AI for SOC, Where do we stand today ? A quiet revolution is underway in European SOCs. Faced with ever-growing volumes of security events and a persistent shortage of skilled experts, a new generation of AI-powered security tools is emerging, designed to identify correlations that human teams can no longer process alone. AI is not replacing analysts but accelerating and enhancing their…
Artificial Intelligence (AI) has long been perceived as a content generation tool, or more recently as a super search engine. In 2026, this paradigm is evolving profoundly: organizations, both private and public, are no longer simply seeking to produce text…
Nowadays, security efforts primarily focus on web applications, internal infrastructures, Active Directory, and other traditional attack surfaces. Yet with the rise of remote work, employees’ workstations are increasingly exposed to theft. In this context, the main security measure available to…
Post-Quantum Cryptography (PQC) has fueled debates for years, but since the European Commission’s June 2025 communication on the PQC transition roadmap, the acceleration is undeniable. It is no longer a question of “if” but rather “when”, quantum computing will disrupt our cryptographic foundations. As the Wavestone RiskInsight article « Quantum computing and post-quantum cryptography: what strategy should companies adopt to deal with these issues? » reminds us, this subject shifts…
The rise of generative AI and Large Language Models (LLMs) like ChatGPT has disrupted digital practices. More companies choose to deploy applications integrating these language models, but this integration comes with new vulnerabilities, identified by OWASP in its Top 10…
Audits and Red Team assessments led by Wavestone showed a stark imbalance between the maturity of on-premise infrastructure protection and the cloud deployment ones. While on-premise infrastructure are generally well identified, controlled and protected according to proven standards, their cloud…
In a highly interconnected industrial environment, operational performance relies on an extended ecosystem of partners: critical suppliers, system integrators, maintenance providers, software vendors, IT and OT service providers, and others. While this ecosystem is essential to the company’s operations, it also represents one…
It's time to begin the second part of our Zimbra investigation. If you haven't read the first part yet, we strongly recommend starting HERE before continuing.In this second part, we'll assume that an attacker has managed to compromise a Zimbra…
The simplest attacks are often the most effective. In most companies, webmail access portals are exposed on the internet and do not always benefit from sufficient access-control mechanisms. In addition, some messaging services offer extended features that go beyond simple…
Why test generative AI systems? Systems incorporating generative AI are all around us: documentary co-pilots, business assistants, support bots, and code generators. Generative AI is everywhere. And everywhere it goes, it gains new powers. It can access internal databases, perform…
