Insights that keep you ahead

Exaforce is no longer agentic as of this morning. Our MDR team is overcaffeinated and as ready as possible.

An autonomous AI bot exploited misconfigured CI/CD workflows to steal credentials and compromise repositories. Here's what happened, how it worked, and what to detect.

Resolving effective permissions across SaaS and IaaS is harder than it looks, and essential for accurate blast radius and threat context

AI SOC has changed the math on build vs. buy. Here's why we see some teams pulling SecOps back in-house, while for some, it still makes sense to outsource.

How attackers leveraged trusted services to deploy an AiTM attack that captured credentials and session tokens despite MFA protections.

How AI-powered security platforms detect the insider threats that traditional tools consistently miss, and why context makes all the difference.

The threat model is shifting. Identity, SaaS, and supply chains are the new front line.

2025 year in review reveals what happens inside modern SOCs, from overwhelming cloud telemetry to which alerts deserve human time.

When risky support activity triggers every signal of a real breach, and why identity-centric detection is the only way to get the full details.

How context-aware AI is replacing static thresholds in modern insider threat programs

What hallway conversations and roundtables at re:Invent revealed about real-world cloud security.

Automated, context-aware detection caught a multi-vector Google Workspace account takeover in minutes.

A deep dive into the new variant of Shai-Hulud malware, credential theft techniques, and GitHub Actions abuse targeting modern development pipelines.

Turning Anthropic’s findings on AI-powered cybercrime into practical defense; how an AI-driven SOC detects, investigates, and responds faster.

AI threat hunting only works with a unified, high fidelity security data platform and pipeline.

How attackers can weaponize audit logs for enumeration in AWS, Azure, and GCP environments.

Modern detection goes beyond static rules by understanding the signals that reveal intent, context, and emerging threats.

Demonstrating verified, auditable, and industry-recognised security through HITRUST e1 certification.

How a deterministic, multi-model engine delivers reliable SOC automation outcomes, including real-time triage, fewer false positives, and reduced MSSP/MDR dependence.

From duplicates to attack chains, Exaforce redefines aggregation so analysts see fewer alerts, each with more context and clarity.

Exaforce is honored to be part of AWS’s global program supporting the most promising generative AI startups.

Abusing AWS CloudControl API to stealthily enumerate resources, persist in accounts, and evade detection.

GigaOm compared 19 vendors across key features, emerging features, and business criteria dimensions.

Agentic AI automates GuardDuty playbook steps, shrinking hours of log stitching and identity checks into minutes for faster, consistent response.

How attackers hijacked popular NPM packages to replace crypto wallet addresses and silently redirect funds.

Exploring the risks of Google Apps Script abuse, from cryptomining to stealthy service accounts, and ways to detect misuse.

How Exaforce detected an account takeover attack in a customer’s environment, leveraging our multi-model AI

How the s1ngularity attack exploited Nx packages and how Exaforce verified zero exposure.

An MDR service that uses agentic AI and expert analysts at every stage of the SOC lifecycle, so you get faster response, better coverage, and a SOC that understands your business.

Launching the Exaforce agentic AI SOC platform: full-lifecycle security operations with automated detection, triage, investigation, and response. Empower small teams to create a SOC or enable mature SOCs to scale coverage and speed without increasing headcount

How Exaforce made trust a launch requirement by embedding security and compliance from day one

A look at how AI is changing the SOC triage process from automated false positive classification to clearer handoffs and deeper context for Tier 2 and 3 analysts.

A maturity mapped question framework to benchmark AI SOC platforms on detection, triage, investigation, response, and service quality.

LLMs have the potential to improve SOC processes, but they’re not enough on their own. This blog explores why AI SOCs need pre-processing and a new design to add value.

Discover how Exaforce fuses logs, config & identity into an AI-powered graph that improves on legacy and naive detection techniques.

Practical takeaways and best practices in the aftermath of the KiranaPro breach.

Agentic AI tools for security operations centers promise to enhance—not replace—human analysts, but their true value lies in thoughtful integration, deep context, and rigorous proof-of-concept testing, not hype-driven adoption.

Struggling with alert overload or slow triage? Discover 5 reasons security investigations fail—and how Exaforce uses AI to fix them fast.

This blog examines common cloud security anti-patterns and offers actionable guidance, including practical remediation measures, to continuously monitor, detect, and effectively respond to emerging threats.

Announcing our $75M Series A to fuel our mission

How users can detect, prevent, recover from supply chain threats with Exaforce

Why verifying package origins is crucial for secure JavaScript applications

Analyzing the supply chain attack and steps taken to secure the ecosystem