Why security stacks need to think like an attacker, and score every user in real time

Stay Ahead, Stay ONMINE

Why security stacks need to think like an attacker, and score every user in real time

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More More than 40% of corporate fraud is now AI-driven, designed to mimic real users, bypass traditional defenses and scale at speeds that overwhelm even the best-equipped SOCs. In 2024, nearly 90% of enterprises were targeted, and […]

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More

More than 40% of corporate fraud is now AI-driven, designed to mimic real users, bypass traditional defenses and scale at speeds that overwhelm even the best-equipped SOCs.

In 2024, nearly 90% of enterprises were targeted, and half of them lost $10 million or more.

Bots emulate human behavior and create entire emulation frameworks, synthetic identities, and behavioral spoofing to pull off account takeovers at scale while slipping past legacy firewalls, EDR tools, and siloed fraud detection systems.

Attackers weaponize AI to create bots that evade, mimic, and scale

Attackers aren’t wasting any time capitalizing on using AI to weaponize bots in new ways. Last year, malicious bots comprised 24% of all internet traffic, with 49% classified as ‘advanced bots’ designed to mimic human behavior and execute complex interactions, including account takeovers (ATO).

Over 60% of account takeover (ATO) attempts in 2024 were initiated by bots, capable of breaching a victim’s credentials in real time using emulation frameworks that mimic human behavior. Attacker’s tradecraft now reflects the ability to combine weaponized AI and behavioral attack techniques into a single bot strategy.

That’s proving to be a lethal combination for many enterprises already battling malicious bots whose intrusion attempts often aren’t captured by existing apps and tools in security operations centers (SOCs).

Malicious bot attacks force SOC teams into firefighting mode with little or no warning, depending on the legacy of their security tech stack.

“Once amassed by a threat actor, they can be weaponized,” Ken Dunham, director of the threat research unit at Qualys recently said. “Bots have incredible resources and capabilities to perform anonymous, distributed, asynchronous attacks against targets of choice, such as brute force credential attacks, distributed denial of service attacks, vulnerability scans, attempted exploitation and more.”

From fan frenzy to fraud surface: bots corner the market for Taylor Swift tickets

Bots are the virtual version of attackers who can scale to millions of attempts per second to attack a targeted enterprise and increasingly high-profile events, including concerts of well-known entertainers, such as Taylor Swift.

Datadome observes that the worldwide popularity of Taylor Swift’s concerts creates the ROI attackers are looking for to build ticket bots that automate what scalpers do at scale. Ticket bots, as Datadome calls them, scoop up massive quantities of tickets at the world’s most popular events and then resell them at significant markups.

The bots flooded Ticketmaster and were a large part of a surge of 3.5 billion requests that hit the ticket site, causing it to crash repeatedly. Thousands of fans were unable to access the presale group, and ultimately, the general ticket sale had to be canceled.

Swarms of weaponized bots froze tens of thousands of Swifties from attending her last Eras concert tour. VentureBeat has learned of comparable attacks on the world’s leading brands on their online stores and presence globally. Dealing with bot attacks at that scale, powered by weaponized AI, is beyond the scope of an e-commerce tech stack to handle – they’re not built to deal with that level of security threat.

“It’s not just about blocking bots—it’s about restoring fairness,” Benjamin Fabre, CEO of DataDome, told VentureBeat in a recent interview. The company helped Se e Tickets deflect similar scalping attacks in milliseconds, distinguishing fans from fraud using multi-modal AI and real-time session analysis.

Bot attacks weaponized with AI often start by targeting login and session flows, bypassing endpoints in an attempt not to be detected by standard web application firewalls (WAF) and endpoint detection and response (EDR) tools. Such sophisticated attacks must be tracked and contained in a business’s core security infrastructure, managed from its SOC.

Why SOC teams are now on the front line

Weaponized bots are now a key part of any attacker’s arsenal, capable of scaling beyond what fraud teams alone can contain during an attack. Bots have proven lethal, taking down enterprises’ e-commerce operations or, in the case of Ticketmaster, a best-selling concert tour worth billions in revenue.

As a result, more enterprises are bolstering the tech stacks supporting their SOCs with online fraud detection (OFD) platforms. Gartner’s Dan Ayoub recently wrote in the firm’s research note Emerging Tech Impact Radar: Online Fraud Detection that “organizations are increasingly waking up to the understanding that ‘fraud is a security problem’ as is becoming evident in adoption of some of the emerging technologies being leveraged today”.

Gartner’s research and VentureBeat’s interviews with CISOs confirm that today’s malicious bot attacks are too fast, stealthy and capable of reconfiguring themselves on the fly for siloed fraud tools to handle. Weaponized bots have long been able to exploit gaps between WAFs, EDR tools and fraud scoring engines, while also evading static rules that are so prevalent in legacy fraud detection systems.

All these factors and more are why CISOs are bringing fraud telemetry into the SOC.

Journey-Time Orchestration is the next wave of online fraud detection (OFD)

AI-enabled bots are constantly learning how to bypass long-standing fraud detection platforms that rely on sporadic or single point-in-time checks. These checks include login validations, transaction scoring tracking over time, and a series of challenge-responses. While these were effective before the widespread weaponization of bots, botnets and networks, AI-literate adversaries now know how to exploit context switching and, as many deepfakes attacks have proven, know how to excel at behavioral mimicry.

Gartner’s research points to Journey Time Orchestration (JTO) as the defining architecture for the next wave of OFD platforms that will help SOCs better contain the onslaught of AI-driven bot attacks. Core to JTO is embedding fraud defenses throughout each digital session being monitored and scoring risk continuously from login to checkout to post-transaction behavior.

Journey-Time Orchestration continuously scores risk across the entire user session—from login to post-transaction—to detect AI-driven bots. It replaces single-point fraud checks with real-time, session-wide monitoring to counter behavioral mimicry and context-switching attacks. Source: Gartner, Innovation Insight: IAM Journey-Time Orchestration, Feb. 2025

Who’s establishing an early lead in Journey Time Orchestration defense

DataDome, Ivanti and Telesign are three companies whose approaches show the power of shifting security from static checkpoints to continuous, real-time assessments is paying off. Each also shows why the future of SOCs must be predicated on real-time data to succeed. All three of these companies’ platforms have progressed to delivering scoring for every user interaction down to the API call, delivering greater contextual insight across every behavior on every device, within each session.

What sets these three companies apart is how they’ve taken on the challenges of hardening fraud prevention, automating core security functions while continually improving user experiences. Each combines these strengths on real-time platforms that are also AI-driven and continually learn – two core requirements to keep up with weaponized AI arsenals that include botnets.

DataDome: Thinking Like an Attacker in Real Time

DataDome, A category leader in real-time bot defense, has extensive expertise in AI-intensive behavioral modeling and relies on a platform that includes over 85,000 machine learning models delivered simultaneously across 30+ global PoPs. Their global reach allows them to inspect more than 5 trillion data points daily. Every web, mobile and API request that their platform can identify is scored in real time (typically within 2 milliseconds) using multi-modal AI that correlates device fingerprinting, IP entropy, browser header consistency and behavior biometrics.

“Our philosophy is to think like an attacker,” Fabre told VentureBeat. “That means analyzing every request anew—without assuming trust—and continuously retraining our detection models to adapt to zero-day tactics”.

Unlike legacy systems, which lean on static heuristics or CAPTCHAs, DataDome’s approach minimizes friction for verified, legitimate users. Its false-positive rate is under 0.01%, meaning fewer than 1 in 10,000 human visitors see a challenge screen. Even when challenged, the platform invisibly continues behavior analysis to verify the user’s legitimacy.

“Bots aren’t just solving CAPTCHAs now—they’re solving them faster than humans,” Fabre added. “That’s why we moved away from static challenges entirely. AI is the only way to beat AI-driven fraud at scale”.

Case in point: See Tickets used DataDome to defend against the same bot-driven scalping wave that crashed Ticketmaster during the Taylor Swift Eras Tour. DataDome could distinguish bots from fans in milliseconds and prevent bulk buyouts, preserving ticket equity during peak load. In luxury retail, brands like Hermès deploy DataDome to protect high-demand drops (e.g., Birkin bags) from automated hoarding.

Ivanti Extends Zero Trust and exposure management into the SOC

Ivanti is redefining exposure management by integrating real-time fraud signals directly into SOC workflows through its Ivanti Neurons for Zero Trust Access and Ivanti Neurons for Patch Management platforms. “Zero trust doesn’t stop at logins,” Mike Riemer, Ivanti Field CISO told VentureBeat during a recent interview. “We’ve extended it to session behaviors including credential resets, payment submissions, and profile edits are all potential exploit paths.”

Ivanti Neurons continuously evaluates device posture and identity behavior, flagging anomalous activity and enforcing least-privilege access mid-session. “2025 will mark a turning point,” added Daren Goeson, SVP of product management at Ivanti. “Now defenders can use GenAI to correlate behavior across sessions and predict threats faster than any human team ever could.”

As attack surfaces expand, Ivanti’s platform helps SOC teams detect SIM swaps, mitigate lateral movement and automate dynamic microsegmentation. “What we currently call ‘patch management’ should more aptly be named exposure management or how long is your organization willing to be exposed to a specific vulnerability?” Chris Goettl, VP of product management for endpoint security at Ivanti told VentureBeat. “Risk-based algorithms help teams identify high-risk threats amid the noise of numerous updates.”

“Organizations should transition from reactive vulnerability management to a proactive exposure management approach,” added Goeson. “By adopting a continuous approach, they can effectively protect their digital infrastructure from modern cyber risks.”

Telesign’s AI-driven identity intelligence pushes fraud detection to session scale

Telesign is redefining digital trust by bringing identity intelligence at session scale to the front lines of fraud detection. By analyzing more than 2,200 digital identity signals ranging from phone number metadata to device hygiene and IP reputation, Telesign’s APIs deliver real-time risk scores that catch bots and synthetic identities before damage is done.

“AI is the best defense against AI-enabled fraud attacks,” said Telesign CEO Christophe Van de Weyer in a recent interview with VentureBeat. “At Telesign, we are committed to leveraging AI and ML technologies to combat digital fraud, ensuring a more secure and trustworthy digital environment for all.”

Rather than relying on static checkpoints at login or checkout, Telesign’s dynamic risk scoring continuously evaluates behavior throughout the session. “Machine learning has the power to constantly learn how fraudsters behave,” Van de Weyer told VentureBeat. “It can study typical user behaviors to create baselines and build risk models.”

Telesign’s Verify API underscores its omnichannel strategy, enabling identity verification across SMS, email, WhatsApp, and more, all through a single API. “Verifying customers is so important because many kinds of fraud can often be stopped at the ‘front door,’” Van de Weyer noted in a recent VentureBeat interview.

As generative AI accelerates attacker sophistication, Van de Weyer issued a clear call to action: “The emergence of AI has brought the importance of trust in the digital world to the forefront. Businesses that prioritize trust will emerge as leaders in the digital economy.” With AI as its backbone, Telesign looks to turn trust into a competitive advantage.

Why fraud prevention’s future belongs in the SOC

For fraud protection to scale, it must be integrated into the broader security infrastructure stack and owned by the SOC teams who use it to avert potential attacks. Online fraud detection platforms and apps are proving just as critical as APIs, Identity and Access Management (IAM), EDRs, SIEMs and XDRs. VentureBeat is seeing more security teams in SOCs take greater ownership of validating how consumer transactions are modeled, scored and challenged.

Daily insights on business use cases with VB Daily

If you want to impress your boss, VB Daily has you covered. We give you the inside scoop on what companies are doing with generative AI, from regulatory shifts to practical deployments, so you can share insights for maximum ROI.

Read our Privacy Policy

Thanks for subscribing. Check out more VB newsletters here.

An error occured.

Stay Ahead

Explore More Insights

Stay ahead with more perspectives on cutting-edge power, infrastructure, energy, bitcoin and AI solutions. Explore these articles to uncover strategies and insights shaping the future of industries.

How a bot management file push crippled Cloudflare’s global network

As traffic moves through the core proxy, it applies each customer’s unique configuration and settings, from enforcing WAF rules and DDoS protection to routing traffic to the Developer Platform and R2. These configuration and policy rules are enforced by domain-specific modules. One of those modules, Bot Management, resulted in the

Singapore makes the leap to Wi-Fi 7 to boost fan experience

The Singapore Sports Hub’s Wi-Fi 7 network will be deployed in phases across its venues. It’s expected to be completed by the first half of 2026. Cisco sees the Wi-Fi 7 rollout as part of a bigger shift toward AI-driven networks that power immersive fan experiences. At its core, this

The latest Microsoft AI deal highlights tight links in AI supply chain

“A lot of CIOs are starting to question whether their current AI infrastructure choices will hold up in the long run. It’s not just about picking a cloud provider anymore. The lines between cloud, models, and hardware are blurring fast,” said Sanchit Vir Gogia, the chief analyst at Greyhound Research.

Dell targets enterprise AI with switches, servers, reinforced Nvidia partnership

The company also introduced a new Intel-powered PowerEdge server, the R770AP. It is an air-cooled platform equipped with Intel Xeon 6 P-core 6900-series processors, featuring high-core-count CPUs, large cache sizes and support for CXL memory expansion. The PowerEdge R770AP offers enhanced parallel processing, reduced memory latency and abundant PCIe lanes

South Sudan Says Crude Exports Back to Normal

South Sudan said it had resumed oil shipments after attacks on energy facilities in neighboring Sudan disrupted activity. “Operations in all oil fields in South Sudan have returned to a normal export,” Petroleum Ministry Undersecretary Deng Lual Wol told reporters Wednesday in the capital, Juba. “All crude exports from South Sudan are fully flowing to the export terminals in Port Sudan.” Oil companies operating in the two African countries earlier this week shuttered production after the assaults in Sudan, which is embroiled in a more than two-year civil war. Landlocked South Sudan uses pipelines to transport its crude to Red Sea terminals, from where it’s shipped to world markets. Dar Petroleum Operating Co. is producing 97,000 barrels per day following the brief shutdown, but will ramp that up to 150,000, Wol said. Greater Pioneer Operating Co.’s output is 40,000 daily barrels, and should rise to the normal level of 50,000, while Sudd Petroleum Operating Co. is pumping 13,000 barrels per day, down from 15,000 before disruption, he added. Bashayer Pipeline Co., which transports South Sudan’s Dar Blend oil to Sudan, said in a Nov. 15 notice seen by Bloomberg that it had initiated an emergency shutdown after its Al Jabalain processing plant and a power facility came under attack. Sudan’s state-owned Petrolines for Crude Oil Co. issued a Nov. 13 notice about a drone attack at the Heglig oil field, where Nile Blend is produced. It had issued a force majeure notice at 2B OPCO, an exploration and production company in which it has a 50 percent stake. What do you think? We’d love to hear from you, join the conversation on the Rigzone Energy Network. The Rigzone Energy Network is a new social experience created for you and all energy professionals to Speak Up about our industry, share knowledge, connect with

Eni to Acquire 760 MW RE Assets in France from Neoen

Eni SpA said Tuesday it has entered into an agreement to buy a portfolio of already operational renewable energy projects totaling about 760 megawatts across France from Neoen. The transaction involves the transfer of 37 solar plants, 14 wind farms and one battery energy storage to Eni’s renewables arm Plenitude. The facilities produce around 1.1 terawatt hours of power annually, Italy’s state-backed Eni said in a press release. “The transaction represents one of the largest renewable energy deals completed in the French market in recent years and significantly contributes to Plenitude’s 2025 installed capacity targets”, Eni said. The parties have not disclosed the transaction price. Eni aims to reach over 5.5 gigawatts (GW) of installed renewable generation capacity this year, toward 10 GW by 2028 and 15 GW by 2030, according to a plan it announced February. As of the third quarter of 2025, it had 4.8 GW of installed renewable capacity, according to its quarterly report October 24. Eni plans to integrate the Neoen assets with its existing assets to “enable optimized operations and synergies”, Tuesday’s statement said. “The acquisition expands our presence in France, where we already serve around one million retail customers and where we are growing in both energy solutions and e-mobility markets”, said Plenitude chief executive Stefano Goberti. “Through this operation, we strengthen our integrated business model and accelerate progress toward achieving our strategic objectives”. Plenitude currently serves 10 million households and businesses across Europe, and aims to have over 11 million customers by 2028 and 15 million by 2030, Eni said. Paris-based Neoen said separately it would “continue to manage the plants for some years through the provision of asset management services to Plenitude”. Neoen said it would retain 1.1 GW of assets in operation or under construction in France including 754 MW of

Monumental Completes Capital Raise to Fund More Production Restarts in NZ

Monumental Energy Corp said Tuesday it had completed the issuance of 16.2 million units for CAD 0.05 per unit in an oversubscribed non-brokered private placement, generating gross proceeds of CAD 810,000 ($580,000). Vancouver, Canada-based Monumental said in an online statement it would use net proceeds “to fund cost overruns on Copper Moki 1 oil and gas well, to fund the costs and expenses to formally enter into and fund additional workover projects with New Zealand Energy Corp. and L&M Energy and for general working capital purposes and corporate expenses”. “Each unit is comprised of one common share in the capital of the company and one transferable common share purchase warrant”, Toronto-listed Monumental said. “Each warrant entitles the holder thereof to purchase one additional common share of the company at a price of CAD 0.08 per share until November 18, 2028. “In connection with the private placement, the company paid in consideration of the services rendered by certain finders an aggregate cash commission of CAD 38,850 and issued an aggregate of 777,000 non-transferable common share purchase warrants. Each finder warrant entitles the holder thereof to purchase one additional common share of the company at the issuer price until November 18, 2028”. Last month Monumental said it has agreed to fund New Zealand Energy Corp’s (NZEC) share of workover costs to restart flows at several wells in the Waihapa/Ngaere field in the onshore Taranaki basin. “These workovers will follow the same royalty structure as that established for the successful Copper Moki programs, whereas Monumental will earn a 25 percent royalty on NZEC’s production share after full recovery of its capital investment, which will be repaid from 75 percent of NZEC’s net revenue interest”, Monumental, a shareholder in NZEC, said in a press release October 15. L&M Energy will shoulder the remaining investment as NZEC’s

US Risks Winter Blackouts on Data Center Demand

Rising electricity demand from data centers is raising the risk of blackouts across a wide swath of the US during extreme conditions this winter, according to the regulatory body overseeing grid stability. Power consumption has grown 20 gigawatts from the previous winter, the North American Electric Reliability Corp. said Tuesday in its winter assessment. A gigawatt is the typical size of a nuclear power reactor. Supply hasn’t kept up. As as result, a repeat of severe winter storms in North America that unleash a polar vortex, of which there have been several in recent years, could trigger energy shortfalls across the US from the Northwest to Texas to the Carolinas. All regions have adequate resources in normal conditions. “Data centers are a main contributor to load growth in those areas where demand has risen substantially since last winter,” Mark Olson, manager of the reliability assessment, said in an emailed statement. America’s power grid has been facing rising blackout risks for years as aging infrastructure is increasingly stressed by severe storms and wildfires. Now the data center boom, driven by the spread of artificial intelligence, is adding to the strain by supercharging US electricity growth after being stagnant for two decades. Winter is especially risky because solar generation is available for fewer hours and battery operations may be affected. Gas supplies, meantime, could drop off because of freeze-offs or pipeline constraints. The areas designated by NERC as having elevated risks of shortfall shifted from the previous winter to include the US southeast and parts of the West, including Washington and Oregon. The Texas grid continues to be highlighted after cascading failures in February 2021 left millions of people without power for days and resulted in more than 200 deaths. New England also continues to face elevated risks on potential natural gas pipeline

US Energy Majors among Potential Lukoil Bidders

Exxon Mobil Corp., Chevron Corp., Abu Dhabi National Oil Co. as well as US private equity giant Carlyle Group are among companies interested in Lukoil PJSC’s international assets, a sale hastened by US sanctions due to kick in next month. Suitors are lining up to look at the various parts of Russian energy giant’s sprawling international business, with some potential buyers only interested in specific assets, according to people familiar with the situation. But one potential problem is that Lukoil favors selling the assets as a single package ahead of sanctions due to take effect Dec. 13, one of the people said. This raises the possibility of a two-step process in which one buyer – such as a financial firm – acquires all of Lukoil’s non-Russian assets and then resells them piecemeal over time. A key detail in the process is that the Trump administration would prefer that Lukoil’s global assets are taken over by a US entity, a fact that may limit the pool of potential buyers, people with knowledge of the matter said. A spokesperson for the US Treasury didn’t immediately respond to a request for comment. Lukoil had previously agreed to sell the whole international business to Gunvor Group – a deal that was then dramatically blocked by the US. Exxon and Chevron are exploring Lukoil’s stake in the West Qurna 2 field in Iraq, said two of the people, who declined to be identified because the talks are private. Meanwhile Adnoc is looking at various Lukoil assets, with the Russian firm’s natural gas operations in Uzbekistan potentially of most interest, according to people with knowledge of the situation. Spokespeople for Chevron, Exxon, Carlyle and Adnoc’s international investment unit XRG all declined to comment. Lukoil didn’t respond to a request to do so. What do you think? We’d love to

How engineered building solutions support data center technologies to deliver AI workloads

As demand for AI applications accelerates, deploying AI workloads at scale is a challenge many of the world’s most important industries are collaborating to solve. Data centers, power producers and infrastructure providers must all work together to figure out how to generate and distribute enough power to keep next-generation IT equipment powered and cooled. When data centers are looking to deploy more AI-ready chips, infrastructure enhancements are a must. These chips have incredibly high-power demands, and data centers need to make sure they are ready to deliver power to racks safely and reliably. The standard for uptime in many data centers exceeds 99%, meaning power availability is paramount. Working with such a high level of power, data center designers are taking lessons from the utility industry to manage it. This includes the strategic deployment of engineered building solutions. A Flexible Solution Engineered control buildings are large, modular enclosures that house critical electrical equipment. Traditionally used in the utility sector for transmission, distribution and renewable energy applications, these structures are essential for data centers facing unprecedented power demands driven by AI workloads. These buildings often include switch gear, relay and protection and control equipment that maintain uptime and accelerate deployment. The opportunities to use engineered building solutions address both gray and white space needs. Gray space applications include modular outdoor enclosures that provide primary power with switchgear or back-up power, such as uninterruptible power supply (UPS) and battery systems. These buildings can also feature integrated cooling to ensure system reliability and optimal performance. Within the white space, IT Pod solutions are prefabricated and shipped to site for installation inside a data center hall. They feature seamless integration of power and cooling and include IT equipment such as racks, making them ideal for scalable, high-density AI deployments. Modular data centers provide a

Nvidia’s first exascale system is the 4th fastest supercomputer in the world

The world’s fourth exascale supercomputer has arrived, pitting Nvidia’s proprietary chip technologies against the x86 systems that have dominated supercomputing for decades. For the 66th edition of the TOP500, El Capitan holds steady at No. 1 while JUPITER Booster becomes the fourth exascale system on the list. The JUPITER Booster supercomputer, installed in Germany, uses Nvidia CPUs and GPUs and delivers a peak performance of exactly 1 exaflop, according to the November TOP500 list of supercomputers, released on Monday. The exaflop measurement is considered a major milestone in pushing computing performance to the limits. Today’s computers are typically measured in gigaflops and teraflops—and an exaflop translates to 1 billion gigaflops. Nvidia’s GPUs dominate AI servers installed in data centers as computing shifts to AI. As part of this shift, AI servers with Nvidia’s ARM-based Grace CPUs are emerging as a high-performance alternative to x86 chips. JUPITER is the fourth-fastest supercomputer in the world, behind three systems with x86 chips from AMD and Intel, according to TOP500. The top three supercomputers on the TOP500 list are in the U.S. and owned by the U.S. Department of Energy. The top two supercomputers—the 1.8-exaflop El Capitan at Lawrence Livermore National Laboratory and the 1.35-exaflop Frontier at Oak Ridge National Laboratory—use AMD CPUs and GPUs. The third-ranked 1.01-exaflop Aurora at Argonne National Laboratory uses Intel CPUs and GPUs. Intel scrapped its GPU roadmap after the release of Aurora and is now restructuring operations. The JUPITER Booster, which was assembled by France-based Eviden, has Nvidia’s GH200 superchip, which links two Nvidia Hopper GPUs with CPUs based on ARM designs. The CPU and GPU are connected via Nvidia’s proprietary NVLink interconnect, which is based on InfiniBand and provides bandwidth of up to 900 gigabytes per second. JUPITER first entered the Top500 list at 793 petaflops, but

Samsung’s 60% memory price hike signals higher data center costs for enterprises

Industry-wide price surge driven by AI Samsung is not alone in raising prices. In October, TrendForce reported that Samsung and SK Hynix raised DRAM and NAND flash prices by up to 30% for Q4. Similarly, SK Hynix said during its October earnings call that its HBM, DRAM, and NAND capacity is “essentially sold out” for 2026, with the company posting record quarterly operating profit exceeding $8 billion, driven by surging AI demand. Industry analysts attributed the price increases to manufacturers redirecting production capacity. HBM production for AI accelerators consumes three times the wafer capacity of standard DRAM, according to a TrendForce report, citing remarks from Micron’s Chief Business Officer. After two years of oversupply, memory inventories have dropped to approximately eight weeks from over 30 weeks in early 2023. “The memory industry is tightening faster than expected as AI server demand for HBM, DDR5, and enterprise SSDs far outpaces supply growth,” said Manish Rawat, semiconductor analyst at TechInsights. “Even with new fab capacity coming online, much of it is dedicated to HBM, leaving conventional DRAM and NAND undersupplied. Memory is shifting from a cyclical commodity to a strategic bottleneck where suppliers can confidently enforce price discipline.” This newfound pricing power was evident in Samsung’s approach to contract negotiations. “Samsung’s delayed pricing announcement signals tough behind-the-scenes negotiations, with Samsung ultimately securing the aggressive hike it wanted,” Rawat said. “The move reflects a clear power shift toward chipmakers: inventories are normalized, supply is tight, and AI demand is unavoidable, leaving buyers with little room to negotiate.” Charlie Dai, VP and principal analyst at Forrester, said the 60% increase “signals confidence in sustained AI infrastructure growth and underscores memory’s strategic role as the bottleneck in accelerated computing.” Servers to cost 10-25% more For enterprises building AI infrastructure, these supply dynamics translate directly into

Arista, Palo Alto bolster AI data center security

“Based on this inspection, the NGFW creates a comprehensive, application-aware security policy. It then instructs the Arista fabric to enforce that policy at wire speed for all subsequent, similar flows,” Kotamraju wrote. “This ‘inspect-once, enforce-many’ model delivers granular zero trust security without the performance bottlenecks of hairpinning all traffic through a firewall or forcing a costly, disruptive network redesign.” The second capability is a dynamic quarantine feature that enables the Palo Alto NGFWs to identify evasive threats using Cloud-Delivered Security Services (CDSS). “These services, such as Advanced WildFire for zero-day malware and Advanced Threat Prevention for unknown exploits, leverage global threat intelligence to detect and block attacks that traditional security misses,” Kotamraju wrote. The Arista fabric can intelligently offload trusted, high-bandwidth “elephant flows” from the firewall after inspection, freeing it to focus on high-risk traffic. When a threat is detected, the NGFW signals Arista CloudVision, which programs the network switches to automatically quarantine the compromised workload at hardware line-rate, according to Kotamraju: “This immediate response halts the lateral spread of a threat without creating a performance bottleneck or requiring manual intervention.” The third feature is unified policy orchestration, where Palo Alto Networks’ management plane centralizes zone-based and microperimeter policies, and CloudVision MSS responds with the offload and enforcement of Arista switches. “This treats the entire geo-distributed network as a single logical switch, allowing workloads to be migrated freely across cloud networks and security domains,” Srikanta and Barbieri wrote. Lastly, the Arista Validated Design (AVD) data models enable network-as-a-code, integrating with CI/CD pipelines. AVDs can also be generated by Arista’s AVA (Autonomous Virtual Assist) AI agents that incorporate best practices, testing, guardrails, and generated configurations. “Our integration directly resolves this conflict by creating a clean architectural separation that decouples the network fabric from security policy. This allows the NetOps team (managing the Arista

AMD outlines ambitious plan for AI-driven data centers

“There are very beefy workloads that you must have that performance for to run the enterprise,” he said. “The Fortune 500 mainstream enterprise customers are now … adopting Epyc faster than anyone. We’ve seen a 3x adoption this year. And what that does is drives back to the on-prem enterprise adoption, so that the hybrid multi-cloud is end-to-end on Epyc.” One of the key focus areas for AMD’s Epyc strategy has been our ecosystem build out. It has almost 180 platforms, from racks to blades to towers to edge devices, and 3,000 solutions in the market on top of those platforms. One of the areas where AMD pushes into the enterprise is what it calls industry or vertical workloads. “These are the workloads that drive the end business. So in semiconductors, that’s telco, it’s the network, and the goal there is to accelerate those workloads and either driving more throughput or drive faster time to market or faster time to results. And we almost double our competition in terms of faster time to results,” said McNamara. And it’s paying off. McNamara noted that over 60% of the Fortune 100 are using AMD, and that’s growing quarterly. “We track that very, very closely,” he said. The other question is are they getting new customer acquisitions, customers with Epyc for the first time? “We’ve doubled that year on year.” AMD didn’t just brag, it laid out a road map for the next two years, and 2026 is going to be a very busy year. That will be the year that new CPUs, both client and server, built on the Zen 6 architecture begin to appear. On the server side, that means the Venice generation of Epyc server processors. Zen 6 processors will be built on 2 nanometer design generated by (you guessed

Building the Regional Edge: DartPoints CEO Scott Willis on High-Density AI Workloads in Non-Tier-One Markets

When DartPoints CEO Scott Willis took the stage on “the Distributed Edge” panel at the 2025 Data Center Frontier Trends Summit, his message resonated across a room full of developers, operators, and hyperscale strategists: the future of AI infrastructure will be built far beyond the nation’s tier-one metros. On the latest episode of the Data Center Frontier Show, Willis expands on that thesis, mapping out how DartPoints has positioned itself for a moment when digital infrastructure inevitably becomes more distributed, and why that moment has now arrived. DartPoints’ strategy centers on what Willis calls the “regional edge”—markets in the Midwest, Southeast, and South Central regions that sit outside traditional cloud hubs but are increasingly essential to the evolving AI economy. These are not tower-edge micro-nodes, nor hyperscale mega-campuses. Instead, they are regional data centers designed to serve enterprises with colocation, cloud, hybrid cloud, multi-tenant cloud, DRaaS, and backup workloads, while increasingly accommodating the AI-driven use cases shaping the next phase of digital infrastructure. As inference expands and latency-sensitive applications proliferate, Willis sees the industry’s momentum bending toward the very markets DartPoints has spent years cultivating. Interconnection as Foundation for Regional AI Growth A key part of the company’s differentiation is its interconnection strategy. Every DartPoints facility is built to operate as a deeply interconnected environment, drawing in all available carriers within a market and stitching sites together through a regional fiber fabric. Willis describes fiber as the “nervous system” of the modern data center, and for DartPoints that means creating an interconnection model robust enough to support a mix of enterprise cloud, multi-site disaster recovery, and emerging AI inference workloads. The company is already hosting latency-sensitive deployments in select facilities—particularly inference AI and specialized healthcare applications—and Willis expects such deployments to expand significantly as regional AI architectures become more widely

Key takeaways from Cisco Partner Summit

Brian Ortbals, senior vice president from World Wide Technology, which is one of Cisco’s biggest and most important partners stated: “Cisco engaged partners early in the process and took our feedback along the way. We believe now is the right time for these changes as it will enable us to capitalize on the changes in the market.” The reality is, the more successful its more-than-half-a-million partners are, the more successful Cisco will be. Platform approach is coming together When Jeetu Patel took the reigns as chief product officer, one of his goals was to make the Cisco portfolio a “force multiple.” Patel has stated repeatedly that, historically, Cisco acted more as a technology holding company with good products in networking, security, collaboration, data center and other areas. In this case, product breadth was not an advantage, as everything must be sold as “best of breed,” which is a tough ask of the salesforce and partner community. Since then, there have been many examples of the coming together of the portfolio to create products that leverage the breadth of the platform. The latest is the Unified Edge appliance, an all-in-one solution that brings together compute, networking, storage and security. Cisco has been aggressive with AI products in the data center, and Cisco Unified Edge compliments that work with a device designed to bring AI to edge locations. This is ideally suited for retail, manufacturing, healthcare, factories and other industries where it’s more cost effecting and performative to run AI where the data lives.

Microsoft will invest $80B in AI data centers in fiscal 2025

And Microsoft isn’t the only one that is ramping up its investments into AI-enabled data centers. Rival cloud service providers are all investing in either upgrading or opening new data centers to capture a larger chunk of business from developers and users of large language models (LLMs). In a report published in October 2024, Bloomberg Intelligence estimated that demand for generative AI would push Microsoft, AWS, Google, Oracle, Meta, and Apple would between them devote $200 billion to capex in 2025, up from $110 billion in 2023. Microsoft is one of the biggest spenders, followed closely by Google and AWS, Bloomberg Intelligence said. Its estimate of Microsoft’s capital spending on AI, at $62.4 billion for calendar 2025, is lower than Smith’s claim that the company will invest $80 billion in the fiscal year to June 30, 2025. Both figures, though, are way higher than Microsoft’s 2020 capital expenditure of “just” $17.6 billion. The majority of the increased spending is tied to cloud services and the expansion of AI infrastructure needed to provide compute capacity for OpenAI workloads. Separately, last October Amazon CEO Andy Jassy said his company planned total capex spend of $75 billion in 2024 and even more in 2025, with much of it going to AWS, its cloud computing division.

John Deere unveils more autonomous farm machines to address skill labor shortage

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Self-driving tractors might be the path to self-driving cars. John Deere has revealed a new line of autonomous machines and tech across agriculture, construction and commercial landscaping. The Moline, Illinois-based John Deere has been in business for 187 years, yet it’s been a regular as a non-tech company showing off technology at the big tech trade show in Las Vegas and is back at CES 2025 with more autonomous tractors and other vehicles. This is not something we usually cover, but John Deere has a lot of data that is interesting in the big picture of tech. The message from the company is that there aren’t enough skilled farm laborers to do the work that its customers need. It’s been a challenge for most of the last two decades, said Jahmy Hindman, CTO at John Deere, in a briefing. Much of the tech will come this fall and after that. He noted that the average farmer in the U.S. is over 58 and works 12 to 18 hours a day to grow food for us. And he said the American Farm Bureau Federation estimates there are roughly 2.4 million farm jobs that need to be filled annually; and the agricultural work force continues to shrink. (This is my hint to the anti-immigration crowd). John Deere’s autonomous 9RX Tractor. Farmers can oversee it using an app. While each of these industries experiences their own set of challenges, a commonality across all is skilled labor availability. In construction, about 80% percent of contractors struggle to find skilled labor. And in commercial landscaping, 86% of landscaping business owners can’t find labor to fill open positions, he said. “They have to figure out how to do

2025 playbook for enterprise AI success, from agents to evals

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More 2025 is poised to be a pivotal year for enterprise AI. The past year has seen rapid innovation, and this year will see the same. This has made it more critical than ever to revisit your AI strategy to stay competitive and create value for your customers. From scaling AI agents to optimizing costs, here are the five critical areas enterprises should prioritize for their AI strategy this year. 1. Agents: the next generation of automation AI agents are no longer theoretical. In 2025, they’re indispensable tools for enterprises looking to streamline operations and enhance customer interactions. Unlike traditional software, agents powered by large language models (LLMs) can make nuanced decisions, navigate complex multi-step tasks, and integrate seamlessly with tools and APIs. At the start of 2024, agents were not ready for prime time, making frustrating mistakes like hallucinating URLs. They started getting better as frontier large language models themselves improved. “Let me put it this way,” said Sam Witteveen, cofounder of Red Dragon, a company that develops agents for companies, and that recently reviewed the 48 agents it built last year. “Interestingly, the ones that we built at the start of the year, a lot of those worked way better at the end of the year just because the models got better.” Witteveen shared this in the video podcast we filmed to discuss these five big trends in detail. Models are getting better and hallucinating less, and they’re also being trained to do agentic tasks. Another feature that the model providers are researching is a way to use the LLM as a judge, and as models get cheaper (something we’ll cover below), companies can use three or more models to

OpenAI’s red teaming innovations define new essentials for security leaders in the AI era

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More OpenAI has taken a more aggressive approach to red teaming than its AI competitors, demonstrating its security teams’ advanced capabilities in two areas: multi-step reinforcement and external red teaming. OpenAI recently released two papers that set a new competitive standard for improving the quality, reliability and safety of AI models in these two techniques and more. The first paper, “OpenAI’s Approach to External Red Teaming for AI Models and Systems,” reports that specialized teams outside the company have proven effective in uncovering vulnerabilities that might otherwise have made it into a released model because in-house testing techniques may have missed them. In the second paper, “Diverse and Effective Red Teaming with Auto-Generated Rewards and Multi-Step Reinforcement Learning,” OpenAI introduces an automated framework that relies on iterative reinforcement learning to generate a broad spectrum of novel, wide-ranging attacks. Going all-in on red teaming pays practical, competitive dividends It’s encouraging to see competitive intensity in red teaming growing among AI companies. When Anthropic released its AI red team guidelines in June of last year, it joined AI providers including Google, Microsoft, Nvidia, OpenAI, and even the U.S.’s National Institute of Standards and Technology (NIST), which all had released red teaming frameworks. Investing heavily in red teaming yields tangible benefits for security leaders in any organization. OpenAI’s paper on external red teaming provides a detailed analysis of how the company strives to create specialized external teams that include cybersecurity and subject matter experts. The goal is to see if knowledgeable external teams can defeat models’ security perimeters and find gaps in their security, biases and controls that prompt-based testing couldn’t find. What makes OpenAI’s recent papers noteworthy is how well they define using human-in-the-middle