Security Risk Advisors

🚀 Available now! SRA has published The Purple Perspective 2026 report - an analysis of real-world detection and prevention performance against a curated set of high-priority adversary techniques.

✨ This report is based on the ex*****on of over 160 purple team exercises and 8,300 TTPs.

🔗 Get the free report at: https://vectr.io/purple-perspective-2026/

The report includes:
🟪 A review of the cyber threat landscape
🟪 Analysis of the most and least successful test cases
🟪 Top Priorities for Defensive Improvement in 2026
🟪 Industry-specific performance tear sheets

OpenClaw is not just another AI app—it’s a privileged automation runtime that demands a new level of security vigilance. Our latest blog by Chris Salerno explores how CISOs can address the atypical threats posed by OpenClaw-class agents. Learn how to adapt your security posture to this emerging challenge.

A CISO’s Guide to OpenClaw: Chat became Control - Security Risk Advisors OpenClaw-class agents are redefining enterprise security risks. This blog by Chris Salerno explains how CISOs can address the unique challenges posed by these privileged automation runtimes, from persistent memory risks to supply chain vulnerabilities.

Starting July 2026, Microsoft 365 E3/E5 customers will gain access to the full Intune Suite, transforming endpoint management capabilities. Our latest blog explores what's included, how to plan for adoption, and how organizations can simplify their endpoint stack while enhancing visibility, privilege management, and app deployment. Dive into the details and prepare for the future of endpoint management.

Intune Suite Is Included in E3/E5 Starting July 2026: What's Included and How to Plan for Adoption. - Security Risk Advisors Discover how the inclusion of Intune Suite in Microsoft 365 E3/E5 licenses starting July 2026 will transform endpoint management. Explore features like Advanced Analytics, Endpoint Privilege Management, and Cloud PKI, and learn how to plan for adoption effectively.

How can AI truly enhance cybersecurity incident response? Dive into our latest blog exploring ExCyTIn-Bench, a groundbreaking framework for benchmarking AI investigative capabilities in realistic SOC environments. Learn how advanced reasoning strategies and process engineering can unlock the full potential of AI in cybersecurity.

Examining the ExCYTIn-Bench Approach for Benchmarking AI Incident Response Capabilities - Security Risk Advisors VECTR™ helps facilitate the process to test controls, record outcomes and report on your resilience and improvement over time.

The 2026 Threat Simulation Index is here! With contributions from over 100 organizations, this annual update reflects the latest adversary tactics, techniques, and procedures (TTPs). Featuring 55 test cases aligned with MITRE ATT&CK, it’s designed to help organizations measure and improve their threat resilience. Read the detailed release notes here!

Threat Simulation Index 2026 Release - Security Risk Advisors The 2026 Threat Simulation Index ("Threat Index" or TSI) is a Threat-Driven Test Plan built annually with 100+ organizations across sectors. It changes annually so that it can reflect updated threat groups, software, and active TTPs used by adversaries. The Threat Index includes 55 test cases, appli...

Discover how ExCyTIn-Bench is redefining AI evaluation in cybersecurity investigations. This open-source framework immerses AI agents in realistic SOC environments, testing their investigative reasoning and evidence synthesis capabilities. Learn how Security Risk Advisors is leveraging this innovation to empower security teams with cutting-edge tools and insights. Dive into the blog now!
🔗

Closing the Gap in Cyber Resilience: Why AI Investigation Benchmarks Matter for CISOs - Security Risk Advisors Explore ExCyTIn-Bench, an open-source framework for evaluating AI in cybersecurity investigations. Learn how it challenges AI agents with realistic SOC scenarios, testing their reasoning, query formulation, and evidence synthesis capabilities.

Microsoft's latest AI-powered Purview capabilities promise to modernize data security investigations and posture management. But are organizations ready to deploy them effectively? Our latest blog explores the nuances, challenges, and cost considerations to help you make informed decisions.

The Shiny New Object: Is It Worth Deploying Purview’s New AI Functionality Yet? - Security Risk Advisors Microsoft released a lot of new, AI-specific Purview functionality in 2025. But unless your organization has already mastered the basics, these exciting new features may add less value than you think.

Microsoft Ignite 2025 unveiled groundbreaking security advancements that will shape the future of cybersecurity in 2026. From AI-driven governance to passwordless authentication and autonomous threat response, these innovations are set to redefine how organizations protect their environments. Explore Greg Stachura and Kevin Foster's analysis of the top six announcements and their practical implications for your security strategy.
https://sra.io/blog/microsoft-ignite-2025-the-6-security-announcements-shaping-2026/

Microsoft Ignite 2025: The 6 Security Announcements Shaping 2026 - Security Risk Advisors Microsoft Ignite 2025 introduced six pivotal security updates, including AI governance tools, passwordless authentication, and autonomous threat response. Discover how these innovations can transform your security operations in 2026.

🦃 SRA wishes everyone a Happy Thanksgiving!

We are so grateful for our incredible clients, team, partners, and more.

We want you to feel safe every day of the year, including the holidays. Explore our partnerships that work to protect YOU!
🔗 https://sra.io/partnerships/

Security Risk Advisors is proud to announce the general availability of CrowPilot, our innovative AI agent, in the Microsoft Security Store. CrowPilot bridges the gap between Microsoft Security Copilot and CrowdStrike Falcon EDR, enabling smarter, faster threat response for organizations with mixed security environments.

PRESS RELEASE: CrowPilot by Security Risk Advisors now generally available in Microsoft Security Copilot - Security Risk Advisors Security Risk Advisors announces the general availability of CrowPilot in the Microsoft Security Store, an AI agent that integrates Microsoft Security Copilot with CrowdStrike Falcon EDR, empowering SOC teams to streamline operations and achieve faster, smarter threat responses.

Our latest blog from and Richard Andrews dives into the rise of FileFix, a dangerous evolution of ClickFix, and provides actionable strategies to protect your organization. Learn how to stay ahead of these threats.

As ClickFix Continues to Surge: Filefix Emerges as a Similarly Dangerous Social Engineering Tactic - Security Risk Advisors FileFix, an evolution of the ClickFix social engineering tactic, is rapidly gaining traction. Learn how it works, its impact on organizations, and the steps your security team can take to detect and mitigate this growing threat.