Demo 3: Browser-Use Malicious Purchases</p><h4>Unchecked System Commands</h4><p>Many agents can execute code or simulate mouse and keyboard events- powerful features that demand strong sandboxing. “Sandboxing” means restricting what the agent can do, to contain any damage. Without it, a hijacked agent could wreak havoc on your PC: deleting files, installing malware, or altering critical configurations. Imagine an attacker slipping a malicious instruction into a tool like General Agents ACE, or Claude Computer Use, since they control the Operating System I/O, they effectively have full system access. Various case studies have shown attacks like these in action, demonstrating how OS’s controlled by LLMs can be compromised in this way <sup><a href="https://hiddenlayer.com/innovation-hub/indirect-prompt-injection-of-claude-computer-use/" rel="noopener">[1]</a><a href="https://www.prompt.security/blog/claude-computer-use-a-ticking-time-bomb" rel="noopener">[2]</a></sup>.</p><h4>Context Leakage and Unauthorized Data Access</h4><p>AI agents constantly handle sensitive context: web page content, user prompts, intermediate reasoning, API keys, and session tokens. Context leakage refers to sensitive data slipping out where it shouldn’t, often due to an attack. An agent might carry private info from one step to the next and accidentally reveal it. For example, if an agent logs into a user’s accounts (email, banking, etc.), it will handle credentials or session tokens. Those need to be protected. Multi-agent setups amplify this risk: one compromised agent can become the weak link that exposes the entire chain of tasks. Bellow, we’ll show an example of how hidden context in an agent’s prompt can be leaked to an attacker.</p><p>In the final demo video below, we demonstrate how injecting a prompt into the fake login page can force the browser agent to retrieve local secrets and send them to an attacker-controlled server.</p><div style="width: 1570px;" class="wp-video"><video class="wp-video-shortcode" id="video-20076-4" width="1570" height="978" preload="metadata" controls="controls"><source type="video/mp4" src="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Local-secret-theft-demo.mp4?_=4"></source><a href="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Local-secret-theft-demo.mp4">https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Local-secret-theft-demo.mp4</a></video></div><p>Demo 4: Browser-Use Local Secret Theft</p><h2>Cascading Effects in Multi-Agent Workflows</h2><p>When AI agents team up, with one fetching web data, another analysing it, and a third updating databases, everything runs like a finely tuned assembly line. But that same modular setup means a breach in just one link can quietly infect the rest. A compromised agent—whether through prompt injection, poisoned memory, or tampered outputs—can hand off malicious instructions or poisoned data to its peers, propagating a silent “infection” down the chain. Recent research shows how a single hijacked agent can undermine downstream systems, even when each agent seems isolated <sup><a href="https://splx.ai/blog/exploiting-agentic-workflows-prompt-injections-in-multi-agent-ai-systems" rel="noopener">[3]</a></sup>.</p><p>This risk only grows as agents talk to each other using standardized protocols such as <strong>Agent-to-Agent (A2A)</strong> and <strong>Anthropic’s Model Context Protocol (MCP)</strong>. These frameworks make it easy to build and connect multi-agent workflows by defining shared message formats, memory interfaces, and secure context-passing mechanisms. While this standardization lowers the barrier for developers to build complex agentic architectures, it also means that a vulnerability in one agent or protocol implementation can have a far-reaching impact. For example, a malicious instructions hidden in one agent’s JSON context (via MCP) can slip through to other agents without setting off alarms. In effect, while protocols like A2A and MCP are essential enablers of scale and interoperability, they also emphasize the need for <strong>robust validation, filtering, and isolation mechanisms</strong> between agents to prevent the systemic spread of compromised inputs or behaviour.</p><p>As multi-agent ecosystems become the norm, the importance of treating every agent-to-agent interaction as a potential security boundary becomes paramount. Without solid validation, filtering, and isolation at each step, the benefits of composability and reuse can quickly turn into vectors for exploitation.</p><h2>Wrapping Up: Innovate with Caution</h2><p>AI web agents like ACE, Browser-Use, Skyvern (and others such as Auto-GPT style bots or OpenAI’s Operator) herald a future of hands-free automation. But as we’ve seen, attackers are also eyeing these agents. A hijacked agent can turn your helpful AI assistant into a weapon against you (or against others). From prompt injection attacks that quietly insert the hacker’s agenda, to cross-site exploits that piggyback on an agent’s browsing, to multi-agent “infection” that spreads through an entire swarm of bots, the security challenges are real and pressing.</p><p>The good news is that we are not powerless, as the AI community is actively working on defences. Researchers are studying robust prompting techniques and content filters to catch malicious instructions. Companies are exploring constitutional AI and policy-driven agents that refuse risky actions. And the old rules still apply: run agents with the least-privileges they need, sandbox them tightly, and monitor their activity for anomalies.</p><p>In the meantime, if you’re experimenting with AI web agents, stay vigilant. Treat them as you would a new intern with extraordinary powers: supervise closely and train them before fully trusting them on their own. Use test environments, double-check critical steps, and keep humans in the loop for high-risk steps like spending money or deleting data. As we’ve illustrated, a single well-placed attack can make an AI agent go from helpful to harmful in a flash. By understanding these failure modes (prompt injections, cross-site manipulations, sandbox escapes, context leakage, and cascade effects) we can design safer agent systems that boost efficiency, without opening the door for attackers.</p><p> </p><a href="https://hiddenlayer.com/innovation-hub/indirect-prompt-injection-of-claude-computer-use/" rel="noopener">https://hiddenlayer.com/innovation-hub/indirect-prompt-injection-of-claude-computer-use/</a><a href="https://www.prompt.security/blog/claude-computer-use-a-ticking-time-bomb" rel="noopener">https://www.prompt.security/blog/claude-computer-use-a-ticking-time-bomb</a><a href="https://splx.ai/blog/exploiting-agentic-workflows-prompt-injections-in-multi-agent-ai-systems" rel="noopener">https://splx.ai/blog/exploiting-agentic-workflows-prompt-injections-in-multi-agent-ai-systems</a><p>The post <a href="https://www.imperva.com/blog/the-rise-of-agentic-ai-uncovering-security-risks-in-ai-web-agents/">The Rise of Agentic AI: Uncovering Security Risks in AI Web Agents</a> appeared first on <a href="https://www.imperva.com/blog">Blog</a>.</p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.imperva.com/blog/">Blog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Sarit Yerushalmi">Sarit Yerushalmi</a>. Read the original post at: <a href="https://www.imperva.com/blog/the-rise-of-agentic-ai-uncovering-security-risks-in-ai-web-agents/">https://www.imperva.com/blog/the-rise-of-agentic-ai-uncovering-security-risks-in-ai-web-agents/</a> </p>

The Rise of Agentic AI: From Chatbots to Web Agents

  • None
  • Published date: 2025-06-30 00:00:00

None

<p>Disclaimer: This post isn’t our usual security-focused content – today we’re taking a quick detour to explore the fascinating world of AI agents with the focus of AI web agents. Enjoy this educational dive as a warm-up before we get into the juicy details of AI web agents in our follow-up post where we will <a href="https://www.imperva.com/blog/the-rise-of-agentic-ai-uncovering-security-risks-in-ai-web-agents/">Uncover Security Risks in AI Web Agents</a>.</p><h2>Introduction</h2><p>Artificial Intelligence has evolved far beyond simple chatbots. Today’s AI agents are dynamic systems that can plan, interact with digital tools, and execute tasks with minimal human intervention. Unlike traditional applications, these agents can autonomously gather information, make decisions and take actions to achieve their goals. In this post, we’ll define what an AI agent is, with a special focus on AI web agents. We’ll also explore their core capabilities and show how they fit into modern multi‑agent systems. This foundational guide will equip you with the essential knowledge needed to appreciate the fast-evolving landscape of agentic AI and set the stage for our next deep dive into AI web agent vulnerabilities. Let’s dive in!</p><h2>What is an AI Agent?</h2><p>Before we can focus on AI web agents, let’s first understand what an AI agent is.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><p>In simple terms, an <strong>AI agent</strong> is a software system that can <strong>autonomously perform tasks</strong> for a user or another system. Unlike a regular chatbot that only responses to inputs, an AI agent can make decisions, call APIs or databases, control software, and generally <strong>act</strong> in an environment to achieve a goal. These agents often leverage advanced <strong>large language models (LLMs)</strong> for understanding instructions and reasoning, but crucially they are not limited to their training data – they can reach out to tools and data sources to get things done.</p><p>Think of an AI agent as a tireless digital helper: you give it an objective, and it figures out the steps, finds the information or tools needed, and executes actions step by step (with minimal or no human intervention). It can remember context (with an internal memory) and adjust its plan on the fly.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="01f735a6126d0655869c82e3-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="01f735a6126d0655869c82e3-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><h2>What are AI Web Agents?</h2><p>Now let’s turn our attention to the main topic: <strong>AI Web Agents</strong>. These agents are built specifically to interact with the World Wide Web. In simple terms, an AI web agent is an AI-powered system that can <strong>browse websites, understand web content, and perform actions </strong>inside<strong> a web browser,</strong> just like a human would, but entirely on its own.</p><p>In the context of our earlier discussion, a web agent is essentially an AI agent whose environment is the web. Instead of relying only on internal data, it perceives information on web pages (via HTML, text, and sometimes visuals), and can click links, fill forms, or trigger other web-based actions via a browser interface.</p><p>Behind the scenes, web agents often utilize a headless browser or APIs to fetch web pages, process their content (using natural language understanding or even computer vision to grasp layouts), and interact with the web elements. In doing so, they translate messy, human-oriented web interfaces into structured information that AI models can reason about and act upon, effectively making the web LLM-friendly.</p><h3>Core Capabilities</h3><p>AI web agents are powered by a set of essential skills. Below, we’ll break down each one and demonstrate how it works in real‑world scenarios.</p><h4>1. Web Navigation</h4><p>At the most basic level, a web agent must be able to move through the internet just like a human using a browser. This includes:</p><ul> <li><strong>Clicking links</strong> to explore menus, follow search results, or drill down into subpages.</li> <li><strong>Filling out forms</strong> with text inputs, dropdowns, radio buttons, and checkboxes- whether it’s logging into a portal, submitting a search, or registering for an event.</li> <li><strong>Handling dialogs</strong> <strong>like</strong> cookie consents or pop‑ups, allowing the agent to continue navigating without stumbling over unexpected prompts.</li> </ul><p>Example: An invoice‑download bot logs into your vendor portal, navigates to the billing page, selects last month’s date range, and clicks “Download PDF”.</p><h4>2. Data Retrieval</h4><p>Once the Agent reaches its target page, it needs to pull the precise information you’re looking for. This Includes:</p><ul> <li><strong>Scraping HTML</strong> to parse page structure and extract tables, lists, or headlines, even when the layout shifts unexpectedly.</li> <li><strong>Calling JSON APIs</strong> to retrieve structured data (like stock prices or weather forecasts) and process the responses.</li> <li><strong>Normalizing content</strong> by cleaning and reformatting text (stripping ads, collapsing whitespace) or converting image‑based charts into usable data.</li> </ul><p>Example: A daily briefing agent fetches the front pages of three tech blogs, scrapes the top five headlines and summaries from each, and consolidates them into a single daily email.</p><h4>3. Task Execution</h4><p>Beyond reading, AI agents can take meaningful action on your behalf:</p><ul> <li><strong>Posting content</strong> to social platforms, internal wikis, or CMS dashboards.</li> <li><strong>Sending messages</strong> via email (SMTP), Slack/GitHub bots, or other communication channels.</li> <li><strong>Triggering workflows</strong> in external systems (like launching a CI/CD pipeline, creating a Jira ticket, or starting a data‑backup job).</li> </ul><p>Example: After analyzing incoming customer feedback, an agent automatically drafts and sends personalized “thank you” emails to anyone who gave a 5‑star rating.</p><h4>4. Workflow Chaining</h4><p>The real magic happens when you link individual steps into a seamless pipeline:</p><ul> <li><strong>Detecting triggers</strong> by monitoring for new spreadsheet rows, incoming emails, or scheduled times.</li> <li><strong>Gathering data</strong> through authentication, web navigation, scraping, or APIs calls.</li> <li><strong>Processing information</strong> by summarizing text, performing calculations, and applying business logic.</li> <li><strong>Acting on results</strong> by posting reports, updating dashboards, or sending notifications to stakeholders.</li> <li><strong>Looping or branching</strong> based on outcomes: retry on failures, escalate errors, or split into parallel sub‑tasks.</li> </ul><p>Example: A “sales ops” agent watches your CRM for new leads, scrapes LinkedIn profiles for additional context, scores each lead via a simple formula, then creates a follow‑up task in your project management tool.</p><p>By mastering these four core capabilities, AI web agents can automate virtually any routine web‑based workflow, freeing you to focus on strategy, creativity, and problem‑solving. In the next section, we’ll explore the tools and architectures that make this possible.</p><h3>AI Web Agents Implementations</h3><p>AI web agents have 2 popular implementations you might encounter in the wild:</p><ul> <li><strong>Browser Automation Frameworks: </strong>These frameworks can navigate websites, click buttons, fill forms, and scrape content autonomously, like we just mentioned in the core capabilities. These frameworks provide the low-level browser hooks agents need to interact with virtually any page element.</li> <li><strong>Desktop &amp; Integrated AI Systems:</strong> These frameworks use features that merge web and local automation. Agents built on these platforms can manipulate both web content and native applications, allowing them to glance at your screen, open files, move windows, and perform hybrid tasks that span the browser and desktop environment.</li> </ul><h4>AI Web Agents Frameworks</h4><p>Instead of building every component from scratch, modern frameworks and services can handle the heavy lifting and accelerate agent development. Below are notable frameworks and services categorized by the two aforementioned implementation types:</p><h5>Browser Automation Frameworks</h5><ul> <li><strong>Browser‑Use </strong>is an open‑source toolkit that combines a headless browser (Playwright) with an LLM interface into a single, unified API. It offers built‑in actions for navigating pages, filling forms, clicking buttons, and scraping content, plus utilities for managing session state and capturing screenshots.</li> <li><strong>Skyvern</strong> is an open-source AI agent platform designed to automate browser-based workflows using LLMs and computer vision. It replaces brittle scripts or manual processes with an AI that can handle web tasks on many different sites. Skyvern provides a simple API endpoint where you can describe a task, and it will execute it through a browser.</li> </ul><p>To illustrate these capabilities in action, here’s a demo where Browser-Use automates a Skyscanner search to find the cheapest flights from Belfast to London.</p><div style="width: 1568px;" class="wp-video"><video class="wp-video-shortcode" id="video-20072-5" width="1568" height="972" preload="metadata" controls="controls"><source type="video/mp4" src="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Automating-Skyscanner-Searches-via-Browser-Use-demo.mp4?_=5"></source><a href="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Automating-Skyscanner-Searches-via-Browser-Use-demo.mp4">https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Automating-Skyscanner-Searches-via-Browser-Use-demo.mp4</a></video></div><p>Demo 1: Automating Skyscanner Searches via Browser-Use</p><p>In the demo video Browser-Use performs the following steps:</p><ol> <li><strong>Navigate</strong> to <a href="https://www.skyscanner.net/" rel="noopener">https://www.skyscanner.net</a></li> <li><strong>Fill</strong> the “From” field with Belfast and the “To” field with London</li> <li><strong>Select</strong> departure and return dates</li> <li><strong>Click</strong> the search button and wait for the results page to load</li> <li><strong>Scrape</strong> each flight’s price, airline name and departure time</li> <li><strong>Compare</strong> all prices and identify the cheapest flight option</li> <li><strong>Return</strong> a summary containing airline, price, departure time and a direct booking link</li> </ol><p>This simple end-to-end example shows how Browser-Use can handle complex page interactions, dynamic content loading and data extraction—all with a few high-level commands that mirror what a human user would do in a browser.</p><h5>Desktop &amp; Integrated AI Systems</h5><ul> <li><strong>OpenAI’s Operator</strong> is a service that integrates LLM intelligence with both web browser and desktop automation. It can navigate websites, edit and send documents through native applications, run local scripts and interact with operating system functions using natural language prompts.</li> <li><strong>Claude’s Computer Use</strong> is an extension of Anthropic’s Claude designed for hybrid web and desktop workflows. It can click through native application menus, adjust system settings, open files and browse the web with full desktop context while leveraging safety filters to catch risky commands.</li> </ul><p>Both Browser-Use and Skyvern highlight that AI web agents are no longer futuristic ideas and they’re accessible today. Browser-Use lowers the barrier for connecting an AI’s thought processes to real-world browser actions, offering cloud services and an open-source library, while Skyvern tackles the challenge of variability by giving agents eyes through computer vision. On the desktop side, OpenAI’s Operator and Claude’s Computer Use demonstrate that hybrid web and local automation is likewise within reach, enabling agents to navigate your system as easily as they browse the web. Taken together, these implementations and frameworks put powerful automation tools at your fingertips – and they underscore the importance of building robust security measures to prevent malicious uses of agentic capabilities.</p><h2>Conclusion</h2><p>To wrap up, <b>AI web agents greatly expand</b> the reach of agentic AI systems, by unlocking the door to the internet’s information and services. They transform the web into an extended memory and action space for AI. When combined with other specialized agents (for coding, math, interacting with local systems, etc.), they form a powerful ensemble that can autonomously tackle complex, open-ended tasks.</p><p>For general tech readers, the takeaway is simple: <strong>AI agents are no longer confined to answering questions, they can now take meaningful actions. <span style="font-weight: normal !msorm;">N</span>owhere is this more evident than on the web</strong>. As this technology matures, we can expect AI assistants to do more and more: comparing products across sites and automatically ordering the best one, or performing an online task that we logged as a reminder to do later. It’s an exciting moment where the line between a human browsing the web and an AI doing it for us is starting to blur. The agentic AI landscape, with web agents as a key component, promises more automation, efficiency, and connectivity in our digital lives, ushering in a future where “going online to get something done” might just mean telling your AI agent and letting it handle the rest.</p><p>However, these powerful capabilities also open new attack vectors and security concerns, such as prompt injection, unauthorized automation and data leakage, which we will explore in depth in our follow-up blog.</p><p><strong><a href="https://www.imperva.com/blog/the-rise-of-agentic-ai-uncovering-security-risks-in-ai-web-agents/">Click here to continue reading about agentic AI risks in our next post!</a></strong></p><p>The post <a href="https://www.imperva.com/blog/the-rise-of-agentic-ai-from-chatbots-to-web-agents/">The Rise of Agentic AI: From Chatbots to Web Agents</a> appeared first on <a href="https://www.imperva.com/blog">Blog</a>.</p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.imperva.com/blog/">Blog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Sarit Yerushalmi">Sarit Yerushalmi</a>. Read the original post at: <a href="https://www.imperva.com/blog/the-rise-of-agentic-ai-from-chatbots-to-web-agents/">https://www.imperva.com/blog/the-rise-of-agentic-ai-from-chatbots-to-web-agents/</a> </p>

Best Software Composition Analysis (SCA) Tools: Top 6 Solutions in 2025

  • None
  • Published date: 2025-06-30 00:00:00

None

<h2 class="wp-block-heading"><strong>What you need to know about SCA tools</strong></h2><p><strong>Quick Answer</strong>: The top SCA tools in 2025 are Mend.io (best for automated remediation and proactive SCA), Sonatype Lifecycle (known for enterprise policy management), Snyk (known for developer experience), and Checkmarx SCA (known for comprehensive coverage). According to industry reports, organizations using SCA tools can reduce vulnerability<a href="http://www.mend.io/"> remediation time by up to 80%</a>.</p><p><strong>Key Statistics</strong>:</p><ul class="wp-block-list"> <li><a href="https://www.mend.io/wp-content/uploads/2022/02/Mend_SBOM.pdf?">96% of applications</a> contain open-source components</li> <li><a href="https://www.mend.io/newsroom/whitesource-announces-proactive-alerts-on-security-vulnerabilities/">85% of software projects</a> contain at least one outdated open source component </li> <li>Codebases contain at least one known vulnerability</li> <li>Supply chain attacks have become a significant threat to organizations</li> <li>According to Gartner, <a href="https://www.gartner.com/en/documents/4893131" rel="noopener">61% of businesses were</a> affected by supply chain attacks in the last year</li> </ul><p>This is a reality check that your applications are built on a foundation you likely don’t fully understand. Today’s applications rely heavily on open-source code, and increasingly AI developed code, and each of those components could potentially introduce security vulnerabilities, license violations, or operational risks into your environment.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><p>Software Composition Analysis (SCA) tools exist to solve this problem. They give you visibility into what’s actually running in your applications and help you manage the risks that come with all that borrowed code.</p><h2 class="wp-block-heading"><strong>What Are Software Composition Analysis (SCA) Tools?</strong></h2><p>Software Composition Analysis (SCA) is one type of application security testing (AST) tool that deals with managing the risk of open source component use. SCA tools perform automated scans of an application’s code base, including related artifacts such as container images and registries, to identify all open source components, their license compliance data, and any known security vulnerabilities.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="32416ddf075a78d0c326c939-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="32416ddf075a78d0c326c939-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p>Think of SCA tools as your risk management tool for open source dependencies. They automatically scan your codebase to create a comprehensive list of every open source dependency you’re using – both the ones you know about and the ones you don’t. Then they provide all the risk information you need to know on each dependency and apply your policies on it to ensure you are not using dependencies that may increase your application’s risk.</p><h2 class="wp-block-heading"><strong>Core Features of SCA Tools That Matter</strong></h2><h3 class="wp-block-heading"><strong>Components Detection and Inventory</strong></h3><p>The foundation of any good SCA tool is its ability to create accurate inventories. Software Composition Analysis tools typically start with a scan to generate an inventory report of all the open source components in your products, including all direct and transitive dependencies.</p><p>This matters because transitive dependencies – dependencies of your dependencies – often fly under the radar during manual reviews. Your application might use Library A, which depends on Library B, which depends on vulnerable Library C. An SCA tool maps these entire dependency chains automatically.</p><h3 class="wp-block-heading"><strong>Vulnerability Detection and Prioritization</strong></h3><p>Here’s where SCA tools really earn their keep. Good software composition analysis solutions will not only tell you what open source libraries have known vulnerabilities, but they will also tell you whether your code calls the affected library and suggest a fix when applicable.</p><p><strong>Reachability analysis</strong> has become crucial. Mend SCA evaluates vulnerabilities for objective and contextual factors, including reachability, exploit maturity, and EPSS/CVSS scores. For example, Mend SCA utilizes CVSS 4.0 severity ratings to gauge the potential impact of vulnerabilities and incorporates EPSS exploitability data to assess the likelihood each vulnerability will be exploited. This means you focus on vulnerabilities that actually affect your running code, not just theoretical risks.</p><p>However, some vendors are also able to analyze the code and pinpoint vulnerabilities that are truly in use by the application. Through reachability analysis, showing whether your code interacts with specific vulnerable functions in both direct and transitive dependencies, it can reduce the noise by 50%.</p><h3 class="wp-block-heading"><strong>License Compliance Management</strong></h3><p>Open source licenses can be legal landmines. When Mend SCA detects license types that violate company policy, it issues real-time alerts with automatic remediation capabilities and can even block license violations before they become part of your code base.</p><p>Different open source licenses have different requirements. Some require you to make your code open source if you distribute it. Others have specific attribution requirements. SCA tools help you understand these obligations before they become legal problems.</p><h3 class="wp-block-heading"><strong>Automated Dependency Updates</strong></h3><p>This is where tools like Mend Renovate shine. Mend Renovate helps developers automate dependency updates by detecting newer package versions and providing updates directly to the application code. The tool creates pull requests (PRs) and issues directly in the repository where updates are scanned. PRs include detailed information about updates, including age, adoption, passing rates, and complete change logs.</p><p>Furthermore, Mend Renovate leverages its vast user base of millions of open-source version users to provide commercial users with invaluable insights into the potential impact of each dependency update on their applications through crowd-sourcing. This innovative approach yields ‘Merge Confidence’ ratings, which significantly mitigate the risk of updates causing unexpected issues. By offering a clear likelihood of an update successfully integrating without breaking the application, and by intelligently grouping related updates, Mend Renovate streamlines the update process, preventing unnecessary rework and ensuring smoother, more reliable software development cycles.</p><h3 class="wp-block-heading"><strong>SBOM Generation and Management</strong></h3><p>Software Bill of Materials (SBOM) generation has become increasingly important. Any SCA tool must do this well. Mend SCA generates a precise inventory of a software’s open source components, detailing all libraries and dependencies. Easily export your SBOM in standardized formats (SPDX, CycloneDX) and import third-party SBOMs while leveraging VEX data to meet government and customer requirements. Snyk, Sonatype, and Checkmarx have similar tools. </p><h3 class="wp-block-heading"><strong>Reporting and Analytics</strong></h3><p>SCA tools should also provide comprehensive dashboards and reports that help different stakeholders understand risk. Fast feedback loops enable developers to respond rapidly to any vulnerability or license issues. </p><h2 class="wp-block-heading"><strong>SCA Tools Comparison: Which Is Right for Your Organization?</strong></h2><figure class="wp-block-table"> <table class="has-fixed-layout"> <tbody> <tr> <td><strong>Tool</strong></td> <td><strong>Known For</strong></td> <td><strong>Pricing Model</strong></td> <td><strong>Key Strengths</strong></td> <td><strong>Ideal Organization Size</strong></td> </tr> <tr> <td><strong>Mend.io</strong></td> <td>Automated remediation &amp; dependency updates</td> <td>All-in-one subscription</td> <td>AI security, 80% faster remediation, </td> <td>Mid to Enterprise</td> </tr> <tr> <td><strong>Sonatype Lifecycle</strong></td> <td>Enterprise policy management</td> <td>Per-application licensing</td> <td>AI-powered analysis, comprehensive SBOM</td> <td>Mid to Enterprise</td> </tr> <tr> <td><strong>Snyk</strong></td> <td>Developer-first workflows</td> <td>Per-developer seat</td> <td>IDE integration, real-time scanning</td> <td>Startups to Enterprise</td> </tr> <tr> <td><strong>Checkmarx SCA</strong></td> <td>Comprehensive coverage</td> <td>Platform licensing</td> <td>73% more true positives, broad language support</td> <td>Enterprise</td> </tr> <tr> <td><strong>Black Duck</strong></td> <td>Governance &amp; compliance</td> <td>Enterprise licensing</td> <td>Deep policy controls, C/C++ support</td> <td>Large Enterprise</td> </tr> </tbody> </table> </figure><h2 class="wp-block-heading"><strong>Notable Software Composition Analysis Tools</strong></h2><ol class="wp-block-list"> <li><strong>Mend.io: Best for Automated Remediation and Proactive SCA</strong></li> </ol><figure class="wp-block-image size-large is-resized"><img decoding="async" width="210" height="210" src="https://www.mend.io/wp-content/uploads/2024/11/Mend-io-favicon-outline-200px.svg" alt="Best Software Composition Analysis (SCA) Tools: Top 6 Solutions in 2025 - Mend io favicon outline" class="wp-image-13096" style="width:135px;height:auto"></figure><p><strong>Pricing</strong>: Unified platform pricing starting at enterprise levels <strong>Implementation Time</strong>: 2-4 weeks for initial setup <strong>Best For</strong>: Teams who are looking for an AI native application security platform to secure AI powered apps, AI generated code and full visibility over their entire codebase. </p><p>Mend.io stands out for its comprehensive AI security solution and  its approach to application security with a unique pricing model that offers one price for all 5 products, including SCA, dependency updates, SAST, container security, and AI security. This reflects the vision that customers need a holistic view of the application stack.</p><p><strong>Key Differentiators</strong>:</p><ul class="wp-block-list"> <li><strong>AI security solution: </strong>Mend AI detects all AI components in your code, provides risk information, applies policies, improves system prompts and also offers AI red teaming.</li> <li><strong>Automated Dependency Updates</strong>: Mend Renovate creates pull requests automatically</li> <li><strong>Fast Remediation</strong>: One of our most indicative KPIs is the amount of time for us to remediate vulnerabilities and also the amount of time developers spend fixing vulnerabilities in our code base, which has reduced significantly. We’re talking about at least 80% reduction in time.</li> <li><strong>Comprehensive Coverage</strong>: SCA, SAST, container security, and AI security in one platform</li> </ul><p><strong>ROI</strong>: Organizations typically see 70-80% reduction in security risks and save $21M+ annually through process automation.</p><ol start="2" class="wp-block-list"> <li><strong>Sonatype Lifecycle: Known for Enterprise Policy Management</strong></li> </ol><figure class="wp-block-image size-full is-resized"><img fetchpriority="high" decoding="async" width="801" height="693" src="https://www.mend.io/wp-content/uploads/2025/06/Sonatype_stacked_logo_full_color.jpg" alt="Sonatype logo" class="wp-image-16627" style="width:138px;height:auto" srcset="https://www.mend.io/wp-content/uploads/2025/06/Sonatype_stacked_logo_full_color.jpg 801w, https://www.mend.io/wp-content/uploads/2025/06/Sonatype_stacked_logo_full_color-300x260.jpg 300w, https://www.mend.io/wp-content/uploads/2025/06/Sonatype_stacked_logo_full_color-768x664.jpg 768w" sizes="(max-width: 801px) 100vw, 801px"></figure><p><strong>Pricing</strong>: Per-application licensing model <strong>Implementation Time</strong>: 4-8 weeks for enterprise rollout <strong>Best For</strong>: Large enterprises with complex policy management and governance</p><p>Sonatype Lifecycle’s Software Composition Analysis (SCA) capabilities combine automated dependency management and SBOM management, helping teams manage their open source software security risks effectively.</p><p><strong>Key Differentiators</strong>:</p><ul class="wp-block-list"> <li><strong>AI-Powered Analysis</strong>: Detection of AI components in Sonatype Nexus, providing risk information and applying policies automatically</li> <li><strong>Policy Automation</strong>: Sonatype Lifecycle sets policies that govern what types of libraries [and] licenses can be used. Those policies are then managed throughout the development lifecycle, automatically.</li> <li><strong>Build Integration</strong>: Extended of the Sonatype Nexus platform, making it an optimal choice for Nexus users who do not need an advanced AppSec solution.</li> <li><strong>Enterprise Scale</strong>: Handles thousands of applications with centralized governance</li> </ul><p><strong>Use Cases</strong>: Financial services, healthcare, government contractors requiring strict compliance.</p><ol start="3" class="wp-block-list"> <li><strong>Snyk: Known for Developer Experience</strong></li> </ol><figure class="wp-block-image size-medium is-resized"><img decoding="async" width="184" height="300" src="https://www.mend.io/wp-content/uploads/2025/06/snyk-logo-184x300.png" alt="Best Software Composition Analysis (SCA) Tools: Top 6 Solutions in 2025 - snyk logo" class="wp-image-16628" style="width:100px" srcset="https://www.mend.io/wp-content/uploads/2025/06/snyk-logo-184x300.png 184w, https://www.mend.io/wp-content/uploads/2025/06/snyk-logo-627x1024.png 627w, https://www.mend.io/wp-content/uploads/2025/06/snyk-logo-768x1255.png 768w, https://www.mend.io/wp-content/uploads/2025/06/snyk-logo-940x1536.png 940w, https://www.mend.io/wp-content/uploads/2025/06/snyk-logo.png 979w" sizes="(max-width: 184px) 100vw, 184px"></figure><p><strong>Pricing</strong>: Per-developer seat model, free tier available <strong>Implementation Time</strong>: 1-2 weeks for basic setup <strong>Best For</strong>: Development teams wanting security integrated into daily workflows</p><p>Snyk Open Source integrates right into IDEs and SCMs and creates workflows, automated scans, and actionable security intelligence to help them remediate vulnerabilities.</p><p><strong>Key Differentiators</strong>:</p><ul class="wp-block-list"> <li><strong>Developer-First Design</strong>: IDE plugins and real-time feedback</li> <li><strong>Comprehensive Platform</strong>: SCA, SAST, container, and IaC security</li> <li><strong>Risk Prioritization</strong>: Snyk’s prioritization is based on the severity of a vulnerability but also by creating a Risk Score, by dynamically evaluating vulns for over a dozen objective and contextual factors</li> <li><strong>Easy Adoption</strong>: Snyk’s real-time SAST and SCA vulnerability scanning and automated fix suggestions in the IDE and PR workflows ensure security from the start</li> </ul><p><strong>Best For</strong>: Agile teams, DevOps environments, organizations with distributed development teams.</p><ol start="4" class="wp-block-list"> <li><strong>Checkmarx SCA: Known for Comprehensive Coverage</strong></li> </ol><figure class="wp-block-image size-large is-resized"><img loading="lazy" decoding="async" width="1024" height="133" src="https://www.mend.io/wp-content/uploads/2025/06/checkmarx-logo-1024x133.png" alt="Best Software Composition Analysis (SCA) Tools: Top 6 Solutions in 2025 - checkmarx logo" class="wp-image-16629" style="width:216px;height:auto" srcset="https://www.mend.io/wp-content/uploads/2025/06/checkmarx-logo-1024x133.png 1024w, https://www.mend.io/wp-content/uploads/2025/06/checkmarx-logo-300x39.png 300w, https://www.mend.io/wp-content/uploads/2025/06/checkmarx-logo-768x100.png 768w, https://www.mend.io/wp-content/uploads/2025/06/checkmarx-logo-1536x200.png 1536w, https://www.mend.io/wp-content/uploads/2025/06/checkmarx-logo.png 1600w" sizes="auto, (max-width: 1024px) 100vw, 1024px"></figure><p><strong>Pricing</strong>: Platform licensing with enterprise focus <strong>Implementation Time</strong>: 6-12 weeks for full platform deployment <strong>Best For</strong>: Organizations needing comprehensive security coverage</p><p>Checkmarx has positioned itself as a comprehensive application security platform. Checkmax SAST identifies 73% more true positives and Checkmarx SCA identifies 11% more than Snyk. according to third-party testing.</p><p><strong>Key Differentiators</strong>:</p><ul class="wp-block-list"> <li><strong>Accuracy</strong>: Higher true positive rates with fewer false positives</li> <li><strong>Language Support</strong>: Checkmarx solutions have the breadth and depth for enterprise coverage across the entire SDLC, integrates seamlessly into developers’ workflows, and supports over 75 languages and 100 frameworks.</li> <li><strong>Malicious Package Detection</strong>: Checkmarx claims to have the largest repository of malicious packages </li> <li><strong>Enterprise Support</strong>: 24/7 technical support with dedicated customer success</li> </ul><p><strong>ROI</strong>: Organizations report 75% reduction in security workload and faster time-to-remediation.</p><ol start="5" class="wp-block-list"> <li><strong>Black Duck: Known for Governance and Compliance</strong></li> </ol><figure class="wp-block-image size-large is-resized"><img loading="lazy" decoding="async" width="1024" height="160" src="https://www.mend.io/wp-content/uploads/2025/06/BlackDuckLogo-1024x160.png" alt="Best Software Composition Analysis (SCA) Tools: Top 6 Solutions in 2025 - BlackDuckLogo" class="wp-image-16630" style="width:237px;height:auto" srcset="https://www.mend.io/wp-content/uploads/2025/06/BlackDuckLogo-1024x160.png 1024w, https://www.mend.io/wp-content/uploads/2025/06/BlackDuckLogo-300x47.png 300w, https://www.mend.io/wp-content/uploads/2025/06/BlackDuckLogo-768x120.png 768w, https://www.mend.io/wp-content/uploads/2025/06/BlackDuckLogo-1536x240.png 1536w, https://www.mend.io/wp-content/uploads/2025/06/BlackDuckLogo-2048x320.png 2048w" sizes="auto, (max-width: 1024px) 100vw, 1024px"></figure><p><strong>Pricing</strong>: Enterprise licensing model </p><p><strong>Implementation Time</strong>: 8-16 weeks for full enterprise deployment </p><p><strong>Best For</strong>: Large enterprises with complex governance requirements</p><p>Black Duck Software, formerly part of the Synopsys Software Integrity Group, offers a comprehensive portfolio of application security testing solutions. The company recently became independent again in 2024.</p><p><strong>Key Differentiators</strong>:</p><ul class="wp-block-list"> <li><strong>Mature Governance</strong>: Comprehensive policy management and enforcement</li> <li><strong>Deep Analysis</strong>: Black Duck software composition analysis (SCA) helps teams manage the security, quality, and license compliance risks that come from the use of open source and third-party code in applications and containers</li> <li><strong>Enterprise Focus</strong>: Built for large-scale, complex environments</li> <li><strong>Compliance Ready</strong>: Strong audit trails and reporting for regulatory requirements</li> </ul><h3 class="wp-block-heading"><strong>Quick Comparison: Snyk vs Checkmarx vs Sonatype vs Mend.io</strong></h3><p><strong>For Startups/Small Teams</strong>: Snyk offers the easiest entry point with free tiers and simple setup. </p><p><strong>For Mid-Market and Enterprises</strong>: Mend.io provides the best balance of automation, comprehensive coverage and proactive SCA. </p><p><strong>For Enterprise</strong>: Sonatype Lifecycle offers sophisticated policy management and Checkmarx provides the highest accuracy and broadest language support. </p><p><strong>For Compliance-Heavy Industries</strong>: Black Duck has mature governance features.</p><h3 class="wp-block-heading"><strong>Other Notable Players</strong></h3><ul class="wp-block-list"> <li><strong>Veracode</strong>: Strong in enterprise environments with comprehensive security programs</li> <li><strong>JFrog X-Ray</strong>: Integrated with JFrog’s DevOps platform for artifact management</li> <li><strong>OWASP Dependency-Track</strong>: Open-source option for organizations wanting full control</li> <li><strong>FOSSA</strong>: Focused on license compliance and policy management</li> </ul><h2 class="wp-block-heading"><strong>Best Practices for Implementing SCA Tools</strong></h2><h3 class="wp-block-heading"><strong>Adopt a Remediation-First Approach</strong></h3><p>SCA solutions now bridge the gap between detection and remediation. Prioritization. A mature software composition analysis tool should include technologies that prioritize open source vulnerabilities.</p><p>The key is moving beyond just finding problems to actually fixing them. This means:</p><ul class="wp-block-list"> <li><strong>Prioritizing based on reachability</strong>: Focus on vulnerabilities in code paths your application actually uses</li> <li><strong>Automating dependency updates</strong>: Tools like Mend Renovate and GitHub Dependabot can handle routine updates automatically</li> <li><strong>Integrating into developer workflows</strong>: Security findings should appear where developers already work</li> <li><strong>Providing actionable remediation</strong>: Don’t just say “vulnerable library found” – suggest specific versions to upgrade to</li> </ul><h3 class="wp-block-heading"><strong>Build Visibility into Software Supply Chain Risk</strong></h3><p>SCA helps enterprises manage and control the security and compliance risks that come with using open source libraries.</p><p>This involves:</p><ul class="wp-block-list"> <li><strong>Comprehensive SBOM generation</strong>: Generate early, and update regularly. It is essential that SBOMs are generated as early in the SDLC as possible so that every added dependency can be recorded from early on.</li> <li><strong>License compliance monitoring</strong>: Track license obligations and ensure they align with your business model</li> <li><strong>Dependency health management</strong>: Monitor for outdated or abandoned dependencies</li> <li><strong>Continuous monitoring</strong>: Continuous vulnerability scanning should trigger a scan on all projects where either container scanning, dependency scanning, or both, are enabled independent of a pipeline.</li> </ul><h3 class="wp-block-heading"><strong>Detect and Prevent Emerging Threats</strong></h3><p>Further, SCA tools need to go beyond traditional vulnerability databases.</p><p>This includes:</p><ul class="wp-block-list"> <li><strong>Malicious package detection</strong>: Identify packages that contain intentionally malicious code</li> <li><strong>Container security scanning</strong>: Extend SCA analysis to container images and base layers</li> <li><strong>Infrastructure as Code (IaC) security</strong>: Scan infrastructure configurations for security misconfigurations</li> <li><strong>AI model security</strong>: As AI becomes more prevalent, scan for vulnerabilities in AI models and training data</li> </ul><h2 class="wp-block-heading"><strong>Implementing SCA Tools: A Practical Roadmap</strong></h2><h3 class="wp-block-heading"><strong>Step 1: Build Your Team and Define Goals</strong></h3><p>SCA should be an organizational initiative, not a one-person solution. If you want your implementation to be successful, the first thing you should do is assemble a cross-functional team of internal stakeholders.</p><p>Your team should include:</p><ul class="wp-block-list"> <li><strong>Developers</strong>: They’ll use the tools day-to-day</li> <li><strong>Security team</strong>: They’ll define policies and handle escalations</li> <li><strong>Legal team</strong>: They’ll help with license compliance requirements</li> <li><strong>DevOps team</strong>: They’ll integrate tools into CI/CD pipelines</li> </ul><h3 class="wp-block-heading"><strong>Step 2: Start Small and Scale Up</strong></h3><p>When you’re finally ready to scan, starting with your entire code base is going to be overwhelming.</p><p>Begin with:</p><ul class="wp-block-list"> <li>One or two critical applications</li> <li>Clear policies for handling findings</li> <li>Automated remediation for low-risk updates</li> <li>Gradual expansion to additional projects</li> </ul><h3 class="wp-block-heading"><strong>Step 3: Integrate into Development Workflows</strong></h3><p>The most successful SCA implementations integrate seamlessly into existing development processes. This means:</p><ul class="wp-block-list"> <li><strong>IDE plugins</strong>: Developers get feedback as they code</li> <li><strong>Pull request automation</strong>: Security checks happen before code merges</li> <li><strong>CI/CD integration</strong>: Builds fail if they introduce high-risk vulnerabilities</li> <li><strong>Dashboard integration</strong>: Security teams get visibility across all projects</li> </ul><h2 class="wp-block-heading"><strong>The Future of Software Composition Analysis</strong></h2><p>SCA tools continue evolving rapidly. Key trends include:</p><ul class="wp-block-list"> <li><strong>AI-powered analysis</strong>: More intelligent vulnerability prioritization and false positive reduction</li> <li><strong>Supply chain attack detection</strong>: Better identification of compromised packages and suspicious maintainer activity</li> <li><strong>Compliance automation</strong>: Automated generation of compliance reports and attestations</li> <li><strong>Real-time monitoring</strong>: Continuous analysis of production environments, not just build-time scanning</li> </ul><h2 class="wp-block-heading"><strong>Making the Business Case for SCA Tools</strong></h2><p>When evaluating SCA tools, consider these business benefits:</p><p><strong>Risk Reduction</strong>: According to a Gartner report, <a href="https://www.gartner.com/en/documents/4893131" rel="noopener">61% of businesses have been affected</a> by a supply chain threat in the last year. SCA tools help prevent your organization from becoming part of that statistic.</p><p><strong>Compliance Requirements</strong>: Government regulations increasingly require SBOMs and supply chain transparency. Having robust SCA processes positions you ahead of these requirements.</p><p><strong>Developer Productivity</strong>:  The right SCA tool helps developers move faster while maintaining security.</p><p><strong>Cost Savings</strong>: Automated dependency management and vulnerability remediation save significant time and resources.</p><h2 class="wp-block-heading"><strong>Building a Secure Software Supply Chain</strong></h2><p>SCA tools have evolved from simple vulnerability scanners to comprehensive supply chain security platforms. The best implementations combine automated discovery, intelligent prioritization, and seamless remediation workflows. They’re vital as a security and governance tool, as there isn’t there are nearly zero applications being developed without open source components.</p><p>The question isn’t whether you need SCA tools – it’s which ones will best fit your organization’s specific needs and how quickly you can implement them effectively. Start with clear goals, build the right team, and choose tools that integrate well with your existing development workflows.</p><p>Your software supply chain is only as strong as its weakest link. SCA tools help you identify those weak links and strengthen them before they become security incidents.</p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.mend.io">Mend</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Mend.io Team">Mend.io Team</a>. Read the original post at: <a href="https://www.mend.io/blog/best-software-composition-analysis-sca-tools-top-6-solutions-in-2025/">https://www.mend.io/blog/best-software-composition-analysis-sca-tools-top-6-solutions-in-2025/</a> </p>

Improving NHIs Management in Your Organization

  • None
  • Published date: 2025-06-30 00:00:00

None

<h2>Is Your Organization Harnessing the Full Power of Non-Human Identities?</h2><p>The increasing reliance on automation and cloud computing in industries such as healthcare, financial services, and travel, has led to a surge in Non-Human Identities (NHIs). Deployed effectively, these machine identities can significantly streamline operations. However, their management presents a new layer of complexity in cybersecurity strategy. So how can organizations realize the benefits of NHIs without falling prey to the security risks?</p><h3>The Importance of NHIs Management</h3><p>Often, the disconnect between security and R&amp;D teams can leave vulnerabilities unaddressed. These gaps can become doors for potential threats, making it crucial to manage NHIs effectively.</p><p>NHIs are unique identifiers created by coupling a “secret” (a distinctive key mimicking a passport) with the permissions assigned by a destination server (akin to a visa). Just like tourists, these identities need secured credentials (the “passport”) to traverse the digital landscape and require monitoring to ensure system compliance.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><h2>Unlocking the Full Potential of NHIs Management</h2><p>NHIs management presents a comprehensive approach to safeguard machine identities and secrets. This method ensures security is maintained at all stages of the lifecycle, from identification and classification to threat detection and resolution. Unlike point solutions like secret scanners, which provide limited protection, NHIs management platforms offer valuable insights into ownership, permissions, utilization patterns, and potential vulnerabilities. This data-driven approach allows for security based on context.</p><p>The benefits of an effective NHIs management strategy include:</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="f452c2393d7649d34664dbb6-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="f452c2393d7649d34664dbb6-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p>– <b>Reduced Risk</b>: Proactively identifying and mitigating security risks to decrease the chances of breaches and data leaks.<br> – <b>Improved Compliance</b>: Ensuring policy enforcement and providing audit trails to meet regulatory requirements.<br> – <b>Increased Efficiency</b>: Automation of NHIs and secrets management allows security teams to focus on strategic initiatives.<br> – <b>Enhanced Visibility and Control</b>: Centralized management of access grants better oversight and governance.<br> – <b>Cost Savings</b>: Operational expenses are diminished by automating secrets rotation and NHIs decommissioning.</p><h3>Improving NHIs: A Catalyst for Better Identity Management</h3><p>Data-driven strategies are integral to better identity management. A study by the Federal Highway Administration demonstrates this. They successfully used data to identify, manage, and solve performance issues, highlighting the importance of such insights.</p><p>Similarly, effective NHIs management entails utilizing data to understand how NHIs operate within your system. For instance, recognizing changes in usage patterns can be critical for timely intervention against potential threats. This approach is not just about improving NHIs but transforming them into a catalyst for better identity management.</p><h3>Towards a Secure Digital Environment</h3><p>NHIs management is a cornerstone in building a secure digital infrastructure – a fact underscored by the <a href="https://www.lsohc.mn.gov/materials/22_Mtg/05_25_2022/(R)DNR_Heritage_Forest_Project_Presentation.pdf" rel="noopener">LSOHC</a> in their project to protect their digital resources. Similarly, this case illustrates the importance of a holistic approach to cybersecurity, encompassing both human and non-human identities.</p><p>By effectively managing NHIs, organizations can secure their digital environment and utilize the full potential of these identities. It allows for swift adjustments to any changes, ensuring that security is not just responsive, but proactive. Through NHIs management, organizations can not only achieve better identity management but also improve their overall security infrastructure.</p><p>For a deeper dive into NHIs and data security in financial services, visit this <a href="https://entro.security/blog/non-human-identities-and-data-security-in-financial-services/">post</a>. Also, to understand more about secrets security and SOC2 compliance, this <a href="https://entro.security/blog/secrets-security-and-soc2-compliance/">article</a> can provide more insights.</p><p>It becomes ever more critical to remain one step ahead of potential threats. Efficient NHIs management is, therefore, not just an option – it is a necessity.</p><h3>Embracing the Necessity of NHIs Management</h3><p>An effective NHIs management strategy forms the bedrock of robust cybersecurity within any organization. When we transition towards where digital transactions are the norm, managing automated identities – the NHIs – has become a crucial aspect of maintaining a secure digital framework.</p><p>NHIs management does not merely represent the securitization of identities alone, but embodies the essence of end-to-end protection across a variety of sectors. Whether it is the healthcare industry, dealing with sensitive patient information, or the financial sector, where monetary transactions occur round the clock, NHIs prove to be invaluable resources. Proper management can help identify vulnerabilities, mitigate potential threats, and ensure the safe and efficient operation of independent digital identities.</p><h3>Navigating the Complex Landscape of NHIs</h3><p>Safeguarding thousands of NHIs within a complex network of encrypted passwords, keys, and access permissions can often be a daunting task. This process involves crucial components like identifying and classifying potential threats, tracking NHIs usage patterns, providing visibility into ownership details, and monitoring access permissions. An effective NHIs management platform can cover all these elements, in addition to offering potential vulnerability insights.</p><p>A recent study highlights how a data-driven approach to identity management can ultimately help stem potential security breaches. This method addresses vulnerabilities proactively and prevents them from evolving into significant threats.</p><h3>The Path to Streamlined Management: Automation and Efficiency</h3><p>The automation offered by NHIs and secrets management enables security teams to focus on strategic initiatives instead of being hindered by routine tasks. Utilizing an automated system minimizes manual errors during the secrets rotation and NHIs decommissioning stages. This, in turn, paves the way for improvement in security compliance and an efficient, holistic approach to cyber risk mitigation.</p><p>Moreover, the adoption of NHIs management strategies cuts down on operational costs, as noted in a recent report. Automation ultimately enhances efficiency, making cyber operations more streamlined and cost-effective.</p><h3>The Importance of Context-Sensitive Security</h3><p>The key to understanding and leveraging NHIs is in their usage patterns. More than just a figure or a set of encrypted codes, these identities follow unique operational patterns that provide a wealth of insight into different aspects, such as peak usage times or possible abnormalities hinting at misuse.</p><p>These insights can be instrumental in ensuring context-aware security, which would not only anticipate and respond to potential threats but also optimize system performance. According to the NASA Operational Data Information Systems (NODIS), employing a management system that understands the variant behaviors of NHIs allows for better governance, control, and enhanced cybersecurity posture.</p><h3>Enabling Business Growth with Secure NHIs Management</h3><p>Securing NHIs is not only about protecting an organization’s assets but also about enabling business growth. A breach or a data leak can result in financial loss, damaged reputation, and business disruption. But with a comprehensive NHIs management strategy, organizations can ensure that while they tap into the incredible potential of automation and cloud technologies, they also steer clear of potential security pitfalls.</p><p>If you are interested in exploring further the complexities of secrets security in the development stage, you can check out this <a href="https://entro.security/blog/best-practices-maintaining-secrets-security-in-development-stage/">article</a>. For insights on common secrets security misconfigurations, follow this <a href="https://entro.security/blog/common-secrets-security-misconfigurations-that-create-vulnerabilities/">link</a>.</p><p>To sum up, the effective management of NHIs should form an integral part of any modern organization’s cybersecurity strategy to remain ahead of the curve.</p><p>The post <a href="https://entro.security/improving-nhis-management-in-your-organization/">Improving NHIs Management in Your Organization</a> appeared first on <a href="https://entro.security/">Entro</a>.</p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://entro.security/">Entro</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Alison Mack">Alison Mack</a>. Read the original post at: <a href="https://entro.security/improving-nhis-management-in-your-organization/">https://entro.security/improving-nhis-management-in-your-organization/</a> </p>

LinuxFest Northwest: Building An Auto-Updating, Containerized, Self-Hosted Identity Aware Reverse Proxy

  • None
  • Published date: 2025-06-30 00:00:00

None

<p></p><center data-preserve-html-node="true">Author/Presenter: Chris Beckman (Principal Security Engineer At Taxbit) <p></p><center data-preserve-html-node="true"><iframe allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen="" src="https://www.youtube-nocookie.com/embed/WtgrbA9R2I0?si=ZDulFA_PQNTeWDL9" width="560" frameborder="0" data-preserve-html-node="true" title="YouTube video player" height="315"></iframe> <p>Our sincere appreciation to <strong><a href="https://www.linuxfestnorthwest.org/">LinuxFest Northwest</a></strong> (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb <strong><a href="https://www.youtube.com/playlist?list=PLjDc7gDlIASRAcG0cxWYOnNGwFnykUMNZ">LinuxFest Northwest 2025</a></strong> video content. Originating from the conference’s events located at the <strong><a href="https://www.btc.edu/">Bellingham Technical College in Bellingham, Washington</a></strong>; and via the organizations <strong><a href="https://www.youtube.com/@LinuxFestNorthwest">YouTube</a></strong> channel. </p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div> <p>Thanks and a Tip O’ The Hat to <strong><a href="https://www.verificationlabs.com/trey.html">Verification Labs</a></strong> :: Penetration Testing Specialists :: Trey Blalock GCTI, GWAPT, GCFA, GPEN, GPCS, GCPN, CRISC, CISA, CISM, CISSP, SSCP, CDPSE for recommending and appearing as speaker at the <strong><a href="https://www.linuxfestnorthwest.org/">LinuxFest Northwest</a></strong> conference.</p> <p></p></center></center><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="48e7ddc94f085503e3b72b8e-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="48e7ddc94f085503e3b72b8e-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p><a href="https://www.infosecurity.us/blog/2025/6/30/linuxfest-northwest-building-an-auto-updating-containerized-self-hosted-identity-aware-reverse-proxy">Permalink</a></p><p> </p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.infosecurity.us/">Infosecurity.US</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Marc Handelman">Marc Handelman</a>. Read the original post at: <a href="https://www.youtube-nocookie.com/embed/WtgrbA9R2I0?si=ZDulFA_PQNTeWDL9">https://www.youtube-nocookie.com/embed/WtgrbA9R2I0?si=ZDulFA_PQNTeWDL9</a> </p>

ICE’s Shiny New ‘AI’ Facial Recognition App: False Positives Ahoy!

  • Richi Jennings
  • Published date: 2025-06-30 00:00:00

None

<h5 style="text-align: center;"><a href="#sbbwis"><img decoding="async" class="alignright size-full" title="Chris Linnett (Unsplash license)" src="https://securityboulevard.com/wp-content/uploads/2025/06/facial-recognition-ice-richixbw-chris-linnett-CkzZjuQB0hM-unsplash-130x90.png" alt="The face of the Statue Of Liberty" width="130" height="90"></a><strong>Liberty’s existential threat, or sensible way to ID illegal  immigrants?</strong></h5><p><strong>U.S. Immigration and Customs Enforcement (ICE) agents are using a new phone app:</strong> <i>Mobile Fortify</i> puts “instant, AI powered” facial recognition in their hands. What could possibly go wrong?<br><!--br--><br><strong>A major risk is inaccurate recognition.</strong> In today’s <a href="https://securityboulevard.com/tag/sb-blogwatch/" target="_blank" rel="noopener">SB  Blogwatch</a>, the French want their statue back.<br><!--br--><br><a title="Richi Jennings" href="https://www.richi.uk/" target="_blank" rel="noopener">Your humble blog­watcher</a> curated these bloggy bits for your enter­tain­ment. Not to mention:  <i>Dua Weeknd</i>.<br><!--br--></p><h2>MDCCLXXVI</h2><p id="sbbw1"><strong>What’s the craic?</strong> Joseph Cox reports: <a title="read the full text" href="https://www.404media.co/ice-is-using-a-new-facial-recognition-app-to-identify-people-leaked-emails-show/" target="_blank" rel="ugc noopener">ICE Is Using a New Facial Recognition App to Identify People</a></p><p style="padding-left: 40px;"><strong>“<tt>Constant fear and critique</tt>”</strong><br>ICE is using a new mobile phone app that can identify someone based on their fingerprints or face by simply pointing a smartphone camera at them, according to internal ICE emails, [which] say Mobile Fortify is using two government systems. The first is Customs and Border Protection’s (CBP) Traveler Verification Service, [where] CBP takes photos of peoples’ faces when they enter the U.S. … The second is the Seizure and Apprehension Work­flow, … bring­ing together information related to searches and seizures.<br>…<br>Now, that system is being used inside the U.S. by ICE to identify people in the field. [It] shows how biometric systems built for one reason can be repurposed for another, a constant fear and critique … of facial recognition.<br>…<br>ICE did not respond to a request for comment. CBP declined to comment.<br><!-----------------------------------------------------------------------------></p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><p id="sbbw2"><strong>Is it <em>necessarily</em> a bad thing?</strong> Anthony Kimery has concerns: <a title="read the full text" href="https://www.biometricupdate.com/202506/new-ice-mobile-app-pushes-biometric-policing-onto-american-streets" target="_blank" rel="ugc noopener">App pushes biometric policing onto American streets</a></p><p style="padding-left: 40px;"><strong>“<tt>Raises fundamental questions about due process</tt>”</strong><br>Mobile Fortify marks a profound shift in ICE’s operational methodology of using traditional fingerprint-based stationary checks to using mobile, on-the-go biometric profiling that echoes the type of border surveillance previously confined to airports and ports of entry. … Facial recognition, though, [is] notably less reliable than fingerprints.<br>…<br>Agents using ICE-issued mobile devices can now photograph a subject’s face or fingerprint, triggering a near-instant biometric match against data sources that include … DHS’s broader Automated Biometric Identification System (IDENT) database, which contains biometric records on over 270 million individuals. [It] suggests a capability that is poised to extend biometric surveillance far beyond designated checkpoints and into neighborhoods, local transport hubs, and any environment in which ICE officers operate.<br>…<br>[It] fits into a broader ICE strategy of integrating AI-driven biometric data mining with field operations [and] raises fundamental questions about due process and constitutional protections. … Oversight, meanwhile, remains minimal. DHS has yet to issue formal rules clarifying who may use Mobile Fortify, which populations it targets, how long biometric data may be stored, what legal authorities justify its use, or what audit controls apply. … ICE is hurtling toward a frontier that its current policy and oversight structures appear unprepared to regulate.<br><!-----------------------------------------------------------------------------></p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="62ebcb669465b84bd25e62ab-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="62ebcb669465b84bd25e62ab-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p id="sbbw3"><strong>Hurtling? Oh, please.</strong> Here’s Jake Laperruque, from the Center for Democracy and Technology, via Autumn Billings: <a title="read the full text" href="https://reason.com/2025/06/27/how-dhs-facial-recognition-tech-spread-to-ice-enforcement/" target="_blank" rel="ugc noopener">More government agencies are using facial recognition</a></p><p style="padding-left: 40px;"><strong>“<tt>Dangerous to use facial recognition in this manner</tt>”</strong><br>Facial recognition isn’t a magic all-purpose tool, and as ICE itself acknowledged, is less reliable than traditional identification methods. It’s bound to produce errors.<br>…<br>With this AI surveillance tool deployed on our streets, American citizens are going to end up improperly targeted, arrested, and detained in ICE detention centers. … It’s dangerous to use facial recognition in this manner.<br><!-----------------------------------------------------------------------------></p><p id="sbbw4"><strong>Dangerous?</strong> <a title="read the full text" href="https://slashdot.org/comments.pl?sid=23719145&amp;cid=65451919" target="_blank" rel="ugc noopener">cowdung</a> argues it’s “not a problem with the tech:”</p><p style="padding-left: 40px;">This is not a problem with facial recognition, but rather a problem with how it is used. Facial recognition gives you some “best matches” and then the user is supposed to look at the photos and decide if this is the same person or not. (Systems used for police say “this doesn’t constitute probable cause”) But users can be lazy and let the machine do the thinking for them. That’s on the user, not the tech.<br><!-----------------------------------------------------------------------------></p><p id="sbbw5"><strong>Fair point, I guess.</strong> But <a title="read the full text" href="https://www.reddit.com/r/technology/comments/1ll5vrv/ice_is_using_a_new_facial_recognition_app_to/mzxod6a/" target="_blank" rel="ugc noopener">u/Charming_Motor_919</a> thinks the problem is broader than that:</p><p style="padding-left: 40px;">The problem with things like facial recognition in law enforcement is that whether it’s accurate or inaccurate, it still poses ethical and philosophical concerns:<br>— If it’s inaccurate, there’s the likelihood of falsely identifying someone for persecution.<br>— If it’s accurate, it’s another cog in the machine that is a surveillance state.<br>Neither is good.<br><!-----------------------------------------------------------------------------></p><p id="sbbw6"><strong>Too much?</strong> <a title="read the full text" href="https://news.ycombinator.com/item?id=44393150" target="_blank" rel="ugc noopener">amy_petrik</a> reminds us why it might be important:</p><p style="padding-left: 40px;">Here’s the thing: If I flew to Japan, overstayed the visa, took a job under the table, just hung out living there, … have a Japan anchor baby, live there without any … immigration paperwork whatsoever, and enjoy the free healthcare, … I would not be surprised that, … I would naturally be deported.<br><!-----------------------------------------------------------------------------></p><p id="sbbw7"><strong>But they’re using the immigration desk photos!</strong> <a title="read the full text" href="https://www.newsweek.com/ice-face-recognition-app-deportations-phone-immigration-2091619#:~:text=duh.%20What%20do%20you%20think%20they%20do%20with%20those%20photos%20every%20time%20you%20go%20through%20customs%2C%20or%20in%20the%20case%20of%20these%20illegals%2C%20get%20caught%20crossing%20illegally." target="_blank" rel="ugc noopener">Spidey Craig</a> eyerolls furiously:</p><p style="padding-left: 40px;">Duh. What do you think they do with those photos every time you go through customs?<br><!-----------------------------------------------------------------------------></p><p id="sbbw8"><strong>Zoom out.</strong> <a title="read the full text" href="https://reason.com/2025/06/27/how-dhs-facial-recognition-tech-spread-to-ice-enforcement/?comments=true#comments:~:text=So%20facial%20recognition%20is%20only%20a%20problem%20when%20used%20by%20ICE%3F%20It%27s%20not%20like%20every%20single%20one%20of%20us%20was%20already%20under%20surveillance%20on%20every%20street%20corner%20and%20highway%20every%20day.%20I%27d%20like%20to%20feel%20your%20pain%20but%20the%20paste%20is%20out%20and%20the%20tube%20is%20empty." target="_blank" rel="ugc noopener">Gaear Grimsrud</a> offers this colorful metaphor:</p><p style="padding-left: 40px;">So facial recognition is only a problem when used by ICE? It’s not like every single one of us was already under surveillance on every street corner and highway every day. … The paste is out and the tube is empty.<br><!-----------------------------------------------------------------------------></p><p id="sbbw12"><strong>Meanwhile,</strong> <a title="read the full text" href="https://slashdot.org/comments.pl?sid=23719145&amp;cid=65453119" target="_blank" rel="ugc noopener">mspohr</a> sounds <i>slightly</i> cynical:</p><p style="padding-left: 40px;">Cops aren’t particularly concerned if they identify the “right” person. As long as they have <em>someone</em> identified as a criminal, they are happy.<br><!-----------------------------------------------------------------------------></p><p><b><a title="And Finally" href="https://www.youtube.com/watch?v=9DIg0ii0ywQ&amp;list=PL9zSC5i495YMjIuJjxToNGU8Ve7Gd5Rvj" target="_blank" rel="noopener">Falling hearts, open forever</a></b><script async defer src="https://scripts.withcabin.com/hello.js" type="62ebcb669465b84bd25e62ab-text/javascript"></script><!-- zero-cookie analytics privacy: https://withcabin.com/privacy/securityboulevard.com --></p><p><a href="https://www.youtube.com/watch?v=6X3B1nDbnzw&amp;list=PL9zSC5i495YMjIuJjxToNGU8Ve7Gd5Rvj" target="_blank" rel="noopener">Previously in <em>And Finally</em></a></p><hr><p><em>You have been reading <i>SB Blogwatch</i> by <a href="https://www.richi.uk/" target="_blank" rel="noopener">Richi Jennings</a>. Richi curates the best bloggy bits, finest forums, and weird­est web­sites—so you don’t have to. Hate mail may be directed to  <a href="https://twitter.com/richi" target="_blank" rel="ugc noopener">@RiCHi</a>, <a href="https://threads.net/@richij" target="_blank" rel="ugc noopener">@richij</a>, <a href="https://vmst.io/@richi" target="_blank" rel="ugc noopener">@<span class="__cf_email__" data-cfemail="76041f151e1f36001b0502581f19">[email protected]</span></a>, <a href="https://bsky.app/profile/richi.bsky.social" target="_blank" rel="ugc noopener">@richi.bsky.social</a> or <a href="/cdn-cgi/l/email-protection#2e5d4c4c596e5c474d4647004d41005b45115d5b4c444b4d5a13035d4c4c5903"><span class="__cf_email__" data-cfemail="5a2938382d1a2833393233742f31">[email protected]</span></a>. Ask your doctor before reading. Your mileage may vary. Past per­formance is no guar­antee of future results. Do not stare into laser with re­maining eye. E&amp;OE. 30.</em></p><p>Image sauce: <a href="https://unsplash.com/photos/the-statue-of-liberty-is-shown-against-a-blue-sky-CkzZjuQB0hM" target="_blank" rel="noopener" name="sbbwis">Chris Linnett</a> (via <a title="Some rights reserved" href="https://unsplash.com/license" target="_blank" rel="ugc noopener">Unsplash</a>; leveled and cropped)</p><div class="spu-placeholder" style="display:none"></div>