AISLE, a pioneer in AI-native vulnerability lifecycle management, has introduced AISLE Snapshot, a new offering that gives regulated and security-sensitive enterprises access to frontier-class vulnerability detection inside their own environments, at a fraction of the cost, with source code and security data that never leave their control.

Organizations are under increasing pressure to secure growing codebases against a rapidly expanding vulnerability landscape. Reported CVEs are up 42.5% year-over-year through mid-2026, and attackers are leveraging AI to accelerate discovery and exploitation at the same pace. Yet many organizations remain locked out of the best tools by data sovereignty, compliance, and operational constraints.

AISLE Snapshot deploys AISLE’s frontier-class vulnerability discovery technology directly inside the customer’s private cloud, on-premises, or fully air-gapped environment, eliminating the data sovereignty and compliance barriers that have kept the best tools out of reach. Organizations receive verified findings prioritized by business impact, with the full context needed to move from discovery to remediation without delay.

“The organizations with the greatest pressure to secure software often face the strictest requirements around privacy, sovereignty, and operational control,” said Ondrej Vlcek, co-founder and CEO of AISLE. “They can’t send their code to external services, but they also can’t afford to wait or to throw more people at the problem.

To date, AISLE has discovered and responsibly disclosed more than 225 CVEs across widely used software projects, including OpenSSL, Linux, cURL, Apache, Mozilla, Redis, OpenEMR, and Elastic. While Snapshot is focused on vulnerability discovery and prioritization, it is built on the same platform that enables AISLE’s closed-loop approach to vulnerability management, spanning discovery, prioritization, remediation, verification, and self-improvement.

The AISLE platform has been benchmarked against billions of lines of code and delivers an industry-leading signal-to-noise ratio, helping security teams focus on the issues that matter most. AISLE ranks #1 in three categories of UC Berkeley’s independent vulnerability-detection benchmark: CVE volume, CWE breadth, and MITRE Top-25 reach, ahead of Google, Anthropic, and the rest of the field.

Linux Foundation’s Tokenomicon Addresses the Economics of AI

Following the recent announcement of the intent to launch the Tokenomics Foundation, the Linux Foundation recently held its inaugural Tokenomicon, a new conference dedicated to the economics of AI.

As enterprises move generative and agentic AI workloads from pilot to production, AI has become one of the largest and fastest-growing lines on the enterprise technology budget, yet the discipline to measure and govern that spend has not kept pace. Tokenomicon is built to close the gap, giving technology practitioners a neutral, community venue to compare cost and efficiency across models and providers and to turn AI spend into measurable business value.

The Tokenomics community will gather at regional events, including: Amsterdam, September 22-23, 2026, and London, February 8-9, 2027. “Naming the AI cost problem was the easy part. Tokenomicon is where the people actually solving it get in a room together. Practitioners, the companies buying AI at scale, the providers selling it, all working from the same facts. That is how a discipline gets built, and it is how the industry turns token spend into real business value.” said J.R. Storment, Executive Director of the FinOps Foundation.

FOCUS 1.4 builds the bridge to finance

The Linux Foundation also announced general availability of FOCUS v1.4, the open specification that normalizes billing data across cloud, SaaS, data center, and other technology vendors. Ratified by the FOCUS Steering Committee on June 4, 2026, the release adds two datasets and 47 columns with zero incompatible changes for existing implementations. FOCUS 1.4 is the first release that lets engineering, finance, and FinOps teams work from the same billing facts without provider-specific tooling. It closes three gaps: consistent cost recognition across providers through a provider-agnostic covered and covering charge framework, end-to-end invoice reconciliation through the new Invoice Detail and Billing Period datasets, and rigorous standards of data integrity that allow FOCUS to serve as a system of record. The release lays the groundwork for FOCUS 1.5, which will bring unit and token economics into view by introducing provider list pricing and native AI token tracking.

The Foundation also launched two new certifications. The Technology Value certification equips practitioners to manage spend across multiple technology categories and apply the right FinOps approach to each. The AI Value certification extends that discipline to AI and token-based spend, preparing practitioners for the standards taking shape across the Tokenomics Foundation and FOCUS.

Codenotary Reveals New AI Runtime Risks

Codenotary‘s AgentMon AI runtime observability platform has revealed that approximately 7% of all monitored AI-agent interactions triggered security, compliance, or operational anomaly detections, representing roughly 210,000 potentially unsafe or non-compliant AI events daily.

AgentMon is now monitoring more than 3 million AI-agent interactions per day, providing  runtime observability for AI agents, autonomous workflows, and agentic infrastructure, covering interactions between AI systems, tools, APIs, infrastructure, and enterprise data environments. The platform identifies unsafe, anomalous, or policy-violating AI behavior in real time.

According to telemetry collected by AgentMon, the majority of detected anomalies were not associated with traditional malware or external attacks. Instead, most originated from unsafe or unexpected AI behavior occurring inside legitimate enterprise workflows.

Observed runtime risks included:

  • Exposure of sensitive information such as passwords, API tokens, cryptographic material, financial records, healthcare data, and confidential internal documents;
  • AI agents attempting actions outside approved operational boundaries;
  • Interactions with unauthorized external services or restricted enterprise systems;
  • Violations of internal governance controls or industry compliance policies;
  • Recursive workflows and runaway task execution;
  • Excessive token consumption and abnormal retry behavior;
  • Prompt injection attempts and context poisoning indicators;
  • Unsafe external tool usage and anomalous access patterns.

AgentMon is part of Codenotary’s broader portfolio focused on runtime trust, software supply chain integrity, AI observability, and autonomous infrastructure governance.