IT, Telecom & Cyber · Australia (Perth)

Reassess Connectivity, Identity and Threat Intelligence Buying Assumptions

Published May 11, 2026, 6:06 AM AWSTAPACFull category signal
Ask AI
Group-IB named a Leader in Gartner cyberthreat report

In 60 seconds

Top move

Group-IB’s Gartner Leader placement makes unified threat‑intelligence bundles a real procurement category; buyers should expect proposals that combine telemetry, fraud data and managed investigations and plan how investigation costs and SLAs will be allocated

Key takeaways

  • Group-IB’s Gartner Leader placement makes unified threat‑intelligence bundles a real procurement category; buyers should expect proposals that combine telemetry, fraud data and managed investigations and plan how investigation costs and SLAs will be allocated.[1]
  • Telstra’s Adaptive Networks Centre shifts connectivity from manual ordering to API-driven operations, so integration, automation testing and rollback controls need to be treated as procurement deliverables rather than implementation footnotes.[2]
  • Password-based authentication is being framed as insufficient where AI tools and unmanaged accounts leak secrets; procurement should prioritise identity controls, supplier account governance and contract clauses that require modern auth support.[3]
  • KnowBe4’s secure-coding content for AI-assisted development creates a practical contract lever: require developer training or proof-of-completion in SOWs to reduce supply-side software risk.[4]
  • Signal level today is normal: these items are practical supplier and contract shifts to plan for, not operational emergencies—focus on specs, SLAs and pilot validation rather than panic sourcing.[1]

What changed since last run

  • Added Group-IB Gartner Magic Quadrant recognition as a buyer signal for unified threat-intel bundles (article 1).
  • New inclusion of Telstra’s Adaptive Networks Centre as an API-driven connectivity procurement variable (article 10).
  • Added KnowBe4 + Secure Code Warrior secure-coding training as a contract-deliverable option for developer supply chains (article 8).

Key facts

  • Named a Leader in Gartner’s first Magic Quadrant for Cyberthreat Intelligence Technologies
  • One of five vendors placed in the Leader category out of 18 assessed
  • Built on 21 years of telemetry and 1,500+ joint investigations with law enforcement
  • API-first platform for design, quoting, ordering and management
  • Initial support for dedicated fibre and next-generation broadband
  • Planned expansion to Layer 2, Satellite and IPVPN services

Why it matters

Group-IB’s Gartner Leader placement makes unified threat‑intelligence bundles a real procurement category; buyers should expect proposals that combine telemetry, fraud data and managed investigations and plan how investigation costs and SLAs will be allocated. Telstra’s Adaptive Networks Centre shifts connectivity from manual ordering to API-driven operations, so integration, automation testing and rollback controls need to be treated as procurement deliverables rather than implementation footnotes. Password-based authentication is being framed as insufficient where AI tools and unmanaged accounts leak secrets; procurement should prioritise identity controls, supplier account governance and contract clauses that require modern auth support. KnowBe4’s secure-coding content for AI-assisted development creates a practical contract lever: require developer training or proof-of-completion in SOWs to reduce supply-side software risk

Cost / money

  • Unified threat-intel managed bundles can move spend from one-off licences to recurring managed-service OPEX, reducing discrete price competition and changing how incident costs are passed through.[1]
  • API-driven connectivity lowers manual ordering cost but introduces upfront integration, testing and change-management spending that should be budgeted as procurement line items.[2]
  • Identity upgrades (passwordless/FIDO2) create short-term integration and access-management costs while reducing downstream incident recovery and forensic exposure risk.[3]

Supplier / commercial

  • Vendors recognised as leaders (Group-IB) will press for longer managed contracts and bundled scopes; procurement must push explicit investigation scope, cost allocation and SLA exit gates.[1]
  • Connectivity platform vendors may include platform terms and runbooks that shift operational authorities; buyers should resist one-sided change control and demand auditability and rollback clauses.[2]
  • Training partners (KnowBe4 + Secure Code Warrior) create an upsell route where training is bundled into premium tiers; verify whether training is included or an extra charge before relying on it in evaluations.[4]

Safety / operations

  • Weak credentials plus agentic AI increase operational exposure: leaked prompts or stolen account access can cascade across services and complicate incident containment and recovery.[3]
  • Automated network changes without proven rollback testing raise misconfiguration risk; operations must validate automation safety and integration behavior before delegating changes to provider APIs.[2]

What to watch

  • Watch for vendors to shorten quote validity and push tighter mobilization or onboarding timelines as managed‑service wins increase; shorter windows reduce buyer negotiation room and raise dependency risk.[1]
  • Watch for secure-coding or identity features to be gated behind higher subscription tiers; do not assume inclusion—verify proof-of-delivery or list as mandatory in SOWs.[4]

Top stories

Story 1SecurityBrief Australia

Group-IB named a Leader in Gartner cyberthreat report

Signal strongSource-grounded
Source notes [1]Read source

What happened

Group-IB was named a Leader in Gartner’s first Magic Quadrant for Cyberthreat Intelligence Technologies. The recognition highlights its unified platform combining dark-web monitoring, fraud telemetry and managed investigations, signalling more bundled, investigation-capable offers in market. Procurement should watch whether suppliers fold incident response obligations into subscriptions and how they price pass-through investigation costs

Buyer takeaway

Treat unified threat intelligence as a distinct procurement category: sellers will bundle telemetry, fraud data and managed investigations which changes SLA, escalation, and cost-allocation expectations

Cost / money

Buying a managed, unified platform can move spend from capital licences to recurring managed-service fees and reduce price competition on discrete components

Supplier / commercial

Vendors recognised by analysts gain leverage to upsell managed services and longer terms; procurement should push clear incident cost-sharing and predefined investigation scopes

Safety / operations

Operational readiness must include verified integration of predictive indicators and incident handover processes; unclear scopes increase response time and recovery risk

What to watch

Watch for shorter quote windows and bundled scopes that hide pass-through investigation costs

Key facts

  • Named a Leader in Gartner’s first Magic Quadrant for Cyberthreat Intelligence Technologies
  • One of five vendors placed in the Leader category out of 18 assessed
  • Built on 21 years of telemetry and 1,500+ joint investigations with law enforcement

Source excerpts

The ranking gives Group-IB a prominent position in a new market category for threat intelligence tools, as organisations face growing overlap between cybercrime, fraud and ransomware operations
Eighteen vendors were reviewed on the usual criteria of completeness of vision and ability to execute, with only five placed in the Leaders quadrant. That matters for suppliers in a crowded cybersecurity sector, where product categories often overlap and buyers rely on analyst rankings to compare vendors
Group-IB has been named a Leader in Gartner's first Magic Quadrant for Cyberthreat Intelligence Technologies
Story 2SecurityBrief Australia

Telstra launches Adaptive Networks Centre for businesses

Signal moderateSource-grounded
Source notes [2]Read source

What happened

Telstra launched an Adaptive Networks Centre offering an API-first platform for quoting, ordering and managing enterprise connectivity. The initial release supports dedicated fibre and next-gen broadband with planned expansion to Layer 2, satellite and IPVPN, making connectivity programmatic rather than manual. Buyers should validate integration dependencies, automation safety and rollback controls before treating programmatic ordering as standard

Buyer takeaway

Require clear integration runbooks, rollback procedures and SLAs before accepting programmatic connectivity to avoid baked-in operational dependencies

Cost / money

Lower manual ordering costs may be offset by upfront integration, testing and change-management expenses

Supplier / commercial

Connectivity vendors may seek platform-terms that standardise ordering flows; procurement should resist one-sided change authorities and require audit logs

Safety / operations

Automated network changes increase risk of misconfiguration; operations must validate automation safety and rollback testing before production use

What to watch

Watch for vendor terms that shift change-authority and incident response timing to the provider without reciprocal buyer controls

Key facts

  • API-first platform for design, quoting, ordering and management
  • Initial support for dedicated fibre and next-generation broadband
  • Planned expansion to Layer 2, Satellite and IPVPN services

Source excerpts

The API-first architecture enables a single intuitive interface for managing connectivity. Marty McGrath, Telstra's Group Owner for Fixed Connectivity in Product and Technology function says, "Adaptive Networks Centre provides digital quoting and design, ordering, visibility and management of network services with much more speed and control than traditional models
By embracing an API-driven network platform that enables organisations to procure, configure and consume network services in the way that best suits them they can continue to innovate, so their businesses are ready for the challenges that lie ahead," says McGrath
ANTHONY CARUANA Interview Editor Telstra's new Adaptive Networks Centre (ANC) is a digital platform that delivers a step-change experience to enterprise and business customers. The API-first architecture enables a single intuitive interface for managing connectivity
Story 3SecurityBrief Australia

Experts warn passwords no longer sufficient in AI era

Signal moderateSource-grounded
Source notes [3]Read source

What happened

Experts warn passwords are increasingly inadequate as employees paste sensitive data into AI tools and attackers scale credential attacks. Research cited indicates a non-trivial share of GenAI prompts pose a high risk of data leakage and many risky actions occur from unmanaged personal accounts. Procurement should prioritise passwordless/FIDO2 pilots, supplier account governance and contract clauses requiring modern authentication support

Buyer takeaway

Accelerate identity-first controls in sourcing and renewals; require suppliers to demonstrate FIDO2 or equivalent readiness and shadow-account controls

Cost / money

Identity upgrades shift some budget to access-management projects and may reduce incident recovery costs long-term but increase short-term integration spend

Supplier / commercial

Suppliers without modern auth support may be deprioritised or require transition plans, affecting supplier pools and pricing leverage

Safety / operations

Weak credentials and unmanaged accounts are a live operational risk that can cause broader service outages or data loss when combined with AI leakage

What to watch

Watch for suppliers to claim support for passwordless without providing integration or proof-of-deployment

Key facts

  • Research shows a meaningful share of GenAI prompts pose high data-leak risk
  • High share of risky AI prompts originate from unmanaged personal accounts
  • Recommended shift to passwordless/FIDO2 and stronger access governance

Source excerpts

Ultimately, reducing reliance on passwords starts with a more proactive approach to identity and access management across the business
At Adactin, we see this as a clear call for organisations to move beyond basic password hygiene and adopt a more holistic, identity-first security model. This includes combining multi-factor authentication, privileged access controls and zero-trust principles to ensure every access request is verified, not assumed
The next phase demands a shift toward passwordless architectures, least-privilege principles, continuous authentication, just-in-time access and behavioural monitoring
Story 4SecurityBrief Australia

KnowBe4 adds AI secure coding training with partner

Signal moderateDirectional
Source notes [4]Read source

What happened

KnowBe4 partnered with Secure Code Warrior to add secure-coding training for AI-assisted development workflows, offering multi-language interactive modules covering OWASP and AI-specific risks. The content is available to certain KnowBe4 subscription tiers, making it usable as a baseline for contractually required developer training. Procurement should verify inclusion vs upsell and require proof-of-completion where used as a compliance control

Buyer takeaway

Make secure-coding and AI-risk training a negotiable contract item or KPIs for development suppliers, not just a nice-to-have

Cost / money

Bundled training can appear as an upsell but can reduce downstream remediation costs if tied to acceptance gates

Supplier / commercial

Training availability may be used by suppliers to justify longer contracts or premium support tiers; procurement should specify training delivery and proof requirements

Safety / operations

Better-trained developers reduce supply-chain and application-layer risks, which directly supports operational stability

What to watch

Watch for training being offered only on top-tier subscriptions—verify inclusion before relying on it for compliance

Key facts

  • 31 learning activities across nine series covering threat modelling and OWASP risks
  • Supports multiple programming languages and eight spoken languages
  • Targeted at organisations using AI-assisted development

Source excerpts

JOSEPH GABRIEL LAGONSIN News Editor AI risk overview KnowBe4 has partnered with Secure Code Warrior to offer secure coding training for organisations with technical teams, adding specialist content to KnowBe4's training library
KnowBe4 and Secure Code Warrior cited data showing that 72% of developers now use AI in their daily workflows, increasing the need for training in software governance and secure coding practices
JOSEPH GABRIEL LAGONSIN News Editor AI risk overview KnowBe4 has partnered with Secure Code Warrior to offer secure coding training for organisations with technical teams, adding specialist content to KnowBe4's training library. The new offering targets businesses managing the security implications of AI-assisted software development

VP Snapshot

Executive Risk & Action View

Group-IB’s Gartner Leader placement makes unified threat‑intelligence bundles a real procurement category; buyers should expect proposals that combine telemetry, fraud data and managed investigations and plan how investigation costs and SLAs will be allocated.

Overall
58
Cost
97
Supply
25
Schedule
56
Compliance
15

Top signals

30-180dcost

Signal 1: Cost / money

Unified threat-intel managed bundles can move spend from one-off licences to recurring managed-service OPEX, reducing discrete price competition and changing how incident costs are passed through.

Signal 2: Cost / money

API-driven connectivity lowers manual ordering cost but introduces upfront integration, testing and change-management spending that should be budgeted as procurement line items.

Signal 3: Cost / money

Identity upgrades (passwordless/FIDO2) create short-term integration and access-management costs while reducing downstream incident recovery and forensic exposure risk.

180d+cost

Signal 4: Supplier / commercial

Vendors recognised as leaders (Group-IB) will press for longer managed contracts and bundled scopes; procurement must push explicit investigation scope, cost allocation and SLA exit gates.

30-180dcommercial

Signal 5: Supplier / commercial

Connectivity platform vendors may include platform terms and runbooks that shift operational authorities; buyers should resist one-sided change control and demand auditability and rollback clauses.

Signal 6: Supplier / commercial

Training partners (KnowBe4 + Secure Code Warrior) create an upsell route where training is bundled into premium tiers; verify whether training is included or an extra charge before relying on it in evaluations.

Recommended actions

OpsDue 3d

Map systems and teams that would be affected by programmatic network ordering and identify owners for each integration point.

Inventory of systems, owners and integration readiness notes to inform contract negotiations and testing plans.

ContractsDue 3d

Request current identity and access posture evidence from critical suppliers, including MFA support, FIDO2 readiness and policies for unmanaged or shadow accounts.

Documented supplier identity posture to attach to renewals or SOWs and to triage suppliers needing remediation.

ContractsDue 21d

Draft contract addenda requiring audit logs, explicit rollback gates and tested change-control processes for any API-driven connectivity platform.

Addendum template to use in RFXs and renewals that preserves buyer control over network automation actions.

CategoryDue 21d

Add secure-coding and AI-risk training completion as a scoring item or contractual deliverable for developer suppliers, using KnowBe4 content as a baseline where appropriate.

Updated supplier evaluation criteria or SOW clause requiring proof of training completion or an approved training plan.

CategoryDue 60d

Run a sourcing review comparing unified threat‑intelligence managed bundles versus best‑of‑breed tooling, with explicit clauses for incident investigation scope, cost pass-throu...

Sourcing recommendation and contract language templates that allocate investigation obligations and costs clearly between buyer and supplier.

OpsDue 60d

Plan a passwordless (FIDO2) pilot for a low-risk user group and include supplier account governance checks as part of the pilot acceptance criteria.

Pilot report documenting integration issues, supplier access gaps, and recommended rollout path for wider passwordless adoption.

Risk register

RiskTriggerMitigation
Watch for vendors to shorten quote validity and push tighter mobilization or onboarding timelines as managed‑service wins increase; shorter windows reduce buyer negotiation room and raise dependency risk.Watch for vendors to shorten quote validity and push tighter mobilization or onboarding timelines as managed‑service wins increase; shorter windows reduce buyer negotiation room and raise dependency risk.Confirm exposure with category, contracts, and operations before the next supplier commitment.
Watch for secure-coding or identity features to be gated behind higher subscription tiers; do not assume inclusion—verify proof-of-delivery or list as mandatory in SOWs.Watch for secure-coding or identity features to be gated behind higher subscription tiers; do not assume inclusion—verify proof-of-delivery or list as mandatory in SOWs.Confirm exposure with category, contracts, and operations before the next supplier commitment.

CM Snapshot

Category Manager Decision Detail

Today's priorities

Map systems and teams that would be affected by programmatic network ordering and identify owners for each integration point.

because Telstra’s Adaptive Networks Centre makes connectivity programmatic and you need to know which applications and teams will be impacted before accepting API-enabled orderi...

Due 3d

high

CM move

Use this as the immediate supplier or contract action to move before the next sourcing gate.

Request current identity and access posture evidence from critical suppliers, including MFA support, FIDO2 readiness and policies for unmanaged or shadow accounts.

because password and unmanaged-account research shows credential and AI-related leakage risk and supplier access is a direct attack surface that should be verified before renewa...

Due 3d

high

CM move

Use this as the immediate supplier or contract action to move before the next sourcing gate.

Draft contract addenda requiring audit logs, explicit rollback gates and tested change-control processes for any API-driven connectivity platform.

because programmatic network changes transfer execution risk to platform interfaces and contracts must define responsibility, testing obligations and rollback steps before produ...

Due 21d

high

CM move

Use this as the immediate supplier or contract action to move before the next sourcing gate.

Add secure-coding and AI-risk training completion as a scoring item or contractual deliverable for developer suppliers, using KnowBe4 content as a baseline where appropriate.

because the KnowBe4 partnership provides targeted content for AI-assisted development and requiring training reduces the chance of baked-in vulnerabilities from supplier-deliver...

Due 21d

high

CM move

Use this as the immediate supplier or contract action to move before the next sourcing gate.

Supplier radar

SecurityBrief Australia

high

Observed supplier signal

Vendors recognised as leaders (Group-IB) will press for longer managed contracts and bundled scopes; procurement must push explicit investigation scope, cost allocation and SLA exit gates.

Commercial implication

Vendors recognised as leaders (Group-IB) will press for longer managed contracts and bundled scopes; procurement must push explicit investigation scope, cost allocation and SLA exit gates.

Next step: Validate the source-backed signal with incumbents and alternates before the next award or pricing decision.

SecurityBrief Australia

high

Observed supplier signal

Connectivity platform vendors may include platform terms and runbooks that shift operational authorities; buyers should resist one-sided change control and demand auditability and rollback clauses.

Commercial implication

Connectivity platform vendors may include platform terms and runbooks that shift operational authorities; buyers should resist one-sided change control and demand auditability and rollback clauses.

Next step: Validate the source-backed signal with incumbents and alternates before the next award or pricing decision.

SecurityBrief Australia

high

Observed supplier signal

Training partners (KnowBe4 + Secure Code Warrior) create an upsell route where training is bundled into premium tiers; verify whether training is included or an extra charge before relying on it in evaluations.

Commercial implication

Training partners (KnowBe4 + Secure Code Warrior) create an upsell route where training is bundled into premium tiers; verify whether training is included or an extra charge before relying on it in evaluations.

Next step: Validate the source-backed signal with incumbents and alternates before the next award or pricing decision.

Negotiation levers

Map systems and teams that would be affected by programmatic network ordering and identify owners for each integration point.

When to use: because Telstra’s Adaptive Networks Centre makes connectivity programmatic and you need to know which applications and teams will be impacted before accepting API-enabled orderi...

Expected outcome: Inventory of systems, owners and integration readiness notes to inform contract negotiations and testing plans.

Commercial mechanism to carry into the next supplier conversation

Request current identity and access posture evidence from critical suppliers, including MFA support, FIDO2 readiness and policies for unmanaged or shadow accounts.

When to use: because password and unmanaged-account research shows credential and AI-related leakage risk and supplier access is a direct attack surface that should be verified before renewa...

Expected outcome: Documented supplier identity posture to attach to renewals or SOWs and to triage suppliers needing remediation.

Commercial mechanism to carry into the next supplier conversation

Draft contract addenda requiring audit logs, explicit rollback gates and tested change-control processes for any API-driven connectivity platform.

When to use: because programmatic network changes transfer execution risk to platform interfaces and contracts must define responsibility, testing obligations and rollback steps before produ...

Expected outcome: Addendum template to use in RFXs and renewals that preserves buyer control over network automation actions.

Commercial mechanism to carry into the next supplier conversation

Add secure-coding and AI-risk training completion as a scoring item or contractual deliverable for developer suppliers, using KnowBe4 content as a baseline where appropriate.

When to use: because the KnowBe4 partnership provides targeted content for AI-assisted development and requiring training reduces the chance of baked-in vulnerabilities from supplier-deliver...

Expected outcome: Updated supplier evaluation criteria or SOW clause requiring proof of training completion or an approved training plan.

Commercial mechanism to carry into the next supplier conversation

Talking points

Group-IB’s Gartner Leader placement makes unified threat‑intelligence bundles a real procurement category; buyers should expect proposals that combine telemetry, fraud data and managed investigations and plan how investigation costs and SLAs will be allocated.
Telstra’s Adaptive Networks Centre shifts connectivity from manual ordering to API-driven operations, so integration, automation testing and rollback controls need to be treated as procurement deliverables rather than implementation footnotes.
Password-based authentication is being framed as insufficient where AI tools and unmanaged accounts leak secrets; procurement should prioritise identity controls, supplier account governance and contract clauses that require modern auth support.
KnowBe4’s secure-coding content for AI-assisted development creates a practical contract lever: require developer training or proof-of-completion in SOWs to reduce supply-side software risk.

Supplier radar

SupplierSignalImplicationNext stepConfidence
SecurityBrief AustraliaVendors recognised as leaders (Group-IB) will press for longer managed contracts and bundled scopes; procurement must push explicit investigation scope, cost allocation and SLA exit gates.Vendors recognised as leaders (Group-IB) will press for longer managed contracts and bundled scopes; procurement must push explicit investigation scope, cost allocation and SLA exit gates.Validate the source-backed signal with incumbents and alternates before the next award or pricing decision.high
SecurityBrief AustraliaConnectivity platform vendors may include platform terms and runbooks that shift operational authorities; buyers should resist one-sided change control and demand auditability and rollback clauses.Connectivity platform vendors may include platform terms and runbooks that shift operational authorities; buyers should resist one-sided change control and demand auditability and rollback clauses.Validate the source-backed signal with incumbents and alternates before the next award or pricing decision.high
SecurityBrief AustraliaTraining partners (KnowBe4 + Secure Code Warrior) create an upsell route where training is bundled into premium tiers; verify whether training is included or an extra charge before relying on it in evaluations.Training partners (KnowBe4 + Secure Code Warrior) create an upsell route where training is bundled into premium tiers; verify whether training is included or an extra charge before relying on it in evaluations.Validate the source-backed signal with incumbents and alternates before the next award or pricing decision.high

Negotiation levers

  • Map systems and teams that would be affected by programmatic network ordering and identify owners for each integration point.because Telstra’s Adaptive Networks Centre makes connectivity programmatic and you need to know which applications and teams will be impacted before accepting API-enabled orderi...Inventory of systems, owners and integration readiness notes to inform contract negotiations and testing plans.

    high confidence

  • Request current identity and access posture evidence from critical suppliers, including MFA support, FIDO2 readiness and policies for unmanaged or shadow accounts.because password and unmanaged-account research shows credential and AI-related leakage risk and supplier access is a direct attack surface that should be verified before renewa...Documented supplier identity posture to attach to renewals or SOWs and to triage suppliers needing remediation.

    high confidence

  • Draft contract addenda requiring audit logs, explicit rollback gates and tested change-control processes for any API-driven connectivity platform.because programmatic network changes transfer execution risk to platform interfaces and contracts must define responsibility, testing obligations and rollback steps before produ...Addendum template to use in RFXs and renewals that preserves buyer control over network automation actions.

    high confidence

  • Add secure-coding and AI-risk training completion as a scoring item or contractual deliverable for developer suppliers, using KnowBe4 content as a baseline where appropriate.because the KnowBe4 partnership provides targeted content for AI-assisted development and requiring training reduces the chance of baked-in vulnerabilities from supplier-deliver...Updated supplier evaluation criteria or SOW clause requiring proof of training completion or an approved training plan.

    high confidence

What to do / What to watch

What to do now

  • Map systems and teams that would be affected by programmatic network ordering and identify owners for each integration point.

    Why: because Telstra’s Adaptive Networks Centre makes connectivity programmatic and you need to know which applications and teams will be impacted before accepting API-enabled orderi...

    Owner: Ops

    Expected outcome: Inventory of systems, owners and integration readiness notes to inform contract negotiations and testing plans.

    [2]
  • Request current identity and access posture evidence from critical suppliers, including MFA support, FIDO2 readiness and policies for unmanaged or shadow accounts.

    Why: because password and unmanaged-account research shows credential and AI-related leakage risk and supplier access is a direct attack surface that should be verified before renewa...

    Owner: Contracts

    Expected outcome: Documented supplier identity posture to attach to renewals or SOWs and to triage suppliers needing remediation.

    [3]

Next few weeks

  • Draft contract addenda requiring audit logs, explicit rollback gates and tested change-control processes for any API-driven connectivity platform.

    Why: because programmatic network changes transfer execution risk to platform interfaces and contracts must define responsibility, testing obligations and rollback steps before produ...

    Owner: Contracts

    Expected outcome: Addendum template to use in RFXs and renewals that preserves buyer control over network automation actions.

    [2]
  • Add secure-coding and AI-risk training completion as a scoring item or contractual deliverable for developer suppliers, using KnowBe4 content as a baseline where appropriate.

    Why: because the KnowBe4 partnership provides targeted content for AI-assisted development and requiring training reduces the chance of baked-in vulnerabilities from supplier-deliver...

    Owner: Category

    Expected outcome: Updated supplier evaluation criteria or SOW clause requiring proof of training completion or an approved training plan.

    [4]

Longer view

  • Run a sourcing review comparing unified threat‑intelligence managed bundles versus best‑of‑breed tooling, with explicit clauses for incident investigation scope, cost pass-throu...

    Why: because Group-IB’s market position indicates more bundled offers will appear and buyers must decide whether managed bundles or discrete tooling better preserve cost control and...

    Owner: Category

    Expected outcome: Sourcing recommendation and contract language templates that allocate investigation obligations and costs clearly between buyer and supplier.

    [1]
  • Plan a passwordless (FIDO2) pilot for a low-risk user group and include supplier account governance checks as part of the pilot acceptance criteria.

    Why: because evidence of credential leakage and AI-related prompt exposure recommends moving away from reusable passwords and a pilot will reveal integration and supplier-access gaps...

    Owner: Ops

    Expected outcome: Pilot report documenting integration issues, supplier access gaps, and recommended rollout path for wider passwordless adoption.

    [3]

What to watch

  • Watch for vendors to shorten quote validity and push tighter mobilization or onboarding timelines as managed‑service wins increase; shorter windows reduce buyer negotiation room and raise dependency risk
  • Watch for secure-coding or identity features to be gated behind higher subscription tiers; do not assume inclusion—verify proof-of-delivery or list as mandatory in SOWs
  • Watch for vendors to shorten quote validity and push tighter mobilization or onboarding timelines as managed‑service wins increase; shorter windows reduce buyer negotiation room and raise dependency risk.: Watch for vendors to shorten quote validity and push tighter mobilization or onboarding timelines as managed‑service wins increase; shorter windows reduce buyer negotiation room and raise dependency risk
  • Watch for secure-coding or identity features to be gated behind higher subscription tiers; do not assume inclusion—verify proof-of-delivery or list as mandatory in SOWs.: Watch for secure-coding or identity features to be gated behind higher subscription tiers; do not assume inclusion—verify proof-of-delivery or list as mandatory in SOWs
  • Group-IB’s Gartner Leader placement makes unified threat‑intelligence bundles a real procurement category; buyers should expect proposals that combine telemetry, fraud data and managed investigations and plan how investigation costs and SLAs will be allocated
  • Telstra’s Adaptive Networks Centre shifts connectivity from manual ordering to API-driven operations, so integration, automation testing and rollback controls need to be treated as procurement deliverables rather than implementation footnotes
  • Password-based authentication is being framed as insufficient where AI tools and unmanaged accounts leak secrets; procurement should prioritise identity controls, supplier account governance and contract clauses that require modern auth support
  • KnowBe4’s secure-coding content for AI-assisted development creates a practical contract lever: require developer training or proof-of-completion in SOWs to reduce supply-side software risk

Market pulse

IndexLatestChangeAs of
Palo Alto (PANW)320 +0.00 (+0.00%)May 10, 2026, 10:10 PM
CrowdStrike (CRWD)285 +0.00 (+0.00%)May 10, 2026, 10:10 PM
Zscaler (ZS)195 +0.00 (+0.00%)May 10, 2026, 10:10 PM
Fortinet (FTNT)72 +0.00 (+0.00%)May 10, 2026, 10:10 PM
  • Palo Alto: Investor attention on integrated security platforms supports procurement focus on bundled threat intelligence and managed detection services
  • Fortinet: Fortinet index movement underscores market emphasis on network security and the need to align connectivity and security contracts

Sources

Inline citations jump here. Expand a source to read the excerpt, the AI interpretation, and the original link.

[1] Group-IB named a Leader in Gartner cyberthreat report

securitybrief.com.au · n.d.

Expand

AI reading

Group-IB was named a Leader in Gartner’s first Magic Quadrant for Cyberthreat Intelligence Technologies. The recognition highlights its unified platform combining dark-web monitoring, fraud telemetry and managed investigations, signalling more bundled, investigation-capable offers in market. Procurement should watch whether suppliers fold incident response obligations into subscriptions and how they price pass-through investigation costs

Buyer takeaway

Treat unified threat intelligence as a distinct procurement category: sellers will bundle telemetry, fraud data and managed investigations which changes SLA, escalation, and cost-allocation expectations

Cost / money

Buying a managed, unified platform can move spend from capital licences to recurring managed-service fees and reduce price competition on discrete components

Supplier / commercial

Vendors recognised by analysts gain leverage to upsell managed services and longer terms; procurement should push clear incident cost-sharing and predefined investigation scopes

Safety / operations

Operational readiness must include verified integration of predictive indicators and incident handover processes; unclear scopes increase response time and recovery risk

What to watch

Watch for shorter quote windows and bundled scopes that hide pass-through investigation costs

Key facts

  • Named a Leader in Gartner’s first Magic Quadrant for Cyberthreat Intelligence Technologies
  • One of five vendors placed in the Leader category out of 18 assessed
  • Built on 21 years of telemetry and 1,500+ joint investigations with law enforcement

Source excerpts

The ranking gives Group-IB a prominent position in a new market category for threat intelligence tools, as organisations face growing overlap between cybercrime, fraud and ransomware operations
Eighteen vendors were reviewed on the usual criteria of completeness of vision and ability to execute, with only five placed in the Leaders quadrant. That matters for suppliers in a crowded cybersecurity sector, where product categories often overlap and buyers rely on analyst rankings to compare vendors
Group-IB has been named a Leader in Gartner's first Magic Quadrant for Cyberthreat Intelligence Technologies

Used in this brief

  • Next quarter — Run a sourcing review comparing unified threat‑intelligence managed bundles versus best‑of‑breed tooling, with explicit clauses for incident investigation scope, cost pass-throu.... Rationale: because Group-IB’s market position indicates more bundled offers will appear and buyers must decide whether managed bundles or discrete tooling better preserve cost control and.... Owner: Category. KPI: Sourcing recommendation and contract language templates that allocate investigation obligations and costs clearly between buyer and supplier
  • Watch for vendors to shorten quote validity and push tighter mobilization or onboarding timelines as managed‑service wins increase; shorter windows reduce buyer negotiation room and raise dependency risk
  • Added Group-IB Gartner Magic Quadrant recognition as a buyer signal for unified threat-intel bundles (article 1)
Open original source

[2] Telstra launches Adaptive Networks Centre for businesses

securitybrief.com.au · n.d.

Expand

AI reading

Telstra launched an Adaptive Networks Centre offering an API-first platform for quoting, ordering and managing enterprise connectivity. The initial release supports dedicated fibre and next-gen broadband with planned expansion to Layer 2, satellite and IPVPN, making connectivity programmatic rather than manual. Buyers should validate integration dependencies, automation safety and rollback controls before treating programmatic ordering as standard

Buyer takeaway

Require clear integration runbooks, rollback procedures and SLAs before accepting programmatic connectivity to avoid baked-in operational dependencies

Cost / money

Lower manual ordering costs may be offset by upfront integration, testing and change-management expenses

Supplier / commercial

Connectivity vendors may seek platform-terms that standardise ordering flows; procurement should resist one-sided change authorities and require audit logs

Safety / operations

Automated network changes increase risk of misconfiguration; operations must validate automation safety and rollback testing before production use

What to watch

Watch for vendor terms that shift change-authority and incident response timing to the provider without reciprocal buyer controls

Key facts

  • API-first platform for design, quoting, ordering and management
  • Initial support for dedicated fibre and next-generation broadband
  • Planned expansion to Layer 2, Satellite and IPVPN services

Source excerpts

The API-first architecture enables a single intuitive interface for managing connectivity. Marty McGrath, Telstra's Group Owner for Fixed Connectivity in Product and Technology function says, "Adaptive Networks Centre provides digital quoting and design, ordering, visibility and management of network services with much more speed and control than traditional models
By embracing an API-driven network platform that enables organisations to procure, configure and consume network services in the way that best suits them they can continue to innovate, so their businesses are ready for the challenges that lie ahead," says McGrath
ANTHONY CARUANA Interview Editor Telstra's new Adaptive Networks Centre (ANC) is a digital platform that delivers a step-change experience to enterprise and business customers. The API-first architecture enables a single intuitive interface for managing connectivity

Used in this brief

  • Next 72 hours — Map systems and teams that would be affected by programmatic network ordering and identify owners for each integration point.. Rationale: because Telstra’s Adaptive Networks Centre makes connectivity programmatic and you need to know which applications and teams will be impacted before accepting API-enabled orderi.... Owner: Ops. KPI: Inventory of systems, owners and integration readiness notes to inform contract negotiations and testing plans
  • Next 2-4 weeks — Draft contract addenda requiring audit logs, explicit rollback gates and tested change-control processes for any API-driven connectivity platform.. Rationale: because programmatic network changes transfer execution risk to platform interfaces and contracts must define responsibility, testing obligations and rollback steps before produ.... Owner: Contracts. KPI: Addendum template to use in RFXs and renewals that preserves buyer control over network automation actions
  • New inclusion of Telstra’s Adaptive Networks Centre as an API-driven connectivity procurement variable (article 10)
Open original source

[3] Experts warn passwords no longer sufficient in AI era

securitybrief.com.au · n.d.

Expand

AI reading

Experts warn passwords are increasingly inadequate as employees paste sensitive data into AI tools and attackers scale credential attacks. Research cited indicates a non-trivial share of GenAI prompts pose a high risk of data leakage and many risky actions occur from unmanaged personal accounts. Procurement should prioritise passwordless/FIDO2 pilots, supplier account governance and contract clauses requiring modern authentication support

Buyer takeaway

Accelerate identity-first controls in sourcing and renewals; require suppliers to demonstrate FIDO2 or equivalent readiness and shadow-account controls

Cost / money

Identity upgrades shift some budget to access-management projects and may reduce incident recovery costs long-term but increase short-term integration spend

Supplier / commercial

Suppliers without modern auth support may be deprioritised or require transition plans, affecting supplier pools and pricing leverage

Safety / operations

Weak credentials and unmanaged accounts are a live operational risk that can cause broader service outages or data loss when combined with AI leakage

What to watch

Watch for suppliers to claim support for passwordless without providing integration or proof-of-deployment

Key facts

  • Research shows a meaningful share of GenAI prompts pose high data-leak risk
  • High share of risky AI prompts originate from unmanaged personal accounts
  • Recommended shift to passwordless/FIDO2 and stronger access governance

Source excerpts

Ultimately, reducing reliance on passwords starts with a more proactive approach to identity and access management across the business
At Adactin, we see this as a clear call for organisations to move beyond basic password hygiene and adopt a more holistic, identity-first security model. This includes combining multi-factor authentication, privileged access controls and zero-trust principles to ensure every access request is verified, not assumed
The next phase demands a shift toward passwordless architectures, least-privilege principles, continuous authentication, just-in-time access and behavioural monitoring

Used in this brief

  • Cost / money: Identity upgrades (passwordless/FIDO2) create short-term integration and access-management costs while reducing downstream incident recovery and forensic exposure risk
  • Next 72 hours — Request current identity and access posture evidence from critical suppliers, including MFA support, FIDO2 readiness and policies for unmanaged or shadow accounts.. Rationale: because password and unmanaged-account research shows credential and AI-related leakage risk and supplier access is a direct attack surface that should be verified before renewa.... Owner: Contracts. KPI: Documented supplier identity posture to attach to renewals or SOWs and to triage suppliers needing remediation
  • Next quarter — Plan a passwordless (FIDO2) pilot for a low-risk user group and include supplier account governance checks as part of the pilot acceptance criteria.. Rationale: because evidence of credential leakage and AI-related prompt exposure recommends moving away from reusable passwords and a pilot will reveal integration and supplier-access gaps.... Owner: Ops. KPI: Pilot report documenting integration issues, supplier access gaps, and recommended rollout path for wider passwordless adoption
Open original source

[4] KnowBe4 adds AI secure coding training with partner

securitybrief.com.au · n.d.

Expand

AI reading

KnowBe4 partnered with Secure Code Warrior to add secure-coding training for AI-assisted development workflows, offering multi-language interactive modules covering OWASP and AI-specific risks. The content is available to certain KnowBe4 subscription tiers, making it usable as a baseline for contractually required developer training. Procurement should verify inclusion vs upsell and require proof-of-completion where used as a compliance control

Buyer takeaway

Make secure-coding and AI-risk training a negotiable contract item or KPIs for development suppliers, not just a nice-to-have

Cost / money

Bundled training can appear as an upsell but can reduce downstream remediation costs if tied to acceptance gates

Supplier / commercial

Training availability may be used by suppliers to justify longer contracts or premium support tiers; procurement should specify training delivery and proof requirements

Safety / operations

Better-trained developers reduce supply-chain and application-layer risks, which directly supports operational stability

What to watch

Watch for training being offered only on top-tier subscriptions—verify inclusion before relying on it for compliance

Key facts

  • 31 learning activities across nine series covering threat modelling and OWASP risks
  • Supports multiple programming languages and eight spoken languages
  • Targeted at organisations using AI-assisted development

Source excerpts

JOSEPH GABRIEL LAGONSIN News Editor AI risk overview KnowBe4 has partnered with Secure Code Warrior to offer secure coding training for organisations with technical teams, adding specialist content to KnowBe4's training library
KnowBe4 and Secure Code Warrior cited data showing that 72% of developers now use AI in their daily workflows, increasing the need for training in software governance and secure coding practices
JOSEPH GABRIEL LAGONSIN News Editor AI risk overview KnowBe4 has partnered with Secure Code Warrior to offer secure coding training for organisations with technical teams, adding specialist content to KnowBe4's training library. The new offering targets businesses managing the security implications of AI-assisted software development

Used in this brief

  • Supplier / commercial: Training partners (KnowBe4 + Secure Code Warrior) create an upsell route where training is bundled into premium tiers; verify whether training is included or an extra charge before relying on it in evaluations
  • Next 2-4 weeks — Add secure-coding and AI-risk training completion as a scoring item or contractual deliverable for developer suppliers, using KnowBe4 content as a baseline where appropriate.. Rationale: because the KnowBe4 partnership provides targeted content for AI-assisted development and requiring training reduces the chance of baked-in vulnerabilities from supplier-deliver.... Owner: Category. KPI: Updated supplier evaluation criteria or SOW clause requiring proof of training completion or an approved training plan
  • Watch for secure-coding or identity features to be gated behind higher subscription tiers; do not assume inclusion—verify proof-of-delivery or list as mandatory in SOWs
Open original source

[5] Palo Alto

finance.yahoo.com · n.d.

Expand
Open original source

[6] Fortinet

finance.yahoo.com · n.d.

Expand
Open original source
More from IT, Telecom & CyberBack to Executive View