CERT-Wavestone handles cybersecurity incidents of all types and magnitudes, from investigating a single suspicious workstation to large-scale overnight ransomware outbreaks. After 10 years of forensics investigations and crisis management at Wavestone, one thing stands out: attackers are more sophisticated than…
The rise of AI agents is redefining enterprise security Artificial intelligence has now become a structuring lever for companies: 70%¹ have already placed it at the heart of their strategy. So far, most deployments relied on conversational assistants capable…
AI is now embedded across a growing range of offensive security workflows. The most visible shift is the rise of services that apply large language models and agentic orchestration to autonomous testing activity. Some vendors have been present for years,…
In 2025, ransomware attacks remained a persistent threat and increasingly targeted backup systems (21% of attacks targeted backups in 2021, compared with 90% in 2025 [1] ). Protecting backups, now also subject to strengthened regulatory requirements such as NIS 2, has therefore…
In 2026, Active Directory remains at the heart of the now hybrid identity infrastructure of most large companies and is still widely used as an on-premises identity provider, even when organisations migrate to the cloud. Wavestone incident response teams note that 38% of attacks begin with…
Subscription hijacking is a cloud attack first identified on Microsoft Azure: it consists of an attacker successfully transferring an Azure subscription from its original Azure organization to an organization under malicious control. This attack allows the attacker to take full…
Classifying an industrial system is a first step; making that classification operational in the field is another matter altogether. This is precisely where version 2.0 of the guide “Industrial Systems Cybersecurity – Detailed Measures”, published on November 27, 2025, positions itself: translating cybersecurity classes into…
The Quantum Threat Is Becoming Clearer Quantum computing poses a serious threat to today’s asymmetric cryptography and is expected to render widely used algorithms such as RSA and ECC obsolete. By contrast, symmetric cryptography (such as AES) and hash functions, maintaining an equivalent level of security…
AI for SOC, Where do we stand today ? A quiet revolution is underway in European SOCs. Faced with ever-growing volumes of security events and a persistent shortage of skilled experts, a new generation of AI-powered security tools is emerging, designed to identify correlations that human teams can no longer process alone. AI is not replacing analysts but accelerating and enhancing their…
Artificial Intelligence (AI) has long been perceived as a content generation tool, or more recently as a super search engine. In 2026, this paradigm is evolving profoundly: organizations, both private and public, are no longer simply seeking to produce text…
