As we enter 2026 strong, it’s always good to look back on the previous year and get reflective about what we’ve learned, as well as focus ahead on what’s coming next. 2025 was a defining year for CyberProof, one that reinforced our beliefs about where security is headed and the role we can play in helping organizations navigate an increasingly complex threat landscape.
What follows are a few personal reflections on the year behind us, and a perspective on the priorities and shifts I believe will matter most in 2026.
Our Big Bet on Threat-Led Defense with Intepres
Having worked with Interpres as a partner since late 2023, it became clear that their Continuous Threat Exposure Management (CTEM) and Automated Security Control Assessment capabilities would elevate our ability to help customers stay ahead of emerging cyber risks, and we made a strategic decision to acquire Intepres in December 2024. As we partnered with clients around the globe we quickly realized the limitations of traditional, point-in-time assessments and the growing need for the continuous, risk-prioritized visibility modern enterprises require, especially as threats powered by technologies like generative AI accelerate.
By bringing Interpres’ technology and expertise into the CyberProof family, we not only strengthened our managed security services but also became the first managed security provider to offer a truly continuous threat exposure management capability. This decision was grounded in CyberProof’s core mission to deliver meaningful, measurable risk reduction outcomes for our clients, ensuring that they can prioritize and resolve exposures with speed and precision in 2026 and beyond.
Groundbreaking Threat Research
Threat research remained a cornerstone of how we created value for customers in 2025, and I am particularly proud of the role our team played in advancing the industry’s understanding of real-world adversary behavior. The research in our 2025 Annual Global Threat Intelligence Report and our 2025 Mid-Year Cyber Landscape Analysis reflected what we see every day across our operations: a sharp rise in AI-enabled ransomware, the blurring of lines between nation-state and criminal activity, and sustained pressure on identity, collaboration platforms, and trusted third parties.
Our team led global research into high-profile campaigns, including the weaponization of Microsoft Teams and Google Meet for social engineering, which highlighted how quickly attackers adapt familiar enterprise tools into effective intrusion vectors. We also uncovered and documented the evolution of advanced banking malware such as Coyote and Maverick, as well as emerging threats like the DarkCloud infostealer, providing defenders with early insight into tooling, tactics, and intent.
This work is not purely academic for us. This focus on threat research and information sharing, is rooted in our goal to help organizations stay ahead of exposures and attack techniques which translates directly to better detection, faster response, and clearer prioritization. As we look to 2026, our continued investment in frontline threat research will remain essential to helping organizations move from reacting to incidents to anticipating and disrupting them.
CyberProof’s Push to Truly Automate and “Agentize” the SOC
In 2025, we also saw a clear inflection point in how leading organizations think about cyber risk, moving from exposure management as a reporting exercise to threat-led defense as an operating model. Rather than treating vulnerabilities, misconfigurations, and alerts as isolated problems, security leaders increasingly anchored decisions in real adversary behavior, business context, and likely attack paths. This shift reframed the role of the CISO from managing control coverage to driving measurable risk reduction, aligning security investments with the threats that matter most.
The threat-led defense methodology creates the perfect conditions for our next major step in 2025: the introduction of CyberProof’s Agentic AI framework. Once security is anchored in how real adversaries operate, the challenge becomes scale and speed, how to continuously interpret signals, reason over context, and take action without overwhelming human teams. Our Agentic AI capabilities were designed to do exactly that, combining autonomous reasoning with human oversight to drive high-accuracy detection, investigation, and response. Rather than replacing analysts, this framework augments them, enabling security operations to act faster, prioritize with confidence, and deliver consistent outcomes aligned to business risk. As we move into 2026, I see agentic, human-augmented AI as a critical enabler of threat-led defense at scale, turning intent into execution across modern security operations.
Accomplishments and Recognition
Forgive me for pausing to acknowledge the recognitions we received in 2025; they are not our goal, but they are a reflection of what a deeply committed team can achieve together. In 2025 CyberProof was named as a CTEM finalist and the SC Award winner for Best Managed Detection and Response Service, affirming the strength of our co-managed MDR approach built to help complex enterprises reduce risk and operational burden. CyberProof was also crowned Threat Exposure Management Platform of the Year for the 9th annual CyberSecurity Breakthrough Awards program.
Further validating the market impact of our services and solutions, we were included in the 2025 Gartner® Market Guide for Co-Managed Security Monitoring Services and the Gartner® Hype Cycle for Security Operations, highlighting our relevance in evolving co-management and automated security control assessment trends. We were also recognized as a Leader in three categories in the ISG Provider Lens™ Cybersecurity Services and Solutions 2025 report, covering Next-Gen SOC/MDR Services, Strategic Security Services, and Technical Security Services. This underscores our sustained excellence across core security service areas.
On the broader business award’s stage, we earned 2025 Globee® Business and Innovation in Cybersecurity awards. These acknowledgements reflect the discipline, creativity, and relentless focus on customer outcomes that our team brings to work every day — and they motivate us to push even harder in 2026.
Looking Ahead to 2026
As I look ahead more broadly to 2026, I believe the next phase of cybersecurity will be defined less by individual threats and more by how effectively organizations manage enterprise-wide risk in an environment shaped by AI.
At CyberProof we are sharpening our focus on cloud security as the center of gravity for modern operations, while continuing to help organizations shift from chasing alerts to reducing exposure and business impact across the entire digital estate. At the same time, we must acknowledge a hard truth: cybercriminals will continue to gain a tactical advantage from AI. Attackers do not need perfection, governance, or consensus to innovate, which allows them to move faster and exploit human trust at unprecedented scale through more convincing social engineering and automation.
Agentic AI will only accelerate this dynamic. As autonomous agents become embedded into everyday workflows, adoption will move faster than security readiness, exposing weak identity controls, fragile data foundations, and underinvested core hygiene. In 2026, the organizations that succeed will be those that recognize this gap early, strengthen their foundations, and treat AI not as a tool to be bolted on, but as a force that fundamentally reshapes how security, risk, and trust must be managed.
As always, these perspectives are shaped by the conversations I have every day with CISOs, security leaders, and teams operating at the front lines of this shift. To formalize this collaborative spirit, CyberProof is forming a Customer Advisory Group dedicated to ensuring our business model and platform remain at the cutting edge of the industry. By engaging directly with our most forward-thinking clients, we aim to refine our better together service approach, integrating real-world feedback to maintain our lead in delivering a truly unified, threat-led defense. This initiative reinforces our commitment to a co-managed strategy where shared intelligence and shared success define the next generation of security operations. Some of the immediate feedback and interest from some of our resource constraint customers has been around flexible per-case co-managed pricing that removes the traditional financial barriers that often stifle the adoption of emerging solutions like AI-driven SOC automation. I also believe that it is time for a fundamental shift in the co-manged business model itself – as we push Agentic adoption and expansion. We’re excited to share more in the near future how this alignment of cost with successful outcomes—allows mid-market SOC teams to scale their automation capabilities to improve triage and investigation.
As we move into 2026, I want to wish our customers, partners, and the broader security community a year of clarity, resilience, and progress. The challenges ahead are real, but so is the opportunity to raise the bar together. If you are thinking about how to move from managing threats to managing risk, how cloud and AI are reshaping your security foundations, or how to operationalize threat-led defense in a practical way, I am always happy to compare notes and learn from your experience as well. In the meantime, I invite you to learn more about some of our Cybersecurity Predictions for the 2026 Landscape. <will link to Predictions Blog>!
