Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on our latest webinar in collaboration with our newest Partner SenseOn, Strengthening Security and Operational Efficiency, Data Centre Monitoring, and much more.

KedronUK
Rethinking Security Operations: A Smarter Approach Without Traditional SIEM. (Webinar)
Traditional SIEMs are increasingly falling short for modern security teams—too costly, too complex, and generating too much noise. In this refreshed webinar, we’ll explore how AI-driven security operations can deliver SIEM-like outcomes without the overhead.

In our latest webinar, in partnership with SenseOn, we’ll explore how AI-driven security operations can deliver SIEM-like outcomes without the overheads.

Register for the webinar here.

Forescout Technologies
Close Gaps with Forescout & Keysight. (Blog Post)
Security teams face a growing challenge with unknown and unmanaged devices, legacy systems, and specialised IoT and OT assets. Unknown and unmanaged devices often lack inventory records or proper authentication, making them difficult to monitor and secure. Legacy systems run outdated software and lack security controls due to obsolete protocols and weak encryption. And IoT and OT devices weren’t normally built with security in mind. Many OT environments are air-gapped or isolated, so temperature, vibration, and flow sensors may not be inventoried by current systems. Some newer IoT and OT sensors even connect to the cloud, creating new outbound pathways that bypass perimeter controls.

Find out more here.

Infosim
Data Centre Monitoring with StableNet®. (Blog Post)
Data centre monitoring is the continuous process of collecting, analyzing, and interpreting data from critical infrastructure components within a data center. This includes overseeing IT equipment, power systems, environmental factors, and physical security.

The main goal is to keep the data center healthy, efficient, and reliable. It helps teams spot problems early and make smart decisions to avoid downtime.

Modern data centres utilise a combination of automated tools and manual techniques to get a complete view of their operations. This hybrid approach provides the best visibility into how a data center is functioning and what changes might be necessary for optimal performance.

Read more here.

Keysight Technologies
Malicious URLs in LLM Prompts and Responses: A new Vector for Abuse. (Blog Post)
A common feature in the AI agents, such as ChatGPT, Claude, Gemini, and others, is their ability to access and summarise external web content when provided with a web URL. Although this added feature is highly beneficial for tasks like research, staying updated on current events and retrieving useful information from a webpage, it also creates an opportunity for attackers to exploit it.

In this blog, Keysight explores the different ways malicious actors can exploit LLM-based AI agents by injecting malicious or obfuscated URLs – both within the user prompt and as part of the LLM’s generated response.

Read more here.

Rapid7
Speed, Scale and Immediate Action with Agentic AI Workflows for MDR. (Blog Post)
Many aspects of what makes an investigation successful are the best parts of human intelligence: judgment, contextual awareness, and strategic thinking. But the overwhelming demands of the current security landscape — with attacker breakout times now under an hour — narrow the window for these techniques to be applied at scale. But what if you could encode the instincts of an experienced analyst into every investigation and execute at machine speed?

Rapid7’s view of the future of cybersecurity combines deep human expertise with intelligent systems that perceive, reason, and act with autonomy. They’re now proud to introduce agentic AI workflows, powered by the Rapid7 AI Engine: a system that brings structured thinking, deep analysis, and scalable decision-making to every investigation within our next-gen SIEM.

Find out more here.

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on our lastest Partnership with SenseOn, Cybersecurity in Manufacturing, GenAI in Network Management, and much more.

KedronUK
New Partnership with SenseOn! (Press Release)
KedronUK is proud to announce our new partnership with SenseOn, a leader in AI-driven cybersecurity.

As a result of this agreement, we can now offer customers a unified cybersecurity platform that integrates data from existing tools combined with native visibility, delivering actionable intelligence to strengthen their defense and reduce security team’s workload.

Read more about the partnership here.

BullWall
Ransomware in Manufacturing. (Blog Post)
The manufacturing industry is consistently under attack from cyber criminals. Cybercriminals are launching relentless ransomware attacks to shut down factories, stop production lines, and hold the critical infrastructure they gained access to as hostage.

Manufacturing businesses and the interconnected supply chain are particularly vulnerable to ransomware attacks due to several factors:

• Industrial Control Systems (ICS): Many manufacturing facilities rely on outdated ICS systems. Due to outdated ICS, there are many potential entry points for cybercriminals.
• Interconnected Supply Chains: Modern manufacturing relies on complex, interconnected supply chains, creating more entry points and increasing the value of the ransom demanded.
• High-Value Assets: Manufacturing facilities often house valuable equipment and often house something that can be even more valuable: intellectual property.
• Production Halt: Ransomware attacks shut down production lines, leading to a high cost of downtime while also impacting the supply chain.

Find out more here.

Forescout Technologies
Cybersecurity in Manufacturing: Threats, Trends, and Preparation. (Blog Post)
The manufacturing sector has consistently ranked among the most heavily impacted by ransomware groups, and other threats, such as data breaches. The sector includes a wide range of industries – from automotive and electronics to chemicals and heavy machinery.

In Forescout’s 2024 Threat Roundup, manufacturing ranked fourth among the most targeted critical infrastructure sectors in 2024 – while the number of threat actors increase by 71%. Given this major increase, Forescout has decided to look closer.

Read more the full blog here.

Infosim
GenAI in Network Management. (Blog Post)
Since ChatGPT was introduced at the end of 2022, generative AI (genAI) has gained significant attention. Every day, developers are creating novel and powerful applications and use cases that showcase the potential capabilities of genAI. The technology behind ChatGPT, known as Large Language Models (LLMs), has received significant attention. With the increased availability of information and computing power, numerous new models have emerged. The application possibilities of genAI and LLMs have steadily expanded in recent years. So, it’s no wonder the demand for AI-driven network management with genAI is also growing. Let’s discuss how genAI and LLM can be beneficial to network management and operations.

Find out more here.

Keysight Technologies
Understanding ReNeLLM (Blog Post)
In the rapidly evolving field of AI and LLM security, where researchers and adversaries are constantly pushing boundaries to come up with new attack vectors, a new jailbreak technique known as ReNeLLM is gaining attention. This method employs a multi-layer strategy to fool LLMs by carefully crafting prompts that evade safety mechanisms. In this blog, Keysight discusses how this attack works under the hood by breaking down its two-stage attack methodology and its support in BreakingPoint.

Read more here.

Rapid7
Seeing is Securing: How Surface Command Expands MDR Visibility and Impact. (Blog Post)
Shadow IT, orphaned assets and internet-facing exposures, and unmanaged cloud services are all part of an expanding attack surface. And, according to Enterprise Strategy Group, 76% of organisations have experienced some type of cyberattack involving an unknown or unmanaged internet-facing asset – the kind of risk that stems from gaps in visibility. The result? A critical mismatch between the Attack Surface (what adversaries can reach), and the Detection Surface (what MDR services are configured to see and respond to).

To maximise the effectiveness of security operations, MDR must continually evolve. Read the full blog here.

Logpoint
The Impacket Arsenal: A Deep Dive into Impacket Remote Code Execution Tools. (Blog Post)
In today’s evolving threat landscape, we continually see new threat actors emerge and novel attack techniques surface. To keep pace, defenders must monitor the tactics, techniques and procedures (TTPs) leveraged by these threat actors. A critical part of this understanding comes from analysing the tools attackers use to achieve their objectives.

Find out more here.

Heimdal
Cybersecurity in an Age of Geopolitical Uncertainty: The European Advantage. (Blog Post)
In today’s tumultuous world, trust is just as critical as technology. Geopolitical tensions in 2025 are blurring the lines between allies and adversaries, forcing organisations to rethink whom they trust with their cybersecurity.

The blog post explores how geopolitical uncertainty impacts cybersecurity, the unique value European providers offer, and how Heimdal Security remains a trusted and committed partner for European businesses.

Read more here.

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

New Strategic Partnership with Senseon

IT Operations and Cyber Security expert KedronUK has signed a new vendor agreement with AI-driven cybersecurity specialists, Senseon. As a result of this agreement, KedronUK now offers customers a unified cybersecurity platform that integrates data from existing tools combined with native visibility, delivering actionable intelligence to strengthen their defence and reduce security team’s workload with AI-Driven automation.

Cyber criminals are rapidly advancing their attack techniques, while at the same time, enterprise security structures are becoming increasingly complex, in combination, these contribute to a severe talent shortage in the cybersecurity industry. Senseon’s aim is to fix the cybersecurity industry by automating the process of identifying cyber threats and removing the burden of mundane repetitive work for security teams and IT professionals.

Senseon’s comprehensive cybersecurity platform offers:

Unified Cyber Security Platform:

• Extended Detection and Response (XDR): Combining endpoint, network and identity telemetry with data from third-party cloud and SaaS platforms, which provides real-time threat detection, investigation, and response, reducing false positives and mean time to response (MTTR) to under 10 minutes.
• Endpoint Detection and Response (EDR) & Network Detection and Response (NDR): With the aim of enhancing visibility and reducing the need for multiple tools, Senseon merges EDR and NDR capabilities into a single agent, offering AI-Powered threat detection and rapid response across endpoints, networks, and users.

AI-powered Threat Detection:

• Multilayered Threat Detection: Unlike most EDRs, Senseon links endpoint process to network interactions, providing unmatched context and eliminating threat blind spots.
• Attack Path Correlation: AI Triangulation technology correlates detections into emerging attack paths, meaning investigation times are shortened by having all the data and context with a single view and record.
• Automated Triage: AI Triangulation automatically assesses trust and risk for every detection, down scoring likely false positives unique to the customers environment.

Why KedronUK Partnered with Senseon

Many organisations have deployed a SIEM (among other security tools) but now find they are struggling with the costs of ingesting relevant data and operating the platform. Noise is also an ongoing issue, as even specialists in SOC teams are fighting a constant battle to prioritise and investigate events. For organisations without a dedicated SOC and a small IT team, this becomes an even bigger challenge when that team are also responsible for BAU activities and new projects.

Merging EDR and NDR into a single platform provides a wealth of information, reducing time to investigate threats. This is further enhanced with the Senseon AI engine which provides context to threats, assisting less experience staff to understand what has occurred. Along with saving time, organisations can also reduce costs in other areas such as tool consolidation and lower SIEM costs.

Finally, we believe Senseon’s managed service will be an attractive option to both small and large enterprises who want to elevate their security monitoring to a 24x7x365 basis. Managed XDR usually carries a considerable price premium, but Senseon’s use of AI sees the gap between the two service tiers greatly narrowed.

Phil Swainson, Head of Technology at KedronUK says: “Partnering with Senseon aligns perfectly with our mission to provide clients with the most advanced and effective analytics solutions available. Senseon’s unified platform simplifies complex security environments and delivers intelligent threat detection across the enterprise – a capability our clients will immediately benefit from.”

“Senseon has appointed KedronUK as a strategic partner to address a key challenge for customers: the unpredictability of security costs and return on investment” states Dave Atkinson, CEO and Founder of Senseon. “Both organisations recognise the substantial potential of this partnership. By collaborating closely, we aim to deliver solutions that provide greater transparency and predictability in security investments, ultimately enabling our customers to have increased and enhance protection in an evolving threat landscape.”

To find out more about Senseon please Contact us or get in contact with our sales team through sales@kedronuk.com. 

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

Catch up on our latest webinar, in partnership with Keysight Technologies & Forescout Technologies, where we explore how organisations can achieve comprehensive OT/IoT Visibility and enhance security through cutting-edge solutions.

What was discussed? 

1. Chris Booth, Solution Architect at KedronUK sets the scene for OT / IoT security challenges. 

2. Luc Alptuna Director EMEA & APAC Business Development at Keysight Technologies discusses how Keysight can enhance Forescouts capabilities by providing actionable insights and network visibility to secure your infrastructure. 

3. Hassan El Karhani, Field Technology Officer at Forescout Technologies touches on how they can deliver real-time asset visibility and enfore Zero Trust principles in Operational Technology (OT) and Internet of Things (IoT) environments.

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Enhancing OT/IoT Visibility, Network Visibility and Deep Packet Inspection, Health Industry Cybersecurity Practices, and much more.

KedronUK
Enhancing OT/IoT Visibility with Keysight & Forescout (Webinar)
Join KedronUK, Forescout, and Keysight on Wednesday 21st May at 2pm for an exclusive webinar where we will explore how organisations can achieve a comprehensive OT/IoT visibility and enhance security through cutting-edge solutions.

Register for the webinar here!

BullWall
Health Industry Cybersecurity Practices. (Blog Post)
The health industry continues to evolve rapidly, meaning the digital imprint of the healthcare industry grows daily. Although access to electronic health records (EHRs), telemedicine, and connected medical devices are revolutionising patient care, more patient information is stored in systems that cybercriminals are trying to access illegally.

Many in the health industry are unaware that every connected system is a potential entry point for cybercriminals, making BullWall Ransomware Containment a necessary solution. Even fewer understand the many ways a ransomware attack impacts healthcare organisations.

Find out more here.

Forescout
Rethinking Enterprise Security in IT and OT Systems. (Blog Post)
Every enterprise thinks they know what’s on their network. Until they don’t. When they don’t, security teams are paralysed, compliance efforts stall, and attacks slip through unnoticed.

The root of the issue? A false of visibility in increasingly complex, interconnected environments. Smart factories. Smart medical devices. Self-driving cars. Todays world is becoming more and more intertwined with cyber-physical systems.

Modern IT and OT systems and networks are under siege from a growing flood of alerts, fragmented tools, and unmanaged, specialised devices. Visibility is patchy, alerts are noisy, and security teams are stretched thin.

Read more a here and find out how Forescout uncover and understand everything on your network.

Logpoint
Logpoint’s release: Reduce operational burden and gain efficiency. (Blog Post)
According to the European Union Agency for Cybersecurity’s (ENISA) 2024 report, the industry-wide talent gap continues to challenge security teams, leading to inefficiencies and increased workloads. Recognising these challenges, Logpoint’s latest release is designed to reduce operational burdens, enhance efficiency, and improve security outcomes. With a strong focus on automation, centralised monitoring and centralised management, this release helps SOC teams and MSSPs streamline their workflows, scale their operations and maximise their security investments.

Find out more here.

Rapid7
Why is Ransomware Still a Thing in 2025? (Blog Post)
We all know ransomware is one of the most persistent and damaging threats out there. Yet, this isn’t because it’s new – ransomwares been around since 1989 – but because we are making it far too easy for threat actors.

Ransomware remains a crisis because we are still giving attackers the upper hand. To regain control, we need to understand how we’ve made it so easy for them, and what we can do to change that.

Read more here.

Keysight Technologies
Network Visibility and Deep Packet Inspection (DPI) Deliver Better Threat Detection Together. (Blog Post)
Most modern cybersecurity strategies feature deep packet inspection (DPI) capabilities that help to find and flag potential cyber threats faster. After a quick update on DPI, we’ll see how network visibility makes DPI more powerful and efficient and how you can leverage these capabilities together to keep data safe in the cloud and in the age of AI.

Find out more here.

ExtraHop
A Modern Approach to Network Detection & Response. (Blog Post)
The current cybersecurity environment is characterised by relentless barrage of sophisticated threats, demanding equally sophisticated defences. However, cyberattacks over the last several years have proven time and time again that traditional defences alone cannot defend the modern enterprise.

With security leaders increasingly recognising the dire need to detect and respond to lateral movement throughout their hybrid networks. NDR has reached a crucial stage of maturity: evolve from a promising concept to an adaptable, integrated solution that aligns with the realities of the modern enterprise.

Read more about the Modern NDR approach here.

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

Throughout this blog post, we have put together some of the latest industry insights from us and our vendors in KedronUK’s monthly Techbrief! This month we share with you information on Security Thoughts for 2025, Zero Trust Principles, AI- Powered Visibility, and much more.

KedronUK
Security Thoughts for 2025 (Blog Post)
Beyond AI, cybersecurity challenges continue to evolve. Effective vulnerability management requires more than just CVSS scores, and supply chain attacks highlight the need for greater scrutiny of third-party providers. Meanwhile, advancements in quantum computing could reshape encryption and cloud security.

As we navigate 2025, understanding these trends will be key to staying ahead in an increasingly complex digital landscape.

Please see the full blog here!

BullWall
Why Hospital Cybersecurity is More Than Protecting Patient Data. (Blog Post)
Today, hospitals are more than just medical facilities to be referred to for surgery or emergency healthcare needs; they’re complex ecosystems of interconnected services house value patient data.

Though modern medicine and the systems and servers used to store data have allowed quicker and safer patient care, they are also frequent targets of cybercriminals. Since the healthcare industry, especially hospital networks and medical facilities, is a frequent target of cyber-attacks, it is important to have a ransomware resilience tool prior to an attack.

If BullWall Ransomware Containment is in place when a cybercriminal attack happens, the spread will be halted, compromised devices will be instantly isolated, and encryption will be prevented. Find out more here.

Forescout
Zero Trust Principles: Address Asset Visualisation and Classification. (Blog Post)
Forescout has developed a step-by-step approach to realising Zero Trust security. They call it “The Adaptive Approach to Zero Trust Assurance,” and it’s designed to help meet zero trust mandates faster with a simplified transition roadmap. 2024 saw a rise in cyber threats and regulatory pressures. Personal liability for CISOs increased along with the number of audit requirements needed to prove compliance and quantify organisational exposure and risks.
To defend against these threats, organisations that want to be proactive must assume a breach mindset: Acknowledge the inevitability of a breach with active defences that minimize its impact.

It starts by addressing the most critical assets in the business with the principles of Zero Trust. Read more about Zero Trust here.

Infosim
KRITIS, DORA, NIS1 – Knowledge for Network Management. (Blog Post)
In an era of increasing cybersecurity risks and regulatory pressure, network operators must navigate a complex landscape of compliance frameworks. Three key regulations—KRITIS, DORA, and NIS 2—are shaping the future of network management and reporting requirements. While each framework serves a distinct purpose, they share common goals in strengthening resilience, cybersecurity, and operational stability across critical infrastructure. Understanding their differences and similarities is essential for network operators to ensure compliance and optimize their security strategies.

Find out more here.

Rapid7
MDR + SIEM: Why Full Access to Your Security Logs Is Non-Negotiable. (Blog Post)
Many Managed Detection and Response (MDR) providers promise world-class threat detection, but behind the scenes they lock away your security logs, limiting your visibility and control. It’s your data — so why don’t you have full access to it? Isn’t the whole point of security to see everything happening in your environment? Without full access to your own data, you’re left dependent on their tools, their timelines, and their interpretations of security events.

This isn’t just an inconvenience — it’s a risk.

Find out more about pairing MDR with SIEM here.

Keysight Technologies
The Sooner the Better: AI-Powered Visibility Accelerates Threat Detection and IT Operations. (Blog Post)
We expect Artificial intelligence (AI) to speed up processes and drive down costs, and that seems to be what’s happening in cybersecurity. A recent survey found that 1 in 5 organizations now use AI in their cybersecurity practices, and their investments paid high dividends on multiple fronts – like faster threat detection, lower breach costs, and reduced strain on overworked SOC teams.

After a quick update on the role and value of AI, Keysight introduce a new generation of AI-powered network visibility and explain why applying AI earlier in the process helps to find threats faster and give defenders an even greater advantage.

Read more here.

ExtraHop
Malicious Use of RMM: Remote Monitoring and Management. (Blog Post)
Network detection and response (NDR) refers to cybersecurity products that ingest and analyse network traffic to detect malicious activity. Where endpoint detection and response (EDR) tools collect and analyse endpoint data and behavior, network detection and response solutions work off wire data from network packets traversing the east-west and north-south corridors.

According to Gartner®, “Network detection and response (NDR) products detect abnormal system behaviors by applying behavioral analytics to network traffic data. They continuously analyse raw network packets or traffic metadata within internal networks (east-west) and between internal and external networks (north-south).

Find out more about NDR here.

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL