Purple Teaming has become a key practice for organizations looking to assess and improve their detection and response capabilities. By bringing together offensive and defensive teams, Purple Team exercises help validate security controls, identify detection gaps, and strengthen incident response…
As highlighted in our previous article, Electric vehicle charging infrastructures: Energy performance and new cybersecurity challenges, charge point operators (CPOs) operate within a demanding business model, where profitability depends on their ability to drive recurring usage of their networks. In this context, user experience becomes a key…
1. AI is no longer a fantasy, it's a reality that IAM must not miss Two years ago, we asked whether artificial intelligence (AI) could represent a revolution for IAM in our article “Artificial intelligence: a revolution in IAM? -…
Against a backdrop of heightened geopolitical tensions, recent years have been marked by an upsurge in cyber threats, illustrated by the strengthening of attackers’ capabilities, the diversification of their tactics and even the enhancement of their operations thanks to artificial…
CERT-Wavestone handles cybersecurity incidents of all types and magnitudes, from investigating a single suspicious workstation to large-scale overnight ransomware outbreaks. After 10 years of forensics investigations and crisis management at Wavestone, one thing stands out: attackers are more sophisticated than…
The rise of AI agents is redefining enterprise security Artificial intelligence has now become a structuring lever for companies: 70%¹ have already placed it at the heart of their strategy. So far, most deployments relied on conversational assistants capable…
In 2025, ransomware attacks remained a persistent threat and increasingly targeted backup systems (21% of attacks targeted backups in 2021, compared with 90% in 2025 [1] ). Protecting backups, now also subject to strengthened regulatory requirements such as NIS 2, has therefore…
The rise of generative AI and Large Language Models (LLMs) like ChatGPT has disrupted digital practices. More companies choose to deploy applications integrating these language models, but this integration comes with new vulnerabilities, identified by OWASP in its Top 10…
Audits and Red Team assessments led by Wavestone showed a stark imbalance between the maturity of on-premise infrastructure protection and the cloud deployment ones. While on-premise infrastructure are generally well identified, controlled and protected according to proven standards, their cloud…
Why test generative AI systems? Systems incorporating generative AI are all around us: documentary co-pilots, business assistants, support bots, and code generators. Generative AI is everywhere. And everywhere it goes, it gains new powers. It can access internal databases, perform…
