Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on our latest Webinar discussing Smarter Network Management, the 5 Most Common Operational Technology Security Issues, Shaping Sustainable and Resilient Communication Networks, and much more.

KedronUK
Smarter Network Management – Migrating from Legacy NMS to StableNet®. (Webinar)
Is your current network management platform holding you back? Join KedronUK on Tuesday 14th October at 11am for a 45-minute live webinar, where we’ll show you how organisations are making the move to StableNet® – a mature, fully-integrated platform that delivers automation, visibility, and long-term transparency.

Register here.

Forescout Technologies
5 Most Common Operational Technology Security Issues. (Blog Post)
Operational technology (OT) systems control and monitor industrial processes in sectors, including energy, manufacturing, water treatment, transportation, and more. As these systems become increasingly interconnected with information technology (IT) networks, their exposure to cyber threats grows. Protecting OT environments requires a keen understanding of their unique vulnerabilities and challenges.

Find out more here.

Infosim
Shaping Sustainable and Resilient Communication Networks. (Blog Post)
The reliability of communication is not only essential for everyday interpersonal interaction, but also for critical infrastructure such as energy supply, healthcare, and public safety. The importance of robust, fail-safe communication networks becomes particularly apparent in times of crisis such as natural disasters, cyberattacks, terrorist attacks, and similar events. These networks are essential for coordinating rescue teams and relief efforts, maintaining basic supply functions, and ensuring a reliable information flow. At the same time, the sustainability of these networks is becoming increasingly important due to rising energy requirements. The key here is to minimise energy consumption while maintaining reliable, high-quality communication.

Read the full blog post here.

SenseOn
Identity is the New Perimeter. (Whitepaper)
Over 80% of breaches now involve compromised credentials, not malware. Attackers don’t need to break in. They log in. Phishing MFA fatigue, and token theft are driving a wave of identity-based threats that most traditional tools weren’t built to catch. Security teams are expected to detect misuse, investigate sign-ins, and respond to identity incidents. But identity data is fragmented across Entra ID, Okta, Google Workspace and others. Most investigations require jumping between tools, hunting for context, and reacting late.

Download the Whitepaper here.

Rapid7
New Infographic Showcases How Rapid7 MDR Stops Threats Fast. (Blog Post)
In cybersecurity, the first few minutes of an attack can define the rest of the story. Will it be a minor event swiftly contained with no data loss, or the beginning of a full-blown incident that leads to costly remediation, reputational damage, and lasting business disruption?

The difference often comes down to how fast and how well your organisation can detect, understand, and respond to the threat.

Read more & view the infographic here.

BullWall
The Cyber Assessment Framework. (Blog Post)
The UK’s new Cyber Assessment Framework (CAF) 4.0 has raised the bar for cyber resilience. It asks executives of essential service providers to demonstrate not only that they understand today’s attacker behaviours, but they can detect, stop, and recover from them before critical operations are disrupted.

There’s one attacker behaviour that consistently tops the threat landscape and regulator concerns: ransomware-drive mass encryption. And this is exactly where BullWall adds unique, measurable value to your security stack.

Find out more here.

ExtraHop
Unmasking Threats Across the Network with Real-time Identity Insights. (Blog Post)
In today’s complex digital landscape, where hybrid networks, remote work, and SaaS growth are the norm, understanding “who” is behind network activity is paramount. Identity is no longer solely an IT concern: it’s the cornerstone of modern security.

Identity is the new battleground, and attackers are having a field day. With so many user accounts, devices, and services in the cloud, there are endless opportunities for compromise. A user (customers, employees, partners, and vendors) can be a weak point for attackers to get in and move around, stealing data or spreading ransomware.

Find out more here.

Allegro Packets
Allegro Network Multimeter Release 4.5. (Blog Post)
The new firmware version 4.5 is available for the Allegro Network Multimeter. This firmware contains numerous improvements and enhancements compared to version 4.4.3 and can be installed on all devices with support.

Read about the highlights of the release here.

DBmarlin
DBmarlin 5.8.0 is now available! (Blog Post)
DBmarlin are excited to share thier latest updates, including a brand-new DB Versions screen, improvements to DBmarlin Co-Pilot, and a number of performance and upgrade enhancements.

View all the new and improved features here.

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Navigating Cybersecurity Challenges, Improving Operational Resilience, Insights into the 2025 Ransomware Economy, and much more.

KedronUK
Navigating Cybersecurity Tool Choices in the Age of AI. (Report)
In collaboration with SenseOn, an AI-driven cybersecurity platform, we conducted a survey to better understand how organisations are navigating cybersecurity challenges.

We wanted to hear directly from security practitioners and decision-makers to learn what’s working, what’s not, and where they see the greatest opportunities and risks in today’s cybersecurity environment.

Read the full survey report here.

Forescout Technologies
Improve Operational Resilience with Harm Reduction. (Blog Post)
Data can drive smart decisions. It tells a truth. You can pay attention to what it’s saying and reprioritise. Or it can be recognised and put aside. But putting it aside in business doesn’t mean ignoring it. It means finding a defensible risk model. One that works for you, your board, your shareholders, your customers, and employees.

You always need to understand your operational resilience – and you need to get agreement on acceptable and unacceptable security, cyber-physical, and OT security tolerances.

Find out more here.

Infosim
Developments in the Fiber Optic and Telecommunications Industry in Germany. (Blog Post)
Increasing global connectivity through new technologies such as the Internet of Things (IoT) and 5G is generating growing demand for high-speed internet access and more reliable wireless networks. The expansion of the fiber optic infrastructure is of central importance for Germany’s digital transformation. The current expansion rate at the end of 2024 is 48.8%. The government, network operators and industry associations such as the German Broadband Association (BREKO) are actively committed to achieving a nationwide fiber coverage as fast as possible.

Read the full blog post here, where Infosim examine the dynamic changes in the telecommunications industry in Germany, analyses the resulting challenges for network service providers (NSPs) and outlines key solutions.

Keysight Technologies
What the EU Cyber Resilience Act means for Digital Product Makers. (Blog Post)
The EU Cyber Resilience Act (CRA) is set to become a defining regulation for all manufacturers and developers of digital products that touch the EU market. It introduces strict requirements for cybersecurity practices, risk management, and compliance procedures, affecting a wide range of stakeholders from software developers to hardware vendors. This article unpacks what the CRA is, who it affects, and how to get ready.

Find out more here.

Rapid7
Inside the Ransomware Economy in 2025. (Blog Post)
Building on insights from Rapid7’s Q1 and Q2 2025 ransomware trend reports, it’s clear that the ransomware economy continues to evolve – and not just in volume, but also in business maturity. As threat actors shift tactics, tools, and partnerships, defenders face a complex landscape shaped by affiliate churn, rising ransom demands, and increasingly sophisticated social engineering campaigns.

This blog explores the latest ransomware trends 2025, threat intelligence, and practical takeaways to help security teams stay ahead of the threat.

Read more here.

BullWall
Securing VMware Environments in an Era of Escalating Cyber Threats. (Blog Post)
Ransomware has evolved into one of the most disruptive threats in cybersecurity, and virtualised environments have become an increasingly frequent target. Organisations running VMware vSphere and ESXi platforms are now prime targets, facing not just financial losses but the potential collapse of critical business operations. With cybercriminals continuously innovating their attack strategies, security leaders must rethink their defences and adopt a proactive, automated approach to safeguarding their virtual infrastructures.

Find out more here.

ExtraHop
From Potential to Performance: Maximising AI’s Impact with Modern NDR. (Blog Post)
Artificial intelligence (AI) and machine learning have become foundational components for effective network detection and response (NDR), fundamentally reshaping how organisations defend against modern threats.

According to the 2024 Global Cyber Confidence Index, 38% of security decision-makers said using AI and machine learning to help manage and mitigate cyber risk is a top priority for their organization this year.

Despite this clear priority, enterprises are only just beginning to really understand the transformational benefits that intelligent NDR solutions can offer.

Find out more here.

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on our latest webinar in collaboration with our newest Partner SenseOn, Strengthening Security and Operational Efficiency, Data Centre Monitoring, and much more.

KedronUK
Rethinking Security Operations: A Smarter Approach Without Traditional SIEM. (Webinar)
Traditional SIEMs are increasingly falling short for modern security teams—too costly, too complex, and generating too much noise. In this refreshed webinar, we’ll explore how AI-driven security operations can deliver SIEM-like outcomes without the overhead.

In our latest webinar, in partnership with SenseOn, we’ll explore how AI-driven security operations can deliver SIEM-like outcomes without the overheads.

Register for the webinar here.

Forescout Technologies
Close Gaps with Forescout & Keysight. (Blog Post)
Security teams face a growing challenge with unknown and unmanaged devices, legacy systems, and specialised IoT and OT assets. Unknown and unmanaged devices often lack inventory records or proper authentication, making them difficult to monitor and secure. Legacy systems run outdated software and lack security controls due to obsolete protocols and weak encryption. And IoT and OT devices weren’t normally built with security in mind. Many OT environments are air-gapped or isolated, so temperature, vibration, and flow sensors may not be inventoried by current systems. Some newer IoT and OT sensors even connect to the cloud, creating new outbound pathways that bypass perimeter controls.

Find out more here.

Infosim
Data Centre Monitoring with StableNet®. (Blog Post)
Data centre monitoring is the continuous process of collecting, analyzing, and interpreting data from critical infrastructure components within a data center. This includes overseeing IT equipment, power systems, environmental factors, and physical security.

The main goal is to keep the data center healthy, efficient, and reliable. It helps teams spot problems early and make smart decisions to avoid downtime.

Modern data centres utilise a combination of automated tools and manual techniques to get a complete view of their operations. This hybrid approach provides the best visibility into how a data center is functioning and what changes might be necessary for optimal performance.

Read more here.

Keysight Technologies
Malicious URLs in LLM Prompts and Responses: A new Vector for Abuse. (Blog Post)
A common feature in the AI agents, such as ChatGPT, Claude, Gemini, and others, is their ability to access and summarise external web content when provided with a web URL. Although this added feature is highly beneficial for tasks like research, staying updated on current events and retrieving useful information from a webpage, it also creates an opportunity for attackers to exploit it.

In this blog, Keysight explores the different ways malicious actors can exploit LLM-based AI agents by injecting malicious or obfuscated URLs – both within the user prompt and as part of the LLM’s generated response.

Read more here.

Rapid7
Speed, Scale and Immediate Action with Agentic AI Workflows for MDR. (Blog Post)
Many aspects of what makes an investigation successful are the best parts of human intelligence: judgment, contextual awareness, and strategic thinking. But the overwhelming demands of the current security landscape — with attacker breakout times now under an hour — narrow the window for these techniques to be applied at scale. But what if you could encode the instincts of an experienced analyst into every investigation and execute at machine speed?

Rapid7’s view of the future of cybersecurity combines deep human expertise with intelligent systems that perceive, reason, and act with autonomy. They’re now proud to introduce agentic AI workflows, powered by the Rapid7 AI Engine: a system that brings structured thinking, deep analysis, and scalable decision-making to every investigation within our next-gen SIEM.

Find out more here.

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on our lastest Partnership with SenseOn, Cybersecurity in Manufacturing, GenAI in Network Management, and much more.

KedronUK
New Partnership with SenseOn! (Press Release)
KedronUK is proud to announce our new partnership with SenseOn, a leader in AI-driven cybersecurity.

As a result of this agreement, we can now offer customers a unified cybersecurity platform that integrates data from existing tools combined with native visibility, delivering actionable intelligence to strengthen their defense and reduce security team’s workload.

Read more about the partnership here.

BullWall
Ransomware in Manufacturing. (Blog Post)
The manufacturing industry is consistently under attack from cyber criminals. Cybercriminals are launching relentless ransomware attacks to shut down factories, stop production lines, and hold the critical infrastructure they gained access to as hostage.

Manufacturing businesses and the interconnected supply chain are particularly vulnerable to ransomware attacks due to several factors:

• Industrial Control Systems (ICS): Many manufacturing facilities rely on outdated ICS systems. Due to outdated ICS, there are many potential entry points for cybercriminals.
• Interconnected Supply Chains: Modern manufacturing relies on complex, interconnected supply chains, creating more entry points and increasing the value of the ransom demanded.
• High-Value Assets: Manufacturing facilities often house valuable equipment and often house something that can be even more valuable: intellectual property.
• Production Halt: Ransomware attacks shut down production lines, leading to a high cost of downtime while also impacting the supply chain.

Find out more here.

Forescout Technologies
Cybersecurity in Manufacturing: Threats, Trends, and Preparation. (Blog Post)
The manufacturing sector has consistently ranked among the most heavily impacted by ransomware groups, and other threats, such as data breaches. The sector includes a wide range of industries – from automotive and electronics to chemicals and heavy machinery.

In Forescout’s 2024 Threat Roundup, manufacturing ranked fourth among the most targeted critical infrastructure sectors in 2024 – while the number of threat actors increase by 71%. Given this major increase, Forescout has decided to look closer.

Read more the full blog here.

Infosim
GenAI in Network Management. (Blog Post)
Since ChatGPT was introduced at the end of 2022, generative AI (genAI) has gained significant attention. Every day, developers are creating novel and powerful applications and use cases that showcase the potential capabilities of genAI. The technology behind ChatGPT, known as Large Language Models (LLMs), has received significant attention. With the increased availability of information and computing power, numerous new models have emerged. The application possibilities of genAI and LLMs have steadily expanded in recent years. So, it’s no wonder the demand for AI-driven network management with genAI is also growing. Let’s discuss how genAI and LLM can be beneficial to network management and operations.

Find out more here.

Keysight Technologies
Understanding ReNeLLM (Blog Post)
In the rapidly evolving field of AI and LLM security, where researchers and adversaries are constantly pushing boundaries to come up with new attack vectors, a new jailbreak technique known as ReNeLLM is gaining attention. This method employs a multi-layer strategy to fool LLMs by carefully crafting prompts that evade safety mechanisms. In this blog, Keysight discusses how this attack works under the hood by breaking down its two-stage attack methodology and its support in BreakingPoint.

Read more here.

Rapid7
Seeing is Securing: How Surface Command Expands MDR Visibility and Impact. (Blog Post)
Shadow IT, orphaned assets and internet-facing exposures, and unmanaged cloud services are all part of an expanding attack surface. And, according to Enterprise Strategy Group, 76% of organisations have experienced some type of cyberattack involving an unknown or unmanaged internet-facing asset – the kind of risk that stems from gaps in visibility. The result? A critical mismatch between the Attack Surface (what adversaries can reach), and the Detection Surface (what MDR services are configured to see and respond to).

To maximise the effectiveness of security operations, MDR must continually evolve. Read the full blog here.

Logpoint
The Impacket Arsenal: A Deep Dive into Impacket Remote Code Execution Tools. (Blog Post)
In today’s evolving threat landscape, we continually see new threat actors emerge and novel attack techniques surface. To keep pace, defenders must monitor the tactics, techniques and procedures (TTPs) leveraged by these threat actors. A critical part of this understanding comes from analysing the tools attackers use to achieve their objectives.

Find out more here.

Heimdal
Cybersecurity in an Age of Geopolitical Uncertainty: The European Advantage. (Blog Post)
In today’s tumultuous world, trust is just as critical as technology. Geopolitical tensions in 2025 are blurring the lines between allies and adversaries, forcing organisations to rethink whom they trust with their cybersecurity.

The blog post explores how geopolitical uncertainty impacts cybersecurity, the unique value European providers offer, and how Heimdal Security remains a trusted and committed partner for European businesses.

Read more here.

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Enhancing OT/IoT Visibility, Network Visibility and Deep Packet Inspection, Health Industry Cybersecurity Practices, and much more.

KedronUK
Enhancing OT/IoT Visibility with Keysight & Forescout (Webinar)
Join KedronUK, Forescout, and Keysight on Wednesday 21st May at 2pm for an exclusive webinar where we will explore how organisations can achieve a comprehensive OT/IoT visibility and enhance security through cutting-edge solutions.

Register for the webinar here!

BullWall
Health Industry Cybersecurity Practices. (Blog Post)
The health industry continues to evolve rapidly, meaning the digital imprint of the healthcare industry grows daily. Although access to electronic health records (EHRs), telemedicine, and connected medical devices are revolutionising patient care, more patient information is stored in systems that cybercriminals are trying to access illegally.

Many in the health industry are unaware that every connected system is a potential entry point for cybercriminals, making BullWall Ransomware Containment a necessary solution. Even fewer understand the many ways a ransomware attack impacts healthcare organisations.

Find out more here.

Forescout
Rethinking Enterprise Security in IT and OT Systems. (Blog Post)
Every enterprise thinks they know what’s on their network. Until they don’t. When they don’t, security teams are paralysed, compliance efforts stall, and attacks slip through unnoticed.

The root of the issue? A false of visibility in increasingly complex, interconnected environments. Smart factories. Smart medical devices. Self-driving cars. Todays world is becoming more and more intertwined with cyber-physical systems.

Modern IT and OT systems and networks are under siege from a growing flood of alerts, fragmented tools, and unmanaged, specialised devices. Visibility is patchy, alerts are noisy, and security teams are stretched thin.

Read more a here and find out how Forescout uncover and understand everything on your network.

Logpoint
Logpoint’s release: Reduce operational burden and gain efficiency. (Blog Post)
According to the European Union Agency for Cybersecurity’s (ENISA) 2024 report, the industry-wide talent gap continues to challenge security teams, leading to inefficiencies and increased workloads. Recognising these challenges, Logpoint’s latest release is designed to reduce operational burdens, enhance efficiency, and improve security outcomes. With a strong focus on automation, centralised monitoring and centralised management, this release helps SOC teams and MSSPs streamline their workflows, scale their operations and maximise their security investments.

Find out more here.

Rapid7
Why is Ransomware Still a Thing in 2025? (Blog Post)
We all know ransomware is one of the most persistent and damaging threats out there. Yet, this isn’t because it’s new – ransomwares been around since 1989 – but because we are making it far too easy for threat actors.

Ransomware remains a crisis because we are still giving attackers the upper hand. To regain control, we need to understand how we’ve made it so easy for them, and what we can do to change that.

Read more here.

Keysight Technologies
Network Visibility and Deep Packet Inspection (DPI) Deliver Better Threat Detection Together. (Blog Post)
Most modern cybersecurity strategies feature deep packet inspection (DPI) capabilities that help to find and flag potential cyber threats faster. After a quick update on DPI, we’ll see how network visibility makes DPI more powerful and efficient and how you can leverage these capabilities together to keep data safe in the cloud and in the age of AI.

Find out more here.

ExtraHop
A Modern Approach to Network Detection & Response. (Blog Post)
The current cybersecurity environment is characterised by relentless barrage of sophisticated threats, demanding equally sophisticated defences. However, cyberattacks over the last several years have proven time and time again that traditional defences alone cannot defend the modern enterprise.

With security leaders increasingly recognising the dire need to detect and respond to lateral movement throughout their hybrid networks. NDR has reached a crucial stage of maturity: evolve from a promising concept to an adaptable, integrated solution that aligns with the realities of the modern enterprise.

Read more about the Modern NDR approach here.

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Security Thoughts for 2025, Zero Trust Principles, AI- Powered Visibility, and much more.

KedronUK
Security Thoughts for 2025 (Blog Post)
Beyond AI, cybersecurity challenges continue to evolve. Effective vulnerability management requires more than just CVSS scores, and supply chain attacks highlight the need for greater scrutiny of third-party providers. Meanwhile, advancements in quantum computing could reshape encryption and cloud security.

As we navigate 2025, understanding these trends will be key to staying ahead in an increasingly complex digital landscape.

Please see the full blog here!

BullWall
Why Hospital Cybersecurity is More Than Protecting Patient Data. (Blog Post)
Today, hospitals are more than just medical facilities to be referred to for surgery or emergency healthcare needs; they’re complex ecosystems of interconnected services house value patient data.

Though modern medicine and the systems and servers used to store data have allowed quicker and safer patient care, they are also frequent targets of cybercriminals. Since the healthcare industry, especially hospital networks and medical facilities, is a frequent target of cyber-attacks, it is important to have a ransomware resilience tool prior to an attack.

If BullWall Ransomware Containment is in place when a cybercriminal attack happens, the spread will be halted, compromised devices will be instantly isolated, and encryption will be prevented. Find out more here.

Forescout
Zero Trust Principles: Address Asset Visualisation and Classification. (Blog Post)
Forescout has developed a step-by-step approach to realising Zero Trust security. They call it “The Adaptive Approach to Zero Trust Assurance,” and it’s designed to help meet zero trust mandates faster with a simplified transition roadmap. 2024 saw a rise in cyber threats and regulatory pressures. Personal liability for CISOs increased along with the number of audit requirements needed to prove compliance and quantify organisational exposure and risks.
To defend against these threats, organisations that want to be proactive must assume a breach mindset: Acknowledge the inevitability of a breach with active defences that minimize its impact.

It starts by addressing the most critical assets in the business with the principles of Zero Trust. Read more about Zero Trust here.

Infosim
KRITIS, DORA, NIS1 – Knowledge for Network Management. (Blog Post)
In an era of increasing cybersecurity risks and regulatory pressure, network operators must navigate a complex landscape of compliance frameworks. Three key regulations—KRITIS, DORA, and NIS 2—are shaping the future of network management and reporting requirements. While each framework serves a distinct purpose, they share common goals in strengthening resilience, cybersecurity, and operational stability across critical infrastructure. Understanding their differences and similarities is essential for network operators to ensure compliance and optimize their security strategies.

Find out more here.

Rapid7
MDR + SIEM: Why Full Access to Your Security Logs Is Non-Negotiable. (Blog Post)
Many Managed Detection and Response (MDR) providers promise world-class threat detection, but behind the scenes they lock away your security logs, limiting your visibility and control. It’s your data — so why don’t you have full access to it? Isn’t the whole point of security to see everything happening in your environment? Without full access to your own data, you’re left dependent on their tools, their timelines, and their interpretations of security events.

This isn’t just an inconvenience — it’s a risk.

Find out more about pairing MDR with SIEM here.

Keysight Technologies
The Sooner the Better: AI-Powered Visibility Accelerates Threat Detection and IT Operations. (Blog Post)
We expect Artificial intelligence (AI) to speed up processes and drive down costs, and that seems to be what’s happening in cybersecurity. A recent survey found that 1 in 5 organizations now use AI in their cybersecurity practices, and their investments paid high dividends on multiple fronts – like faster threat detection, lower breach costs, and reduced strain on overworked SOC teams.

After a quick update on the role and value of AI, Keysight introduce a new generation of AI-powered network visibility and explain why applying AI earlier in the process helps to find threats faster and give defenders an even greater advantage.

Read more here.

ExtraHop
Malicious Use of RMM: Remote Monitoring and Management. (Blog Post)
Network detection and response (NDR) refers to cybersecurity products that ingest and analyse network traffic to detect malicious activity. Where endpoint detection and response (EDR) tools collect and analyse endpoint data and behavior, network detection and response solutions work off wire data from network packets traversing the east-west and north-south corridors.

According to Gartner®, “Network detection and response (NDR) products detect abnormal system behaviors by applying behavioral analytics to network traffic data. They continuously analyse raw network packets or traffic metadata within internal networks (east-west) and between internal and external networks (north-south).

Find out more about NDR here.