2d ago · 4 min read · NIST Just Launched an AI Agent Standards Initiative. Your Monitoring Isn't Ready. In February 2026, NIST's Center for AI Standards and Innovation (CAISI) announced the AI Agent Standards Initiative. The goal: ensure autonomous AI agents can be deploy...
Join discussion6d ago · 8 min read · On March 7, 2026, Heather Wishart-Smith wrote in Forbes that agentic AI is changing the security model for enterprise systems. That framing is correct, but it still sounds smaller than the actual shift. Traditional enterprise security assumed a simpl...
Join discussion
Feb 15 · 10 min read · Testing AI-written software products works best when you treat the generated code as “helpful but untrusted,” then build a repeatable test pipeline that proves correctness, safety, and stability over time. The practical goal is not to confirm that th...
Join discussion
Feb 11 · 3 min read · In this article, we’ll break down what NIST RMF is, why it matters, and how GRC analysts actually use it in real organizations. What Is NIST RMF? NIST RMF (Risk Management Framework) is a framework developed by the National Institute of Standards an...
Join discussionJan 26 · 4 min read · Before reading this article, you may want to start with my guide on the CIA Triad, which explains the core principles of cybersecurity. If you want to become a GRC (Governance, Risk, and Compliance) Analyst, understanding the NIST Cybersecurity Frame...
Join discussionDec 10, 2025 · 2 min read · If you’ve ever wondered how organizations protect themselves from cyberattacks, the answer often starts with a trusted guide — the NIST Cybersecurity Framework (CSF).Created by the U.S. National Institute of Standards and Technology, this framework i...
Join discussion
Oct 2, 2025 · 2 min read · NIST CSF = National Institute of Standards and Technology CyberSecurity Framework É um framework de Segurança da Informação Foi criada nos EUA Tem foco de reduzir ataques cibernéticos Protege ativos críticos Cria um ambiente resiliente -> permiti...
Join discussion
Sep 19, 2025 · 5 min read · Hey everyone, and welcome back to The CyberFreshy Files! If you've been following my journey, you know I've been sharing the technical side of my new role as an Information Security Specialist. We've talked about tackling ISRAs, analyzing the evolvin...
Join discussion
Jul 24, 2025 · 4 min read · If I were to build a security policy for my company, I would start with the email security policy. Emails can sometimes be a company’s most vulnerable entry, as seen in Project Aurora by Google, Ubiquiti Networks, Save the Children, the City of Saska...
Join discussion