Feed aggregator

Article URL: https://www.hec.edu/en/dare/innovation-entrepreneurship/tech-startup-culture-not-innovative-founders-may-think

Comments URL: https://news.ycombinator.com/item?id=47049816

Points: 1

# Comments: 0

It's an all-Ligue 1 clash at the Stade Louis II on the Côte d'Azur.

Security operations are entering a pivotal moment: the operating model that grew around network logs and phishing emails is now buckling under tool sprawl, manual triage, and threat actors that outpace defender capacity. New research from Microsoft and Omdia shows just how heavy the burden can be—security operations centers (SOCs) juggle double-digit consoles, teams manually ingest data several times a week, and nearly half of all alerts go uninvestigated. The result is a growing gap between cyberattacker speed and defender capacity. Read State of the SOC—Unify Now or Pay Later to learn how hidden operational pressures impact resilience—compelling evidence to why unification, automation, and AI-powered workflows are quickly becoming non-negotiables for modern SOC performance.

Get the full State of the SOC report The forces pushing modern SOC operations to a breaking point

The report surfaces five specific operational pressures shaping the modern SOC—spanning fragmentation, manual toil, signal overload, business-level risk exposure, and detection bias. Separately, each data point is striking. But taken together, they reveal a more consequential reality: analysts spend their time stitching context across consoles and working through endless queues, while real cyberattacks move in parallel. When investigations stall and alerts go untriaged, missed signals don’t just hurt metrics—they create the conditions for preventable compromises. Let’s take a closer look at each of the five issues:

1. Fragmentation

Fragmented tools and disconnected data force analysts to pivot across an average of 10.9 consoles1 and manually reconstruct context, slowing investigations and increasing the likelihood of missed signals. These gaps compound when only about 59% of tools push data to the security information and event management (SIEM), leaving most SOCs manually ingesting data and operating with incomplete visibility.

Learn more about Microsoft Sentinel, an AI-ready SIEM platform 2. Manual toil

Manual, repetitive data work consumes an outsized share of analyst capacity, with 66% of SOCs losing 20% of their week to aggregation and correlation—an operational drain that delays investigations, suppresses threat hunting, and weakens the SOC’s ability to reduce real risk.

3. Security signal overload

Surging alert volumes bury analysts in noise with an estimated 46% of alerts proving false positives and 42% going uninvestigated, overwhelming capacity, driving fatigue, and increasing the likelihood real cyberthreats slip through unnoticed.

4. Operational gaps

Operational gaps are directly translating into business disrupting incidents, with 91% of security leaders reporting serious events and more than half experiencing five or more in the past year—exposing organizations to financial loss, downtime, and reputational damage.

5. Detection bias

Detection bias keeps SOCs focused on tuning alerts for familiar cyberthreats—52% of positive alerts map to known vulnerabilities—leaving dangerous blind spots for emerging tactics, techniques, and procedures (TTPs). This reactive posture slows proactive threat hunting and weakens readiness for novel attacks even as 75% of security leaders worry the SOC is losing pace with new cyberthreats.

Read the full report for the deeper story, including chief information security officer (CISO)-level takeaways, expanded data, and the complete analysis behind each operational pressure, as well as insights that can help security professionals strengthen their strategy and improve real world SOC outcomes.

What CISOs can do now to strengthen resilience

Security leaders have a clear path to easing today’s operational strain: unify the environment, automate what slows teams down, and elevate identity and endpoint as a single control plane. The shift is already underway as forward-leaning organizations focus on high-impact wins—automating routine lookups, reducing noise, streamlining triage, and eliminating the fragmentation and manual toil that drain analyst capacity. Identity remains the most critical failure point, and leaders increasingly view unified identity to endpoint protection as foundational to reducing exposure and restoring defender agility. And as environments unify, the strength of the underlying graph and data lake becomes essential for connecting signals at scale and accelerating every defender workflow.

Read the State of the SOC report to learn more

As AI matures, leaders are also looking for governable, customizable approaches—not black box automation. They want AI agents they can shape to their environment, integrate deeply with their SIEM, and extend across cloud, identity, and on-premises signals. This mindset reflects a broader operational shift: modern key performance indicators (KPIs) will improve only when tools, workflows, and investigations are unified, and automation frees analysts for higher value work.

The report details a roadmap for CISOs that emphasizes unifying signals, embedding AI into core workflows, and strengthening identity as the primary control point for reducing risk. It shows how leaders can turn operational friction into strategic momentum by consolidating tools, automating routine investigation steps, elevating analysts to higher value work, and preparing their SOCs for a future defined by integrated visibility, adaptive defenses, and AI-assisted decision making.

Chart your path forward

The pressures facing today’s SOCs are real, but the path forward is increasingly clear. As this report shows, organizations that take these steps aren’t just reducing operational friction—they’re building a stronger foundation for rapid detection, decisive response, and long-term readiness. Read State of the SOC—Unify Now or Pay Later for deeper guidance, expanded findings, and a phased roadmap that can help security professionals chart the next era of their SOC evolution.

Learn more about the Microsoft Unified SecOps solution

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

1The study, commissioned by Microsoft, was conducted by Omdia from June 25, 2025, to July 23, 2025. Survey respondents (N=300) included security professionals responsible for SOC operations at mid-market and enterprise organizations (more than 750 employees) across the United States, United Kingdom, and Australia and New Zealand. All statistics included in this post are from the study.

The post Unify now or pay later: New research exposes the operational cost of a fragmented SOC appeared first on Microsoft Security Blog.

It's possible to shorten the duration of a cold. You just have to take the right vitamins and supplements.

Labour proposals to restrict social media use to people aged 16 and under could have unintended consequences for businesses using virtual private networks

The US government is incorporating social media vetting as part of its border control policy, leading to concerns about what data will be collected and how it will be protected

Article URL: https://github.com/dakshjain-1616/Stock-trading-Agent-Swarm---BY-NEO

Comments URL: https://news.ycombinator.com/item?id=47049140

Points: 1

# Comments: 1

Hi HN, I’m an indie dev who is tired of "safety" apps that are actually just glorified spyware. Most parental control services demand you upload your child’s entire digital life (location, history, usage) to their cloud servers. I refuse to accept that safety requires sacrificing privacy to Big Tech.

So I built Emberkin.

It is a Serverless, P2P monitoring tool.

No Cloud Database: The parent's device is the only storage.

No Middleman: Data travels directly from Child to Parent via an encrypted tunnel.

My servers see nothing: I only facilitate the handshake.

The Problem (Why I'm posting): I just finished the mandatory "20 testers for 14 days" on Google Play. Google rejected my production access. Their reason? "Insufficient user engagement." Apparently, a privacy app that runs silently in the background doesn't trigger their "engagement metrics" enough. They want me to restart the 14-day sentence.

I need to prove to Google that real humans are using this, not bots.

The Tech Stack (For the curious):

Architecture: Native Android (Kotlin + Jetpack Compose).

Connectivity: WebRTC Data Channels over NSD (local) and TURN (remote).

Crypto: Custom AES-256-GCM implementation.

Permissions: Accessibility Services (strictly for on-device analysis, no data leaves the tunnel).

The Ask: I’m looking for tech-savvy parents or developers to install the beta and actually use it.

- Pair two devices .

- Send some data through the P2P tunnel.

- Help me generate enough "engagement events" to get this approved.

If you believe children's data belongs in the family, not on a corporate server, please help me out.

Beta Link & Architecture breakdown: https://www.emberkin.app/en/architecture

I’ll be in the comments answering questions about the nightmare of NAT traversal and Android permissions.

Comments URL: https://news.ycombinator.com/item?id=47049133

Points: 1

# Comments: 0

Salut! I built this because I wanted AI agents to interact with real iOS apps — not simulators, not screenshots of mockups, the actual running app on a real phone.

It works by hijacking macOS iPhone Mirroring: the MCP server captures the mirrored screen, runs Apple Vision OCR to find UI elements with tap coordinates, then sends input through a Karabiner DriverKit virtual keyboard/mouse. The AI sees the screen, decides what to tap/type/swipe, and the iPhone responds.

Some interesting technical rabbit holes:

- iOS elements aren't exposed via Accessibility — the mirroring window is a single opaque AXHostingView with zero children. OCR is the only way to read the screen. - Clipboard paste doesn't work programmatically. At all. We tried everything — HID Cmd+V, AX menu automation, AppleScript, CGEvents. The paste bridge lives deep in the Continuity/Handoff stack and requires a physical user gesture. - Input goes through a Karabiner DriverKit extension that presents as a US ANSI keyboard to iOS, regardless of your Mac's keyboard layout.

Limitations I should be upfront about: macOS 15+ only, one phone at a time, no clipboard bridge for paste, and the phone needs to stay unlocked during a session.

It's open source (Apache 2.0): https://github.com/jfarcand/iphone-mirroir-mcp

Properly configure permissions if you use it with OpenClaw ;-)

Comments URL: https://news.ycombinator.com/item?id=47049130

Points: 1

# Comments: 0

Article URL: https://www.science.org/doi/10.1126/science.aec6413

Comments URL: https://news.ycombinator.com/item?id=47049129

Points: 1

# Comments: 0

Article URL: https://phinze.com/writing/level-of-detail

Comments URL: https://news.ycombinator.com/item?id=47049121

Points: 1

# Comments: 0

Article URL: https://github.com/mkopec/linux/tree/hdmi_frl_amd_staging

Comments URL: https://news.ycombinator.com/item?id=47049098

Points: 1

# Comments: 0

Article URL: https://saleae.com/logic-mso

Comments URL: https://news.ycombinator.com/item?id=47049094

Points: 1

# Comments: 0

Article URL: https://www.theregister.com/2026/02/16/semantic_ablation_ai_writing/

Comments URL: https://news.ycombinator.com/item?id=47049088

Points: 1

# Comments: 0

I wrote a parser (runtime and type-level) for WebAssembly Interface Types (https://component-model.bytecodealliance.org/design/wit.html).

const wit = [ "record user { name: string, age: u32 }", "variant api-error { not-found, unauthorized(string) }", "get-user: func(id: u64) -> user;", "create-post: func(author: user, post: post) -> result;", ] as const; type Client = WitClient>; // Client["get-user"]: (id: bigint) => Promise<{ name: string; age: number }> // Client["create-post"]: (author: ...) => Promise<["ok", {...}] | ["err", ["not-found"] | ["unauthorized", string]]> Why did I do this? Good question. I originally did this work as part of this project: https://sdk.kontor.network/. Kontor is a new Bitcoin metaprotocol that uses WITs to define smart contract interfaces.

I carved wit-ts out of the project and removed some domain specific stuff from it, refactored some internals, and extended it to be compatible with a broader subset of the wit specification. Technically there are some valid wit types that would not be handled cleanly here ( e.g. recursive types ).

Tremendous debt is owed to the https://github.com/wevm/abitype project, which does the same thing for Ethereum ABIs and was the direct inspiration for the type-level approach.

Comments URL: https://news.ycombinator.com/item?id=47049085

Points: 1

# Comments: 0

Article URL: https://connordempsey.substack.com/p/where-does-gold-actually-come-from

Comments URL: https://news.ycombinator.com/item?id=47049080

Points: 2

# Comments: 0

I vibe coded this text to speech app in an hour last weekend. It uses the new open weight Qwen models so it's fully local. Supports both instruct and voice cloning.

And since it's built with Electrobun it's only 16MB and uses typescript for the main and browser views.

Comments URL: https://news.ycombinator.com/item?id=47049077

Points: 1

# Comments: 0

Article URL: https://arxiv.org/abs/2602.11865

Comments URL: https://news.ycombinator.com/item?id=47049042

Points: 1

# Comments: 0