Skip to main content

Top 3 stories: SASE testing, Scattered Spider tactics, AI security guidance - Week of June 2, 2025

June 5, 2025

  1. Independent Testing Critical for Secure Access Service Edge (SASE) Solutions

    Enterprises moving to a SASE architecture face challenges in vendor selection and performance validation. Wiretap Labs provided guidance for companies defining SASE requirements through a vendor-neutral RFP template. However, the need for real-world testing remains, as demonstrated by the necessity for product trials and independent evaluations to confirm vendors' promises versus actual capabilities.

  2. Scattered Spider’s Exploitation Tactics

    Scattered Spider, an emerging cyber group, employed various social engineering strategies to compromise organizations since 2022. They utilized phishing, smishing, and vishing techniques, successfully accessing systems through manipulation tactics. Netskope provided an overview of these methods and emphasized security protocols that organizations should adopt, including training employees to recognize and mitigate these threats effectively.

  3. A Collaborative Approach to Artificial Intelligence (AI) Data Security

    CISA, NSA, FBI, and international partners released an AI data security guidance document urging federal agencies to adopt best practices for securing AI data. The advice outlines risks associated with data security throughout the AI lifecycle and suggests measures for organizations to protect sensitive data through improved monitoring and threat detection capabilities to enhance overall cybersecurity efficiency.

  1. Selecting a SASE Solution: Why Independent Testing is Critical to the Evaluation Process
  2. Netskope coverage of Scattered Spider's tactics
    Active since 2022, Scattered Spider utilizes sophisticated social engineering strategies to compromise organizations across multiple sectors.
  3. CISA, NSA, FBI issue AI data security guidance
    A joint information sheet encourages federal agencies and critical infrastructure owners to adopt best practices for AI data security.
  4. Decision Insights and SDxCentral SASE Independent RFP, Quickstart Guide
  5. Nokia introduces co-existence solution for 10G, 25G, and 50G Passive Optical Network (PON) on the same fiber network
    Nokia has launched a co-existence solution allowing operators to run 10G, 25G, and 50G PON services on a single network.
  6. Infosys updates its Environmental Social and Governance (ESG) Vision 2030; aims to become climate positive by 2030 and expand global skilling commitments.
    Infosys achieved carbon neutrality for the sixth year and became the first Indian company approved under EU Binding Corporate Rules.
  7. Netskope Highlights Phishing Threats on Glitch
    Attackers exploit Telegram to bypass Multifactor Authentication (MFA) and collect sensitive information through phishing sites hosted on Glitch.
  8. Aviz Networks transforms enterprise networking with AI and open-source
    Aviz Networks enhances enterprise networking with AI-driven solutions, promoting open-source technologies and flexibility for organizations.
  9. Arctic Wolf report reveals AI is now leading cybersecurity concern
    70% of organizations faced significant cyber attacks in 2024. AI concerns surge as 29% of security leaders prioritize it.
  10. CISA and ASD's ACSC release Security Information and Event Management (SIEM) and Security Orchestration Automation Response (SOAR) guidance
    CISA and ASD's ACSC issue guidance for organizations on SIEM and SOAR platforms, focusing on cybersecurity improvements.
  11. Netskope named a Leader in Gartner Security Services Edge (SSE) report
    In the latest Gartner Critical Capabilities for SSE report, Netskope ranked first in three use cases and second in three others.
  12. Proficio partners with Cisco to expand Managed Extended detection and response (XDR)
    Proficio announces its ProSOC Managed XDR service with Cisco, providing continuous threat detection and response for enterprises.
  13. EXL partners with Databricks to launch Gen-AI powered code migration accelerator
    EXL collaborates with Databricks to boost code migration from SAS to its platform, enabling up to 80% reduction in manual effort.
  14. CISA identifies five new vulnerabilities in catalog
    Binding Operational Directive (BOD) 22-01 requires federal agencies to promptly address new vulnerabilities to improve cybersecurity posture.
  15. Vectra AI recognized as a Leader in the 2025 Gartner Magic Quadrant for Network Detection and Response (NDR)
    Hitesh Sheth noted the significance of the NDR market and Vectra AI's role in addressing modern cyber threats.

Related Perspectives