Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on our latest webinar in collaboration with our newest Partner SenseOn, Strengthening Security and Operational Efficiency, Data Centre Monitoring, and much more.

KedronUK

Rethinking Security Operations: A Smarter Approach Without Traditional SIEM. (Webinar)
Traditional SIEMs are increasingly falling short for modern security teams—too costly, too complex, and generating too much noise. In this refreshed webinar, we’ll explore how AI-driven security operations can deliver SIEM-like outcomes without the overhead.

In our latest webinar, in partnership with SenseOn, we’ll explore how AI-driven security operations can deliver SIEM-like outcomes without the overheads.

Register for the webinar here.

Forescout Technologies

Close Gaps with Forescout & Keysight. (Blog Post)
Security teams face a growing challenge with unknown and unmanaged devices, legacy systems, and specialised IoT and OT assets. Unknown and unmanaged devices often lack inventory records or proper authentication, making them difficult to monitor and secure. Legacy systems run outdated software and lack security controls due to obsolete protocols and weak encryption. And IoT and OT devices weren’t normally built with security in mind. Many OT environments are air-gapped or isolated, so temperature, vibration, and flow sensors may not be inventoried by current systems. Some newer IoT and OT sensors even connect to the cloud, creating new outbound pathways that bypass perimeter controls.

Find out more here.

Infosim

Data Centre Monitoring with StableNet®. (Blog Post)
Data centre monitoring is the continuous process of collecting, analyzing, and interpreting data from critical infrastructure components within a data center. This includes overseeing IT equipment, power systems, environmental factors, and physical security.

The main goal is to keep the data center healthy, efficient, and reliable. It helps teams spot problems early and make smart decisions to avoid downtime.

Modern data centres utilise a combination of automated tools and manual techniques to get a complete view of their operations. This hybrid approach provides the best visibility into how a data center is functioning and what changes might be necessary for optimal performance.

Read more here.

Keysight Technologies

Malicious URLs in LLM Prompts and Responses: A new Vector for Abuse. (Blog Post)
A common feature in the AI agents, such as ChatGPT, Claude, Gemini, and others, is their ability to access and summarise external web content when provided with a web URL. Although this added feature is highly beneficial for tasks like research, staying updated on current events and retrieving useful information from a webpage, it also creates an opportunity for attackers to exploit it.

In this blog, Keysight explores the different ways malicious actors can exploit LLM-based AI agents by injecting malicious or obfuscated URLs – both within the user prompt and as part of the LLM’s generated response.

Read more here.

Rapid7

Speed, Scale and Immediate Action with Agentic AI Workflows for MDR. (Blog Post)
Many aspects of what makes an investigation successful are the best parts of human intelligence: judgment, contextual awareness, and strategic thinking. But the overwhelming demands of the current security landscape — with attacker breakout times now under an hour — narrow the window for these techniques to be applied at scale. But what if you could encode the instincts of an experienced analyst into every investigation and execute at machine speed?

Rapid7’s view of the future of cybersecurity combines deep human expertise with intelligent systems that perceive, reason, and act with autonomy. They’re now proud to introduce agentic AI workflows, powered by the Rapid7 AI Engine: a system that brings structured thinking, deep analysis, and scalable decision-making to every investigation within our next-gen SIEM.

Find out more here.

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on our lastest Partnership with SenseOn, Cybersecurity in Manufacturing, GenAI in Network Management, and much more.

KedronUK

New Partnership with SenseOn! (Press Release)
KedronUK is proud to announce our new partnership with SenseOn, a leader in AI-driven cybersecurity.

As a result of this agreement, we can now offer customers a unified cybersecurity platform that integrates data from existing tools combined with native visibility, delivering actionable intelligence to strengthen their defense and reduce security team’s workload.

Read more about the partnership here.

BullWall

Ransomware in Manufacturing. (Blog Post)
The manufacturing industry is consistently under attack from cyber criminals. Cybercriminals are launching relentless ransomware attacks to shut down factories, stop production lines, and hold the critical infrastructure they gained access to as hostage.

Manufacturing businesses and the interconnected supply chain are particularly vulnerable to ransomware attacks due to several factors:

• Industrial Control Systems (ICS): Many manufacturing facilities rely on outdated ICS systems. Due to outdated ICS, there are many potential entry points for cybercriminals.
• Interconnected Supply Chains: Modern manufacturing relies on complex, interconnected supply chains, creating more entry points and increasing the value of the ransom demanded.
• High-Value Assets: Manufacturing facilities often house valuable equipment and often house something that can be even more valuable: intellectual property.
• Production Halt: Ransomware attacks shut down production lines, leading to a high cost of downtime while also impacting the supply chain.

Find out more here.

Forescout Technologies

Cybersecurity in Manufacturing: Threats, Trends, and Preparation. (Blog Post)
The manufacturing sector has consistently ranked among the most heavily impacted by ransomware groups, and other threats, such as data breaches. The sector includes a wide range of industries – from automotive and electronics to chemicals and heavy machinery.

In Forescout’s 2024 Threat Roundup, manufacturing ranked fourth among the most targeted critical infrastructure sectors in 2024 – while the number of threat actors increase by 71%. Given this major increase, Forescout has decided to look closer.

Read more the full blog here.

Infosim

GenAI in Network Management. (Blog Post)
Since ChatGPT was introduced at the end of 2022, generative AI (genAI) has gained significant attention. Every day, developers are creating novel and powerful applications and use cases that showcase the potential capabilities of genAI. The technology behind ChatGPT, known as Large Language Models (LLMs), has received significant attention. With the increased availability of information and computing power, numerous new models have emerged. The application possibilities of genAI and LLMs have steadily expanded in recent years. So, it’s no wonder the demand for AI-driven network management with genAI is also growing. Let’s discuss how genAI and LLM can be beneficial to network management and operations.

Find out more here.

Keysight Technologies

Understanding ReNeLLM (Blog Post)
In the rapidly evolving field of AI and LLM security, where researchers and adversaries are constantly pushing boundaries to come up with new attack vectors, a new jailbreak technique known as ReNeLLM is gaining attention. This method employs a multi-layer strategy to fool LLMs by carefully crafting prompts that evade safety mechanisms. In this blog, Keysight discusses how this attack works under the hood by breaking down its two-stage attack methodology and its support in BreakingPoint.

Read more here.

Rapid7

Seeing is Securing: How Surface Command Expands MDR Visibility and Impact. (Blog Post)
Shadow IT, orphaned assets and internet-facing exposures, and unmanaged cloud services are all part of an expanding attack surface. And, according to Enterprise Strategy Group, 76% of organisations have experienced some type of cyberattack involving an unknown or unmanaged internet-facing asset – the kind of risk that stems from gaps in visibility. The result? A critical mismatch between the Attack Surface (what adversaries can reach), and the Detection Surface (what MDR services are configured to see and respond to).

To maximise the effectiveness of security operations, MDR must continually evolve. Read the full blog here.

Logpoint

The Impacket Arsenal: A Deep Dive into Impacket Remote Code Execution Tools. (Blog Post)
In today’s evolving threat landscape, we continually see new threat actors emerge and novel attack techniques surface. To keep pace, defenders must monitor the tactics, techniques and procedures (TTPs) leveraged by these threat actors. A critical part of this understanding comes from analysing the tools attackers use to achieve their objectives.

Find out more here.

Heimdal

Cybersecurity in an Age of Geopolitical Uncertainty: The European Advantage. (Blog Post)
In today’s tumultuous world, trust is just as critical as technology. Geopolitical tensions in 2025 are blurring the lines between allies and adversaries, forcing organisations to rethink whom they trust with their cybersecurity.

The blog post explores how geopolitical uncertainty impacts cybersecurity, the unique value European providers offer, and how Heimdal Security remains a trusted and committed partner for European businesses.

Read more here.

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Enhancing OT/IoT Visibility, Network Visibility and Deep Packet Inspection, Health Industry Cybersecurity Practices, and much more.

KedronUK

Enhancing OT/IoT Visibility with Keysight & Forescout (Webinar)
Join KedronUK, Forescout, and Keysight on Wednesday 21st May at 2pm for an exclusive webinar where we will explore how organisations can achieve a comprehensive OT/IoT visibility and enhance security through cutting-edge solutions.

Register for the webinar here!

BullWall

Health Industry Cybersecurity Practices. (Blog Post)
The health industry continues to evolve rapidly, meaning the digital imprint of the healthcare industry grows daily. Although access to electronic health records (EHRs), telemedicine, and connected medical devices are revolutionising patient care, more patient information is stored in systems that cybercriminals are trying to access illegally.

Many in the health industry are unaware that every connected system is a potential entry point for cybercriminals, making BullWall Ransomware Containment a necessary solution. Even fewer understand the many ways a ransomware attack impacts healthcare organisations.

Find out more here.

Forescout

Rethinking Enterprise Security in IT and OT Systems. (Blog Post)
Every enterprise thinks they know what’s on their network. Until they don’t. When they don’t, security teams are paralysed, compliance efforts stall, and attacks slip through unnoticed.

The root of the issue? A false of visibility in increasingly complex, interconnected environments. Smart factories. Smart medical devices. Self-driving cars. Todays world is becoming more and more intertwined with cyber-physical systems.

Modern IT and OT systems and networks are under siege from a growing flood of alerts, fragmented tools, and unmanaged, specialised devices. Visibility is patchy, alerts are noisy, and security teams are stretched thin.

Read more a here and find out how Forescout uncover and understand everything on your network.

Logpoint

Logpoint’s release: Reduce operational burden and gain efficiency. (Blog Post)
According to the European Union Agency for Cybersecurity’s (ENISA) 2024 report, the industry-wide talent gap continues to challenge security teams, leading to inefficiencies and increased workloads. Recognising these challenges, Logpoint’s latest release is designed to reduce operational burdens, enhance efficiency, and improve security outcomes. With a strong focus on automation, centralised monitoring and centralised management, this release helps SOC teams and MSSPs streamline their workflows, scale their operations and maximise their security investments.

Find out more here.

Rapid7

Why is Ransomware Still a Thing in 2025? (Blog Post)
We all know ransomware is one of the most persistent and damaging threats out there. Yet, this isn’t because it’s new – ransomwares been around since 1989 – but because we are making it far too easy for threat actors.

Ransomware remains a crisis because we are still giving attackers the upper hand. To regain control, we need to understand how we’ve made it so easy for them, and what we can do to change that.

Read more here.

Keysight Technologies

Network Visibility and Deep Packet Inspection (DPI) Deliver Better Threat Detection Together. (Blog Post)
Most modern cybersecurity strategies feature deep packet inspection (DPI) capabilities that help to find and flag potential cyber threats faster. After a quick update on DPI, we’ll see how network visibility makes DPI more powerful and efficient and how you can leverage these capabilities together to keep data safe in the cloud and in the age of AI.

Find out more here.

ExtraHop

A Modern Approach to Network Detection & Response. (Blog Post)
The current cybersecurity environment is characterised by relentless barrage of sophisticated threats, demanding equally sophisticated defences. However, cyberattacks over the last several years have proven time and time again that traditional defences alone cannot defend the modern enterprise.

With security leaders increasingly recognising the dire need to detect and respond to lateral movement throughout their hybrid networks. NDR has reached a crucial stage of maturity: evolve from a promising concept to an adaptable, integrated solution that aligns with the realities of the modern enterprise.

Read more about the Modern NDR approach here.