- Friday Tech News
- Posts
- Friday Tech News (Finally)
Good morning and welcome to another edition of Friday Tech News! I hope you’ve had a wonderful week.
Yes, yes, I know. I’ve been “lax” on this lately. It’s been super tough building the company and running around the USA while trying to keep up with things. But, here we are again, this week with some awesome and exciting news and updates. I’ve summarized the last 2 weeks worth of content in this issue, so definitely take a read through and catch what you missed out on!
Last week was super fun at FIRST’s Vulncon in Raleigh NC. I got to meet one of the people I admire most on the internet, James Berthoty with Latio tech, along with a ton of other cool industry people who are solving some of the worlds craziest problems.
Me and James hanging
Of course this week though, the news was all about the NVD program almost being shut down due to funding collapse until CISA came in to rescue the contract. More on that in the Articles section below.
Anyway, I won’t keep you with tons of details about my life and what we’ve been up to, but just know that I appreciate you for reading this and stopping whatever you're doing to catch up on the news. This is a great edition 🙂 IMHO.
I hope you have a wonderful weekend and stay physically and digitally safe!
Phil
OEM News & Updates 📰
NetBackup 11.0 Enhancements introduces quantum proof encryption to guard against emerging threats in quantum.
Expanded user behavior monitoring
Expanded Cloud & PaaS support for workloads including Amazon RDS Custom, Azure Cosmos DB, and now supports image replication and DR from cloud archive tiers.
The Solo MCP Gateway simplifies the connection between AI agents and MCP compatible toolchains to reduce manual integration efforts on devs.
The gateway provides a single access point for thousands of MCP tools, offering automated registration, authentication, and federated management.
It claims to improve AI agent visibility through centralized metrics, logging, and tracing as well.
BigID’s DSPM insights now feed into the Singularity platform, improving threat prioritization and response based on data sensitivity and exposure. Neat.
The integration reveals hidden and unprotected data assets, allowing teams to correlate data risks with actual threat activity.
Big play for MSSPs.
GitHub | GitHub CoPilot Evolves
GitHub’s Copilot is now not just a code completion tool, but a fully agentic development partner. Capable of translating ideas into code and managing multi-file workflows independently.
DevOps teams can select AI models they want to use such as Claude 3.5, Gemini 2.0, GPT-4o etc…
V1.5 introduces adoption insights, an analytical dashboard that helps platform engineers track usage patterns and improve developer engagement.
It also offers a catalog of over 60 plugins that orgs can customize their dev portals with.
Can now be run locally as well enabling engineers to test and refine configs without deploying to K8s.
z17 - the latest IBM mainframe system - keeps business data on customer-owned servers instead of the cloud.
Designed to handle AI workloads, allowing businesses to process stored data without relying on cloud service providers.
Look out for HashiCorp influenced features in security and data protection / access.
Phoenix introduced an AI Agent that enhances vulnerability management by predicting which weaknesses are likely to be exploited or become ransomware threats.
Using their 4D Risk Formula which evaluates vulnerabilities across 4 areas, business impact, severity, exploitability, and deployment context, ensures security teams focus on high-risk threats in their environments.
The AI Agent also tracks zero-day exploits and ransomware tactics, integrating with CTEM for proactive security measures.
Netwrix Access Analyzer now supports MCP allowing AI assistants to provide instant security insights without manual queries.
Security teams can ask natural language questions to detect shadow access, sensitive data exposure, and stale accounts to improve TD&R.
Netwrix plans to extend MCP integration to their Privilege Secure and Threat Manager products to enhance their PAM position and Identity related threat detection positions.
Cloudflare’s Rmote MCP Server enables AI agents to interact with external services without relying on locally hosted servers.
It now supports Auth0, Stytch, and WorkOS, allowing developers to build secure permissions for AI Agents.
Cool stuff
Okta | Okta releases NHI updates
Okta introduces new platform capabilities to secure NHI’s including AI Agents, API keys, and automation tools.
The platform unifies identity security across both human and non-human identities to address growing complexity in this domain.
Enhancements also include Identity Security Posture Management, Privileged Access, Secure Device Features, and “separation of duties”.
Veracdoe Fix, an Ai driven security tool automates vuln remediation across 11 programming languages.
It enables devs to address security flaws instantly, reducing risk and improving efficiency.
Pretty innovative and available for free trial….but who’s letting AI Agents run wild fixing code rn?
Google | Google takes on Cursor
Google launches Firebase STudio for AI, which is a cloud based AI IDE that enables devs to build full stack apps using natural language prompts (like cursor) instead of traditional coding.
Integrates with React, Next.js, Angular, Vue.js, Flutter, Android, Node.js, Java, Python Flask, and more…
Directly challenging cursor in the AI driven coding space.
No joke didn’t think I’d hear from Tufin again.
Turin’s latest Orchestration Suite introduces integrations with Arista, Cisco, and Vmware, improving visibility and policy management across diverse infrastructures.
The updates is aimed at strengthening CSPM by identifying risks and unused rules in Azure NSG’s and AWS SG’s.
The new Auth for GenAI feature ensures AI agents have secure authentication (much needed) fine grained authorization, and protected API access.
Devs often overlook authorization and access controls with respect to AI Agents which can lead to some bad circumstances.
The platform enables AI agents to authenticate users, interact securely with apps, and manage permissions for enterprise grade security of AI driven workflows.
The new Agent Development Kit simplifies multi-agent AI development which allows enterprises to build and deploy intelligent agents with under 100 lines of python.
AI Agents built with langGraph, Crew.ai, and other frameworks can now communicate seamlessly.
Google’s Agent Engine streamlines testing, scaling, and monitoring, ensuring AI agents maintain context across sessions.
Illumio Launches AI powered CD&R. Insights uses an AI security graph to identify threats across hybrid and multi-cloud environments for real-time observability into traffic, flows, and connections.
The platform enables one-click attack containment, isolating impacted workloads to reduce blast radius impact.
Illumio offers agentless deployment across millions of workloads in minutes to improve TD&R and risk prioritization.
OpenAI | OpenAI launches GPT-4.1
OpenAI launches GPT-4.1 which has major performance improvements in instruction following and long-context understanding.
Reduces latency by nearly half and cuts costs by 83% compared to GPT-4o.
Phasing out 4.5 due to GPU concerns.
BMC Introduces GenAI powered Workflow Enhancements, Control-M, SaaS AI advisor, and Jett. These enable users to optimize workflows using natural language queries to improve troubleshooting and compliance verification.
Their AMI Assistant offers a curated LLM model library and a BYO-LM allowing orgs to tailor AI strategies to whatever their security and governance needs might be.
The AMI Ops Insight solution is powered by AI Agents and provides RCA and Resolution guidance as well.
Gurucul introduces Self-Driving SIEM with Agentic AI, the latest update to their REVEAL platform, it integrates multi-agent AI workflows to automate threat detection, investigation, and response. Claims to reduce manual security operations by 58%.
Gurucul’s Data Optimizer autonomously classifies, normalizes, and filters security data while AI Agents detect evolving attack chains and refine machine learning models in real time.
The SME AI Copilot provides expert guidance, enriched insights, and automated triage too.
Tableau | Tableau enters the Agentic AI era
The new platform, Next, features Data Pro, Conceirge, and Inspector, which automate data prep, natural language queries, and proactive monitoring to enhance analytic workflows.
Tableau Next includes an AI powered semantic layer, ensuring relevant and precise insights by providing their agents with a deeper understanding of business data.
Now you can get autonomous insights and workflow automation directly from AI. No more manual “thinking” required.
Microsoft | Microsoft’s Updates to Copilot Studio
Microsoft Introduces “computer use” tool in Copilot Studio which allows AI Agents to click, type, and navigate within desktop and web apps…even in environments without APIs.
Users can simply describe tasks in plain English and the AI will do them…all while adjusting to app layouts.
MSFT is ensuring data security on this one with no data being used to train AI models…
hot trend to release these.
Lasso introduces the “first security centric solution for MCP” designed to enhance Agentic workflows while maintaining enterprise grade security.
Provides agnostic guardrails to prevent sensitive data exposure, advanced tracking for usage analytics, and unified visibility across all connected MCPs.
The platform is aiming to target prompt injection, command injection, and RCE vulns to ensure secure “AI-to-tool” interactions.
OpenAI | OpenAI launches o3 and o4 mini
These new AI models focus on advanced reasoning and complex problem solving.
o4 offers faster performance at lower costs.
o3 can execute Python code, analyze images, and search the web and even set records on SWE-bench and MMMLU benchmarks.
Articles I Liked This Week 💡
Private Equity Wire | Andreessen Horowitz targets $20B AI focused fund
Computerworld | Apple flew 600 tons of Iphones from India to avoid tariffs
Finance & Commerce | NVIDIA to manufacture chips in the US
Engadget | OpenAI is apparently making a social network
Help Net Security | Microsoft’s Vulnerabilities
2024 saw an 11% increase from 2022 of over 1,360 vulns discovered. Critical vulns dropped though to 78, the lowest since tracking began.
Elevation of Privilege and RCE remain top risks.
With everything that went down in the NVD world this week, I don’t think MSFT or anyone in the hyperscale space should come in and try and take over. They’re producing just as many vulns as they’re releasing updates.
Tech Funding & M&A 💸
SandboxAQ | SandboxAQ Raises $450M from Google and Nvidia
Unframe | Unframe secures $50M
Cloudbolt | Cloudbolt acquires StormForge
Cloudflare | Cloudflare acquires Outerbase
Anecdotes | Anecdotes raises $55M
Tailscale | Tailscale raises $160M
CalypsoAI | CalypsoAI raises $5M
Artisan AI | Artisan raises $25M
Groundcover | Groundcover raises $35M
8Flow | 8Flow.ai raises $10M Series A
Hugging Face | Hugging Face acquires Pollen Robotics
Scout AI | Scout emerges with $15M Seed Round
Torq | Torq acquires Revrod
Exaforce | Exaforce raises $75M Series A
Meme of the week 🤣
Recommendations 👉🏻
|
|
Thank you so much for making this a part of your Friday morning coffee time. I'm Phil Moroni, and I'm an Account Executive in the Information Technology industry here with another edition of Friday Tech News!
What is this? This is a newsletter that provides updates and insights on the latest trends and developments in the technology industry. I am a professional who specializes in supporting IT leaders in evaluating, investing, and managing people, processes, and technology tools that support their businesses.
Each week, I summarize relevant industry updates from popular Original Equipment Manufacturers (OEM's), software publishers, and managed providers. The goal of my research and newsletter is to keep you informed about current trends and events that may impact your business from a trusted and reputable source. It's just information I'm sharing, and I follow and work with hundreds of partners in the industry, keeping track of their growth, changes, and evolution so that you don't have to.
Bottom Line: As you focus on improving your business through digital initiatives, my commitment is to keep you informed of the fast-paced changes and trends taking place so that you can plan ahead and stay ahead of the game.
Key areas of focus for me are:
Cloud Computing, Security, Trends
Developer & Security Tools
Networking & Infrastructure Tools
End User Tools & Workspace Tech
Emerging Technologies and Future Concepts
If you have any questions, would like information about any specific vendors I follow, or would like to have a conversation about any topic that is challenging you, I invite you to engage with me! I value feedback immensely and would love to know what you find valuable about this newsletter so feel free to reach out!
Thank you for reading and stay digitally and physically safe!
Phil
Reply