Operations | Monitoring | ITSM | DevOps | Cloud

Application control is one of those security topics where many people carry old assumptions. Traditional allowlisting feels safe but quickly becomes a maintenance burden. Blocklisting feels reactive and incomplete. And while tools like Microsoft AppLocker led many to believe that strict allowlisting is the gold standard, modern attacks have proven otherwise. Attackers increasingly rely on legitimate, signed tools — used in the wrong context — to bypass list-based controls entirely.

In my time at Ivanti, I've witnessed firsthand how AI acts as a force multiplier across enterprise organizations. When deployed strategically, AI accelerates decision-making and operational execution at scale in a way that teams simply can't sustain manually. However, without clear and enforceable AI guardrails, implementing AI opens organizations up to serious new risks.

Most CEOs can recite their quarterly benchmarks and revenue down to the decimal point, but ask them about their organization's cyber risk exposure, and the answers become more vague. It's not that today’s CEOs don’t care about security — cybersecurity ranks among the top concerns for boards and executive teams. The problem runs deeper: a fundamental breakdown in how security risks are explained to business leaders that overlooks the impacts on their business outcomes.

Today marks an important milestone in our journey to make your Ivanti support experience effortless, intuitive and all in one place: Ivanti Innovators Hub is now live! This isn’t just a refresh; it’s a major step forward — delivering a smarter, unified destination where support, resources and community meet your needs, your way.

Vulnerability management has served organizations and the cybersecurity industry for years. It is a capable practice that has helped companies defend their attack surface and prevent threat actors from exploiting vulnerabilities. But technology and IT infrastructure have evolved. Vulnerability management no longer can meet the challenges that come with this evolution.

Executives today operate in a constant state of pressure. Regulatory demands grow faster than budgets, customers expect proof of resilience and every system outage becomes a business event. When each function manages risk in isolation, leaders spend more time reacting than advancing strategy. The real issue is coherence. Most organizations still rely on partial instruments: dashboards filled with red and amber, but no clarity on which risks matter or what an outage would actually cost.

Here’s a paradox for the AI era: organizations are obsessed with the promise of AI as the key to unlocking productivity and enterprise transformation, and IT teams are all-in on the advantages AI and automation offer — yet those same organizations are the ones holding that transformation back. While the majority of IT workers advocate for AI adoption, operational, cultural and budgetary barriers stand in the way of enterprises implementing AI at scale.

There’s been buzz around CVE-2025-56383 (published on Sept. 26, 2025), a hijacking vulnerability in Notepad++ v8.8.3 in which a DLL file can be swapped to execute malicious code. The CVE has been disputed by multiple parties, but we’re not here to comment on that. However, we are here to comment on DLL hijacking and discuss the very real threat that it poses to an organization. Let’s look into what DLL hijacking is and what measures you can take to keep your DLLs safe.

When the conversation turns to cybersecurity, people often think of firewalls, intrusion detection systems or state-of-the-art endpoint protection. Yet, beneath these sophisticated shields is an essential (and often unsung) foundation: robust IT Asset Management (ITAM). For CIOs guiding mid-sized and enterprise organizations through an increasingly perilous digital landscape, ITAM offers not just operational clarity, but a powerful first line of cyber threat defense.

AI tools have seen a meteoric rise in the workplace. What was once the domain of highly specialized tech roles is now commonplace: Ivanti’s 2025 Technology at Work Report found that 42% of office workers say they’re using gen AI tools, like ChatGPT, at work — up 16 points from the previous year. The catch? These productivity gains happen under the table. Among those who reported using gen AI tools, 46% say that some (or all) of the tools they use are not employer-provided.