Why security stacks need to think like an attacker, and score every user in real time

Stay Ahead, Stay ONMINE

Why security stacks need to think like an attacker, and score every user in real time

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More More than 40% of corporate fraud is now AI-driven, designed to mimic real users, bypass traditional defenses and scale at speeds that overwhelm even the best-equipped SOCs. In 2024, nearly 90% of enterprises were targeted, and […]

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More

More than 40% of corporate fraud is now AI-driven, designed to mimic real users, bypass traditional defenses and scale at speeds that overwhelm even the best-equipped SOCs.

In 2024, nearly 90% of enterprises were targeted, and half of them lost $10 million or more.

Bots emulate human behavior and create entire emulation frameworks, synthetic identities, and behavioral spoofing to pull off account takeovers at scale while slipping past legacy firewalls, EDR tools, and siloed fraud detection systems.

Attackers weaponize AI to create bots that evade, mimic, and scale

Attackers aren’t wasting any time capitalizing on using AI to weaponize bots in new ways. Last year, malicious bots comprised 24% of all internet traffic, with 49% classified as ‘advanced bots’ designed to mimic human behavior and execute complex interactions, including account takeovers (ATO).

Over 60% of account takeover (ATO) attempts in 2024 were initiated by bots, capable of breaching a victim’s credentials in real time using emulation frameworks that mimic human behavior. Attacker’s tradecraft now reflects the ability to combine weaponized AI and behavioral attack techniques into a single bot strategy.

That’s proving to be a lethal combination for many enterprises already battling malicious bots whose intrusion attempts often aren’t captured by existing apps and tools in security operations centers (SOCs).

Malicious bot attacks force SOC teams into firefighting mode with little or no warning, depending on the legacy of their security tech stack.

“Once amassed by a threat actor, they can be weaponized,” Ken Dunham, director of the threat research unit at Qualys recently said. “Bots have incredible resources and capabilities to perform anonymous, distributed, asynchronous attacks against targets of choice, such as brute force credential attacks, distributed denial of service attacks, vulnerability scans, attempted exploitation and more.”

From fan frenzy to fraud surface: bots corner the market for Taylor Swift tickets

Bots are the virtual version of attackers who can scale to millions of attempts per second to attack a targeted enterprise and increasingly high-profile events, including concerts of well-known entertainers, such as Taylor Swift.

Datadome observes that the worldwide popularity of Taylor Swift’s concerts creates the ROI attackers are looking for to build ticket bots that automate what scalpers do at scale. Ticket bots, as Datadome calls them, scoop up massive quantities of tickets at the world’s most popular events and then resell them at significant markups.

The bots flooded Ticketmaster and were a large part of a surge of 3.5 billion requests that hit the ticket site, causing it to crash repeatedly. Thousands of fans were unable to access the presale group, and ultimately, the general ticket sale had to be canceled.

Swarms of weaponized bots froze tens of thousands of Swifties from attending her last Eras concert tour. VentureBeat has learned of comparable attacks on the world’s leading brands on their online stores and presence globally. Dealing with bot attacks at that scale, powered by weaponized AI, is beyond the scope of an e-commerce tech stack to handle – they’re not built to deal with that level of security threat.

“It’s not just about blocking bots—it’s about restoring fairness,” Benjamin Fabre, CEO of DataDome, told VentureBeat in a recent interview. The company helped Se e Tickets deflect similar scalping attacks in milliseconds, distinguishing fans from fraud using multi-modal AI and real-time session analysis.

Bot attacks weaponized with AI often start by targeting login and session flows, bypassing endpoints in an attempt not to be detected by standard web application firewalls (WAF) and endpoint detection and response (EDR) tools. Such sophisticated attacks must be tracked and contained in a business’s core security infrastructure, managed from its SOC.

Why SOC teams are now on the front line

Weaponized bots are now a key part of any attacker’s arsenal, capable of scaling beyond what fraud teams alone can contain during an attack. Bots have proven lethal, taking down enterprises’ e-commerce operations or, in the case of Ticketmaster, a best-selling concert tour worth billions in revenue.

As a result, more enterprises are bolstering the tech stacks supporting their SOCs with online fraud detection (OFD) platforms. Gartner’s Dan Ayoub recently wrote in the firm’s research note Emerging Tech Impact Radar: Online Fraud Detection that “organizations are increasingly waking up to the understanding that ‘fraud is a security problem’ as is becoming evident in adoption of some of the emerging technologies being leveraged today”.

Gartner’s research and VentureBeat’s interviews with CISOs confirm that today’s malicious bot attacks are too fast, stealthy and capable of reconfiguring themselves on the fly for siloed fraud tools to handle. Weaponized bots have long been able to exploit gaps between WAFs, EDR tools and fraud scoring engines, while also evading static rules that are so prevalent in legacy fraud detection systems.

All these factors and more are why CISOs are bringing fraud telemetry into the SOC.

Journey-Time Orchestration is the next wave of online fraud detection (OFD)

AI-enabled bots are constantly learning how to bypass long-standing fraud detection platforms that rely on sporadic or single point-in-time checks. These checks include login validations, transaction scoring tracking over time, and a series of challenge-responses. While these were effective before the widespread weaponization of bots, botnets and networks, AI-literate adversaries now know how to exploit context switching and, as many deepfakes attacks have proven, know how to excel at behavioral mimicry.

Gartner’s research points to Journey Time Orchestration (JTO) as the defining architecture for the next wave of OFD platforms that will help SOCs better contain the onslaught of AI-driven bot attacks. Core to JTO is embedding fraud defenses throughout each digital session being monitored and scoring risk continuously from login to checkout to post-transaction behavior.

Journey-Time Orchestration continuously scores risk across the entire user session—from login to post-transaction—to detect AI-driven bots. It replaces single-point fraud checks with real-time, session-wide monitoring to counter behavioral mimicry and context-switching attacks. Source: Gartner, Innovation Insight: IAM Journey-Time Orchestration, Feb. 2025

Who’s establishing an early lead in Journey Time Orchestration defense

DataDome, Ivanti and Telesign are three companies whose approaches show the power of shifting security from static checkpoints to continuous, real-time assessments is paying off. Each also shows why the future of SOCs must be predicated on real-time data to succeed. All three of these companies’ platforms have progressed to delivering scoring for every user interaction down to the API call, delivering greater contextual insight across every behavior on every device, within each session.

What sets these three companies apart is how they’ve taken on the challenges of hardening fraud prevention, automating core security functions while continually improving user experiences. Each combines these strengths on real-time platforms that are also AI-driven and continually learn – two core requirements to keep up with weaponized AI arsenals that include botnets.

DataDome: Thinking Like an Attacker in Real Time

DataDome, A category leader in real-time bot defense, has extensive expertise in AI-intensive behavioral modeling and relies on a platform that includes over 85,000 machine learning models delivered simultaneously across 30+ global PoPs. Their global reach allows them to inspect more than 5 trillion data points daily. Every web, mobile and API request that their platform can identify is scored in real time (typically within 2 milliseconds) using multi-modal AI that correlates device fingerprinting, IP entropy, browser header consistency and behavior biometrics.

“Our philosophy is to think like an attacker,” Fabre told VentureBeat. “That means analyzing every request anew—without assuming trust—and continuously retraining our detection models to adapt to zero-day tactics”.

Unlike legacy systems, which lean on static heuristics or CAPTCHAs, DataDome’s approach minimizes friction for verified, legitimate users. Its false-positive rate is under 0.01%, meaning fewer than 1 in 10,000 human visitors see a challenge screen. Even when challenged, the platform invisibly continues behavior analysis to verify the user’s legitimacy.

“Bots aren’t just solving CAPTCHAs now—they’re solving them faster than humans,” Fabre added. “That’s why we moved away from static challenges entirely. AI is the only way to beat AI-driven fraud at scale”.

Case in point: See Tickets used DataDome to defend against the same bot-driven scalping wave that crashed Ticketmaster during the Taylor Swift Eras Tour. DataDome could distinguish bots from fans in milliseconds and prevent bulk buyouts, preserving ticket equity during peak load. In luxury retail, brands like Hermès deploy DataDome to protect high-demand drops (e.g., Birkin bags) from automated hoarding.

Ivanti Extends Zero Trust and exposure management into the SOC

Ivanti is redefining exposure management by integrating real-time fraud signals directly into SOC workflows through its Ivanti Neurons for Zero Trust Access and Ivanti Neurons for Patch Management platforms. “Zero trust doesn’t stop at logins,” Mike Riemer, Ivanti Field CISO told VentureBeat during a recent interview. “We’ve extended it to session behaviors including credential resets, payment submissions, and profile edits are all potential exploit paths.”

Ivanti Neurons continuously evaluates device posture and identity behavior, flagging anomalous activity and enforcing least-privilege access mid-session. “2025 will mark a turning point,” added Daren Goeson, SVP of product management at Ivanti. “Now defenders can use GenAI to correlate behavior across sessions and predict threats faster than any human team ever could.”

As attack surfaces expand, Ivanti’s platform helps SOC teams detect SIM swaps, mitigate lateral movement and automate dynamic microsegmentation. “What we currently call ‘patch management’ should more aptly be named exposure management or how long is your organization willing to be exposed to a specific vulnerability?” Chris Goettl, VP of product management for endpoint security at Ivanti told VentureBeat. “Risk-based algorithms help teams identify high-risk threats amid the noise of numerous updates.”

“Organizations should transition from reactive vulnerability management to a proactive exposure management approach,” added Goeson. “By adopting a continuous approach, they can effectively protect their digital infrastructure from modern cyber risks.”

Telesign’s AI-driven identity intelligence pushes fraud detection to session scale

Telesign is redefining digital trust by bringing identity intelligence at session scale to the front lines of fraud detection. By analyzing more than 2,200 digital identity signals ranging from phone number metadata to device hygiene and IP reputation, Telesign’s APIs deliver real-time risk scores that catch bots and synthetic identities before damage is done.

“AI is the best defense against AI-enabled fraud attacks,” said Telesign CEO Christophe Van de Weyer in a recent interview with VentureBeat. “At Telesign, we are committed to leveraging AI and ML technologies to combat digital fraud, ensuring a more secure and trustworthy digital environment for all.”

Rather than relying on static checkpoints at login or checkout, Telesign’s dynamic risk scoring continuously evaluates behavior throughout the session. “Machine learning has the power to constantly learn how fraudsters behave,” Van de Weyer told VentureBeat. “It can study typical user behaviors to create baselines and build risk models.”

Telesign’s Verify API underscores its omnichannel strategy, enabling identity verification across SMS, email, WhatsApp, and more, all through a single API. “Verifying customers is so important because many kinds of fraud can often be stopped at the ‘front door,’” Van de Weyer noted in a recent VentureBeat interview.

As generative AI accelerates attacker sophistication, Van de Weyer issued a clear call to action: “The emergence of AI has brought the importance of trust in the digital world to the forefront. Businesses that prioritize trust will emerge as leaders in the digital economy.” With AI as its backbone, Telesign looks to turn trust into a competitive advantage.

Why fraud prevention’s future belongs in the SOC

For fraud protection to scale, it must be integrated into the broader security infrastructure stack and owned by the SOC teams who use it to avert potential attacks. Online fraud detection platforms and apps are proving just as critical as APIs, Identity and Access Management (IAM), EDRs, SIEMs and XDRs. VentureBeat is seeing more security teams in SOCs take greater ownership of validating how consumer transactions are modeled, scored and challenged.

Daily insights on business use cases with VB Daily

If you want to impress your boss, VB Daily has you covered. We give you the inside scoop on what companies are doing with generative AI, from regulatory shifts to practical deployments, so you can share insights for maximum ROI.

Read our Privacy Policy

Thanks for subscribing. Check out more VB newsletters here.

An error occured.

Stay Ahead

Explore More Insights

Stay ahead with more perspectives on cutting-edge power, infrastructure, energy, bitcoin and AI solutions. Explore these articles to uncover strategies and insights shaping the future of industries.

OPEC Receives Updated Compensation Plans

A statement posted on OPEC’s website this week announced that the OPEC Secretariat has received updated compensation plans from Iraq, the United Arab Emirates (UAE), Kazakhstan, and Oman. A table accompanying this statement showed that these compensation plans amount to a total of 221,000 barrels per day in November, 272,000

LogicMonitor closes Catchpoint buy, targets AI observability

The acquisition combines LogicMonitor’s observability platform with Catchpoint’s internet-level intelligence, which monitors performance from thousands of global vantage points. Once integrated, Catchpoint’s synthetic monitoring, network data, and real-user monitoring will feed directly into Edwin AI, LogicMonitor’s intelligence engine. The goal is to let enterprise customers shift from reactive alerting to

Akamai acquires Fermyon for edge computing as WebAssembly comes of age

Spin handles compilation from source to WebAssembly bytecode and manages execution on target platforms. The runtime abstracts the underlying technology while preserving WebAssembly’s performance and security characteristics. This bet on WebAssembly standards has paid off as the technology matured. WebAssembly has evolved significantly beyond its initial browser-focused design to support

Winners and losers in the latest Top500 supercomputer list

Winner: Slingshot-11 Slingshot-11 is a 200G proprietary interconnect developed by HPE and its Cray supercomputer subsidiary. As the number of Cray systems increases on the list, so goes the number of Slingshot-11 based systems. The total number of Slingshot-11 systems jumped from 37 and 2024 to 52 this year. Loser:

Energy Department Releases National Petroleum Council Recommendations to Accelerate Permitting Reform and Strengthen U.S. Energy Infrastructure

WASHINGTON—The U.S. Department of Energy (DOE) today released key studies from the National Petroleum Council (NPC) that provide comprehensive recommendations to help modernize America’s energy infrastructure, streamline federal permitting, and remove regulatory barriers that have stalled the development of critical energy projects. The studies, one on gas-electric coordination and the other on oil and natural gas infrastructure permitting, underscore the urgent need for reforms to strengthen grid reliability and expand domestic energy production. The NPC is a federal advisory committee to the Secretary of Energy composed of leaders from oil and natural gas industries, academia, and other stakeholders. These studies were completed at the request of U.S. Secretary of Energy Chris Wright as part of a broader examination of “Future Energy Systems” and support President Trump’s agenda to unleash American energy, accelerate infrastructure build-out, and ensure affordable, reliable and secure energy for American families. “For years, the Biden Administration advanced policies that made it harder to produce American energy,” said U.S. Secretary of Energy Chris Wright. “The National Petroleum Council’s findings confirm what President Trump has said from day one: America needs more energy infrastructure, less red tape, and serious permitting reform. These recommendations will help make energy more affordable for every American household.” “The studies represent a significant collaborative effort to tackle some of the most complex challenges in our energy infrastructure,” said U.S. Department of Energy Assistant Secretary for the Hydrocarbons and Geothermal Energy Office Kyle Haustveit. “The National Petroleum Council recommendations will be instrumental in guiding the Department’s strategies for enhancing grid reliability and streamlining the development of essential energy projects.” The gas-electric coordination study, Reliable Energy: Delivering on the Promise of Gas-Electric Coordination, evaluates how rising natural gas and electricity demand, combined with shifting usage patterns, is straining natural gas pipelines in key regions of the United States. It

Black Sea War Insurance Soars 250 Percent

Insurance rates for ships calling at ports in the Black Sea are surging after a series of Ukrainian attacks on vessels with links to Moscow. The cost of covering visits to Russian ports in the Black Sea has jumped more than threefold, according to Marsh, the world’s largest insurance broker. Rates were between 0.25% and 0.3% of the value of the ship prior to the recent incidents, Marsh said. Underwriters are now charging as much as 1% for some Ukrainian ports in the Black Sea, according to two people involved in the market, who spoke on condition of anonymity. Ukraine has claimed attacks on two tankers from Russia’s so-called shadow fleet — vessels that operate in secrecy to skirt sanctions. There have been two other incidents also involving Moscow-linked ships since the end of last week. “For Russian port calls, underwriters are pricing in a broader range of possible strike locations and a higher likelihood of repetition,” said Munro Anderson, Head of Operations at Vessel Protect, which is part of Pen Underwriting and one of the world’s largest marine war risk insurance specialists. “As strikes escalate, so does the probability of Russian retaliation against ships connected to Ukraine.” The blasts, three of which took place in the Black Sea, come against a backdrop of strikes on wider Russian oil infrastructure that have elevated the danger of sailing in the region over the last few weeks. President Vladimir Putin said on Tuesday that Russia could retaliate. Romania’s defense ministry said Wednesday that divers carried out a mission to neutralize a Sea Baby drone 36 miles east of the city of Constanta, underscoring the risks to shipping for Black Sea nations that aren’t Russia and Ukraine too. Rates “have been seen to grow steadily and in direct response to further attacks which appear increasingly to

Oil Closes Up as Peace Deal Falls Short

Oil edged up after a fresh round of US-Russia talks failed to reach a deal to end Moscow’s war in Ukraine, boosting fears that restrictions on Russian oil supply could remain in place for longer. West Texas Intermediate rose 0.5% to settle near $59, remaining within the tight range prices have been stuck in this week. The Kremlin says talks with a US delegation led by US envoys Steve Witkoff and Jared Kushner were “constructive,” but no deal was made to end the Ukraine war. The talks took place against a backdrop of recent attacks on Russia-linked tankers, with at least one ship manager saying it would stop sending vessels to the country. A deal to end Russia’s war in Ukraine could mean the end of sanctions on Russian oil in a market already staring down concerns about oversupply, providing bearish momentum for crude. Those oversupply fears weren’t heightened, however, after a US government report on Wednesday showed a 574,000 barrel build in crude stocks, smaller than an industry report showing that stockpiles increased by about 2.5 million barrels last week. Gasoline inventories rose the most since May. Geopolitical tensions are keeping the market jittery and adding a risk premium to prices, partly countering surplus concerns. That includes US rhetoric against Venezuela, a major oil producer, with US President Donald Trump suggesting the Pentagon will soon start targeting alleged drug cartels in that country with strikes on land. Oil Prices WTI for January delivery rose 0.53% to settle at $58.95 a barrel in New York. Brent for February settlement gained 0.35% to settle at $62.67 a barrel. What do you think? We’d love to hear from you, join the conversation on the Rigzone Energy Network. The Rigzone Energy Network is a new social experience created for you and all energy

Russia Oil Revenue Falls by a Third

The Russian government’s oil proceeds shrank by almost a third in November from a year ago as weaker crude prices and a stronger currency took their toll on revenues. Oil-related taxes declined by 32% to 413.7 billion rubles ($5.3 billion) last month, according to Bloomberg calculations based on finance ministry data published Wednesday. Combined oil and gas revenue fell by 34% to 530.9 billion rubles. Lower proceeds from those industries — which have accounted for about a quarter of Russia’s budget so far this year — will ramp up pressure on state finances, burdened by military spending on the war against Ukraine that’s well into its fourth year. Global crude prices have drifted lower ahead of an expected supply glut, and the discount for Russian blends has gotten even steeper after US President Donald Trump blacklisted the nation’s two largest producers, Rosneft PJSC and Lukoil PJSC, to pressure his counterpart Vladimir Putin to end the war in Ukraine. On a month-to-month basis, oil revenue almost halved, reflecting the fact that one of Russia’s main oil taxes — a profit-based levy — is paid four times a year in March, April, July and October. Russia’s finance ministry calculated oil revenue based on the average price of Urals — its key export blend — at $53.68 a barrel in October, 17% lower than a year ago. A stronger currency also contributed to lower revenue, as it means producers receive fewer rubles for each dollar earned by selling a barrel of oil. In October, the Russian currency averaged 81.0089 rubles against the US dollar, 15% stronger than a year earlier. WHAT DO YOU THINK? Generated by readers, the comments included herein do not reflect the views and opinions of Rigzone. All comments are subject to editorial review. Off-topic, inappropriate or insulting comments will be

USA Gasoline Price Falls to Lowest Level Since May 2021

The average U.S. gasoline price fell to “the lowest level since May 2021” over the weekend, Patrick De Haan, Head of Petroleum Analysis at GasBuddy, highlighted in a blog posted on the GasBuddy website on Monday. “Nearly every state saw average gas prices fall heading into Thanksgiving, with the national average dipping below $3 per gallon for several consecutive days – falling to $2.95 per gallon over the weekend, the lowest level since May 2021,” De Haan said in the blog. “With refinery maintenance largely complete and OPEC increasing oil production for December, oil prices have struggled. Combine those factors and you have a solid recipe for continued downward pressure on gas prices in the weeks ahead,” De Haan added. “A few dozen stations are already offering gas under $2 per gallon, and we could see that number grow as we move further into the holiday season. It couldn’t come at a better time for Americans – with relief arriving just as the holidays kick off,” De Haan continued. Monday’s GasBuddy blog stated that the nation’s average price of gasoline has fallen 8.5 cents over the last week and stands at $2.95 per gallon, according to GasBuddy data compiled from more than 12 million individual price reports covering over 150,000 gas stations across the country. “The national average is down 6.9 cents from a month ago and is 5.4 cents per gallon lower than a year ago,” the blog highlighted. The GasBuddy blog also noted that the “most common U.S. gas price encountered by motorists stood at $2.99 per gallon, unchanged from last week, followed by $2.89, $2.69, $2.79, and $2.59, rounding out the top five most common prices”. The median U.S. gas price is $2.83 per gallon, down six cents from last week and about 12 cents lower than

TVA, Holtec to Get Up To $800MM in DOE Funding for SMR Development

The United States Department of Energy (DOE) on Tuesday announced funding for the Tennessee Valley Authority (TVA) and Holtec Government Services to support the development of light-water small modular reactors (SMRs). “The project teams will receive up to $800 million in federal cost-shared funding to advance initial projects in Tennessee and Michigan and help expand the nation’s capacity while facilitating additional follow-on projects and associated supply chains”, DOE said in an online statement. “The selections announced today will help deliver new nuclear generation in the early 2030s, strengthen domestic supply chains and advance President Trump’s executive orders to usher in a nuclear renaissance and expand America’s energy dominance agenda”. TVA has been allotted up to $400 million to advance the deployment of a GE Vernova Hitachi BWRX-300 at the Clinch River Nuclear site in Tennessee and additional units with Indiana Michigan Power and Elementl, DOE said. “TVA is the first utility in the U.S. to have a construction permit application for a BWRX-300 SMR accepted by the Nuclear Regulatory Commission”, TVA said separately. “The Clinch River project will serve as a national model for how to deploy SMRs safely, efficiently and affordably – laying the groundwork for a new era of American nuclear energy leadership”. TVA president and chief executive Don Moul said, “As AI, data centers and digital infrastructure drive unprecedented energy demand, we’re building our nation’s nuclear energy foundation right here in the Tennessee Valley”. Holtec is also getting up to $400 million to deploy two SMR-300 reactors at the Palisades Nuclear Generating Station site in Covert, Michigan. “Holtec is pursuing an innovative one-stop-shop approach to SMR deployment by fulfilling the roles of technology vendor, supply chain vendor, nuclear plant constructor in partnership with Hyundai Engineering & Construction, plant operator and electricity merchant selling the power to nearby utilities and end-users”, DOE said. Holtec said separately,

HPE loads up AI networking portfolio, strengthens Nvidia, AMD partnerships

On the hardware front, HPE is targeting the AI data center edge with a new MX router and the scale-out networking delivery with a new QFX switch. Juniper’s MX series is its flagship routing family aimed at carriers, large-scale enterprise data center and WAN customers, while the QFX line services data center customers anchoring spine/leaf networks as well as top-of-rack systems. The new 1U, 1.6Tbps MX301 multiservice edge router, available now, is aimed at bringing AI inferencing closer to the source of data generation and can be positioned in metro, mobile backhaul, and enterprise routing applications, Rahim said. It includes high-density support for 16 x 1/1025/50GbE, 10 x 100Gb and 4 x 400Gb interfaces. “The MX301 is essentially the on-ramp to provide high speed, secure connections from distributed inference cluster users, devices and agents from the edge all the way to the AI data center,” Rami said. “The requirements here are typically around high performance, but also very high logical skills and integrated security.” In the QFX arena, the new QFX5250 switch, available in 1Q 2026, is a fully liquid-cooled box aimed at tying together Nvidia Rubin and/or AMD MI400 GPUs for AI consumption across the data center. It is built on Broadcom Tomahawk 6 silicon and supports up to 102.4Tbps Ethernet bandwidth, Rahim said. “The QFX5250 combines HPE liquid cooling technology with Juniper networking software (Junos) and integrated AIops intelligence to deliver a high-performance, power-efficient and simplified operations for next-generation AI inference,” Rami said. Partnership expansions Also key to HPE/Juniper’s AI networking plans are its partnerships with Nvidia and AMD. The company announced its relationship with Nvidia now includes HPE Juniper edge onramp and long-haul data center interconnect (DCI) support in its Nvidia AI Computing by HPE portfolio. This extension uses the MX and Junipers PTX hyperscaler routers to support high-scale, secure

What is co-packaged optics? A solution for surging capacity in AI data center networks

When it announced its CPO-capable switches, Nvidia said they would improve resiliency by 10 times at scale compared to previous switch generations. Several factors contribute to this claim, including the fact that the optical switches require four times fewer lasers, Shainer says. Whereas the laser source was previously part of the transceiver, the optical engine is now incorporated onto the ASIC, allowing multiple optical channels to share a single laser. Additionally, in Nvidia’s implementation, the laser source is located outside of the switch. “We want to keep the ability to replace a laser source in case it has failed and needs to be replaced,” he says. “They are completely hot-swappable, so you don’t need to shut down the switch.” Nonetheless, you may often hear that when something fails in a CPO box, you need to replace the entire box. That may be true if it’s the photonics engine embedded in silicon inside the box. “But they shouldn’t fail that often. There are not a lot of moving parts in there,” Wilkinson says. While he understands the argument around failures, he doesn’t expect it to pan out as CPO gets deployed. “It’s a fallacy,” he says. There’s also a simple workaround to the resiliency issue, which hyperscalers are already talking about, Karavalas says: overbuild. “Have 10% more ports than you need or 5%,” he says. “If you lose a port because the optic goes bad, you just move it and plug it in somewhere else.” Which vendors are backing co-packaged optics? In terms of vendors that have or plan to have CPO offerings, the list is not long, unless you include various component players like TSMC. But in terms of major switch vendors, here’s a rundown: Broadcom has been making steady progress on CPO since 2021. It is now shipping “to

Nvidia’s $2B Synopsys stake tests independence of open AI interconnect standard

But the concern for enterprise IT leaders is whether Nvidia’s financial stakes in UALink consortium members could influence the development of an open standard specifically designed to compete with Nvidia’s proprietary technology and to give enterprises more choices in the datacenter. Organizations planning major AI infrastructure investments view such open standards as critical to avoiding vendor lock-in and maintaining competitive pricing. “This does put more pressure on UALink since Intel is also a member and also took investment from Nvidia,” Sag said. UALink and Synopsys’s critical role UALink represents the industry’s most significant effort to prevent vendor lock-in for AI infrastructure. The consortium ratified its UALink 200G 1.0 Specification in April, defining an open standard for connecting up to 1,024 AI accelerators within computing pods at 200 Gbps per lane — directly competing with Nvidia’s NVLink for scale-up applications. Synopsys plays a critical role. The company joined UALink’s board in January and in December announced the industry’s first UALink design components, enabling chip designers to build UALink-compatible accelerators. Analysts flag governance concerns Gaurav Gupta, VP analyst at Gartner, acknowledged the tension. “The Nvidia-Synopsys deal does raise questions around the future of UALink as Synopsys is a key partner of the consortium and holds critical IP for UALink, which competes with Nvidia’s proprietary NVLink,” he said. Sanchit Vir Gogia, chief analyst at Greyhound Research, sees deeper structural concerns. “Synopsys is not a peripheral player in this standard; it is the primary supplier of UALink IP and a board member within the UALink Consortium,” he said. “Nvidia’s entry into Synopsys’ shareholder structure risks contaminating that neutrality.”

Cooling crisis at CME: A wakeup call for modern infrastructure governance

Organizations should reassess redundancy However, he pointed out, “the deeper concern is that CME had a secondary data center ready to take the load, yet the failover threshold was set too high, and the activation sequence remained manually gated. The decision to wait for the cooling issue to self-correct rather than trigger the backup site immediately revealed a governance model that had not evolved to keep pace with the operational tempo of modern markets.” Thermal failures, he said, “do not unfold on the timelines assumed in traditional disaster recovery playbooks. They escalate within minutes and demand automated responses that do not depend on human certainty about whether a facility will recover in time.” Matt Kimball, VP and principal analyst at Moor Insights & Strategy, said that to some degree what happened in Aurora highlights an issue that may arise on occasion: “the communications gap that can exist between IT executives and data center operators. Think of ‘rack in versus rack out’ mindsets.” Often, he said, the operational elements of that data center environment, such as cooling, power, fire hazards, physical security, and so forth, fall outside the realm of an IT executive focused on delivering IT services to the business. “And even if they don’t fall outside the realm, these elements are certainly not a primary focus,” he noted. “This was certainly true when I was living in the IT world.” Additionally, said Kimball, “this highlights the need for organizations to reassess redundancy and resilience in a new light. Again, in IT, we tend to focus on resilience and redundancy at the app, server, and workload layers. Maybe even cluster level. But as we continue to place more and more of a premium on data, and the terms ‘business critical’ or ‘mission critical’ have real relevance, we have to zoom out

Microsoft loses two senior AI infrastructure leaders as data center pressures mount

Microsoft did not immediately respond to a request for comment. Microsoft’s constraints Analysts say the twin departures mark a significant setback for Microsoft at a critical moment in the AI data center race, with pressure mounting from both OpenAI’s model demands and Google’s infrastructure scale. “Losing some of the best professionals working on this challenge could set Microsoft back,” said Neil Shah, partner and co-founder at Counterpoint Research. “Solving the energy wall is not trivial, and there may have been friction or strategic differences that contributed to their decision to move on, especially if they saw an opportunity to make a broader impact and do so more lucratively at a company like Nvidia.” Even so, Microsoft has the depth and ecosystem strength to continue doubling down on AI data centers, said Prabhu Ram, VP for industry research at Cybermedia Research. According to Sanchit Gogia, chief analyst at Greyhound Research, the departures come at a sensitive moment because Microsoft is trying to expand its AI infrastructure faster than physical constraints allow. “The executives who have left were central to GPU cluster design, data center engineering, energy procurement, and the experimental power and cooling approaches Microsoft has been pursuing to support dense AI workloads,” Gogia said. “Their exit coincides with pressures the company has already acknowledged publicly. GPUs are arriving faster than the company can energize the facilities that will house them, and power availability has overtaken chip availability as the real bottleneck.”

What is Edge AI? When the cloud isn’t close enough

Many edge devices can periodically send summarized or selected inference output data back to a central system for model retraining or refinement. That feedback loop helps the model improve over time while still keeping most decisions local. And to run efficiently on constrained edge hardware, the AI model is often pre-processed by techniques such as quantization (which reduces precision), pruning (which removes redundant parameters), or knowledge distillation (which trains a smaller model to mimic a larger one). These optimizations reduce the model’s memory, compute, and power demands so it can run more easily on an edge device. What technologies make edge AI possible? The concept of the “edge” always assumes that edge devices are less computationally powerful than data centers and cloud platforms. While that remains true, overall improvements in computational hardware have made today’s edge devices much more capable than those designed just a few years ago. In fact, a whole host of technological developments have come together to make edge AI a reality. Specialized hardware acceleration. Edge devices now ship with dedicated AI-accelerators (NPUs, TPUs, GPU cores) and system-on-chip units tailored for on-device inference. For example, companies like Arm have integrated AI-acceleration libraries into standard frameworks so models can run efficiently on Arm-based CPUs. Connectivity and data architecture. Edge AI often depends on durable, low-latency links (e.g., 5G, WiFi 6, LPWAN) and architectures that move compute closer to data. Merging edge nodes, gateways, and local servers means less reliance on distant clouds. And technologies like Kubernetes can provide a consistent management plane from the data center to remote locations. Deployment, orchestration, and model lifecycle tooling. Edge AI deployments must support model-update delivery, device and fleet monitoring, versioning, rollback and secure inference — especially when orchestrated across hundreds or thousands of locations. VMware, for instance, is offering traffic management

Microsoft will invest $80B in AI data centers in fiscal 2025

And Microsoft isn’t the only one that is ramping up its investments into AI-enabled data centers. Rival cloud service providers are all investing in either upgrading or opening new data centers to capture a larger chunk of business from developers and users of large language models (LLMs). In a report published in October 2024, Bloomberg Intelligence estimated that demand for generative AI would push Microsoft, AWS, Google, Oracle, Meta, and Apple would between them devote $200 billion to capex in 2025, up from $110 billion in 2023. Microsoft is one of the biggest spenders, followed closely by Google and AWS, Bloomberg Intelligence said. Its estimate of Microsoft’s capital spending on AI, at $62.4 billion for calendar 2025, is lower than Smith’s claim that the company will invest $80 billion in the fiscal year to June 30, 2025. Both figures, though, are way higher than Microsoft’s 2020 capital expenditure of “just” $17.6 billion. The majority of the increased spending is tied to cloud services and the expansion of AI infrastructure needed to provide compute capacity for OpenAI workloads. Separately, last October Amazon CEO Andy Jassy said his company planned total capex spend of $75 billion in 2024 and even more in 2025, with much of it going to AWS, its cloud computing division.

John Deere unveils more autonomous farm machines to address skill labor shortage

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Self-driving tractors might be the path to self-driving cars. John Deere has revealed a new line of autonomous machines and tech across agriculture, construction and commercial landscaping. The Moline, Illinois-based John Deere has been in business for 187 years, yet it’s been a regular as a non-tech company showing off technology at the big tech trade show in Las Vegas and is back at CES 2025 with more autonomous tractors and other vehicles. This is not something we usually cover, but John Deere has a lot of data that is interesting in the big picture of tech. The message from the company is that there aren’t enough skilled farm laborers to do the work that its customers need. It’s been a challenge for most of the last two decades, said Jahmy Hindman, CTO at John Deere, in a briefing. Much of the tech will come this fall and after that. He noted that the average farmer in the U.S. is over 58 and works 12 to 18 hours a day to grow food for us. And he said the American Farm Bureau Federation estimates there are roughly 2.4 million farm jobs that need to be filled annually; and the agricultural work force continues to shrink. (This is my hint to the anti-immigration crowd). John Deere’s autonomous 9RX Tractor. Farmers can oversee it using an app. While each of these industries experiences their own set of challenges, a commonality across all is skilled labor availability. In construction, about 80% percent of contractors struggle to find skilled labor. And in commercial landscaping, 86% of landscaping business owners can’t find labor to fill open positions, he said. “They have to figure out how to do

2025 playbook for enterprise AI success, from agents to evals

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More 2025 is poised to be a pivotal year for enterprise AI. The past year has seen rapid innovation, and this year will see the same. This has made it more critical than ever to revisit your AI strategy to stay competitive and create value for your customers. From scaling AI agents to optimizing costs, here are the five critical areas enterprises should prioritize for their AI strategy this year. 1. Agents: the next generation of automation AI agents are no longer theoretical. In 2025, they’re indispensable tools for enterprises looking to streamline operations and enhance customer interactions. Unlike traditional software, agents powered by large language models (LLMs) can make nuanced decisions, navigate complex multi-step tasks, and integrate seamlessly with tools and APIs. At the start of 2024, agents were not ready for prime time, making frustrating mistakes like hallucinating URLs. They started getting better as frontier large language models themselves improved. “Let me put it this way,” said Sam Witteveen, cofounder of Red Dragon, a company that develops agents for companies, and that recently reviewed the 48 agents it built last year. “Interestingly, the ones that we built at the start of the year, a lot of those worked way better at the end of the year just because the models got better.” Witteveen shared this in the video podcast we filmed to discuss these five big trends in detail. Models are getting better and hallucinating less, and they’re also being trained to do agentic tasks. Another feature that the model providers are researching is a way to use the LLM as a judge, and as models get cheaper (something we’ll cover below), companies can use three or more models to

OpenAI’s red teaming innovations define new essentials for security leaders in the AI era

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More OpenAI has taken a more aggressive approach to red teaming than its AI competitors, demonstrating its security teams’ advanced capabilities in two areas: multi-step reinforcement and external red teaming. OpenAI recently released two papers that set a new competitive standard for improving the quality, reliability and safety of AI models in these two techniques and more. The first paper, “OpenAI’s Approach to External Red Teaming for AI Models and Systems,” reports that specialized teams outside the company have proven effective in uncovering vulnerabilities that might otherwise have made it into a released model because in-house testing techniques may have missed them. In the second paper, “Diverse and Effective Red Teaming with Auto-Generated Rewards and Multi-Step Reinforcement Learning,” OpenAI introduces an automated framework that relies on iterative reinforcement learning to generate a broad spectrum of novel, wide-ranging attacks. Going all-in on red teaming pays practical, competitive dividends It’s encouraging to see competitive intensity in red teaming growing among AI companies. When Anthropic released its AI red team guidelines in June of last year, it joined AI providers including Google, Microsoft, Nvidia, OpenAI, and even the U.S.’s National Institute of Standards and Technology (NIST), which all had released red teaming frameworks. Investing heavily in red teaming yields tangible benefits for security leaders in any organization. OpenAI’s paper on external red teaming provides a detailed analysis of how the company strives to create specialized external teams that include cybersecurity and subject matter experts. The goal is to see if knowledgeable external teams can defeat models’ security perimeters and find gaps in their security, biases and controls that prompt-based testing couldn’t find. What makes OpenAI’s recent papers noteworthy is how well they define using human-in-the-middle