• Showcased at RSAC 2026, ESET’s upcoming AI security features will protect the full AI conversation flow by scanning both prompts and responses to reduce data exposure and compliance risks.
• Built as browser security features, they will shield against malicious links, scripts, and content generated by LLMs and prevent upload of sensitive and confidential data into public AI systems.
• ESET also presented its new endpoint security capabilities designed to secure personal AI assistants from AI supply chain attacks while creating a free, public ESET AI Skills Checker to detect risky and malicious behavior of AI skills before deployment.

San Diego, Calif. — Apr. 2, 2026 —ESET, a global leader in cybersecurity, today announced upcoming AI protection capabilities designed to safeguard how employees interact with AI tools. Demonstrated at RSAC 2026 and set to launch later this year, the new features will expand visibility in the ESET PROTECT Platform to investigate emerging risks tied to everyday AI usage and agentic AI adoption across an enterprise.

“As companies rely more on AI for productivity and automation, they face growing risks around sensitive data exposure, compliance violations, and misleading outputs,” said Juraj Jánošík, ESET Director of Artificial Intelligence. “Agentic AI is shifting the security battlefield back to the endpoint. ESET has spent over 30 years building leading endpoint protection powered by AI and machine learning, so we’re uniquely positioned to help organizations secure this next wave of AI right where it starts.”

As AI tools become embedded in everyday workflows, many employees are using open cloud chatbots without IT oversight, creating “shadow AI” risks and exposing sensitive data such as internal documents, API keys, secrets, and credentials. ESET addresses this through various technologies that get as close to the source as possible, one of which is a secure browser technology that intercepts AI interactions and analyzes both prompts and responses in real time, helping prevent data exposure and detect malicious or misleading content before it impacts users.

In demonstrations at RSAC 2026, the new AI protection feature flagged malicious URLs submitted through chatbot prompts, logging activity at the endpoint and surfacing it in the ESET PROTECT Platform for investigation. The same approach applies to prompt injection attempts, scripts, and sensitive data inputs, enabling organizations to block or monitor activity in accordance with their policies. Security teams will gain visibility into how AI tools are used across their organization through ESET PROTECT Platform logging, helping them investigate risks and enforce policies more effectively.

As organizations expand their use of agentic AI tools, the attack surface is extending beyond chatbot interactions to include emerging AI supply chain risks. These include compromised AI frameworks and tools, such as trojanized components in widely used libraries like LiteLLM, as well as autonomous agents like OpenClaw that can execute actions on a system with limited oversight. ESET has already been protecting its customers from supply-chain attacks through compromised libraries delivered via standard repositories but is noting a rise in these types of attacks and remains committed to further research and development relating to AI tools.

As part of its broader AI security innovation, ESET launched a free ESET AI Skills Checker at RSAC 2026. Available to non-ESET customers and built on the same technology as ESET’s endpoint security products and ESET LiveGuard, the scanner analyzes AI skills for hidden instructions, malicious code, and risky behavior, using multilayered inspection and cloud-based sandboxing. It is currently available as a built-in feature for existing ESET Endpoint users.

For more than 30 years, ESET has pioneered lightweight, high‑performance endpoint security powered by machine learning and artificial intelligence. These new capabilities extend that foundation by helping organizations defend against today’s rapidly shifting threat landscape, where cybercriminals increasingly harness AI to scale attacks, target employees, and automate sophisticated social engineering.

As the only dedicated cybersecurity member of the Agentic AI Foundation (AAIF), ESET is also working to secure emerging AI agent communication protocols through collaboration with industry leaders like OpenAI, Amazon, Microsoft, and Anthropic. Together, the group is working to establish trusted standards, secure protocol designs, and best practices for AI agent interoperability.

SAN DIEGO, Calif., March 24, 2026 – ESET, a global leader in cybersecurity, today announced that it has received ©Intel vPro Certified App status for ESET PROTECT cybersecurity solutions. This certification validates that ESET PROTECT meets the rigorous efficiency and performance targets set for ©Intel vPro platforms, including enhanced user experience, extended battery life, preserved CPU usage and background performance for business customers.

“At ESET, we believe that world class protection must never come at the cost of performance,” said Juraj Malcho, CTO at ESET. “Reaching Intel ©vPro Certified App status reflects our dedication to innovation by engineering highly efficient security solutions. Through our collaboration with Intel, we’ve been able to elevate the performance and energy efficiency of ESET PROTECT by leveraging the advanced features of Intel’s hardware technologies.”

Since 2022, ESET and Intel have closely collaborated to deliver advanced ransomware protection through ©Intel Threat Detection Technology (Intel TDT) to customers around the world,
and—together—the companies have worked to enable Intel-powered AI PC users to take advantage of Intel’s hybrid processor architecture to access advanced protection and performance benefits. To gain Intel vPro Certified App status, ESET fine-tuned its products to efficiently run on Intel vPro. These efforts have delivered an 86% reduction in background activity, lowered CPU utilization by 72%, and increased power efficiency by 66% on Intel vPro powered PCs1.

As the latest chapter in the collaboration, ESET is in advanced evaluation of detection capabilities for ©Intel Threat Detection Technology – Deep Learning & Trace based Execution Context Tracker (©Intel TDT-DTECT). Intel TDT-DTECT presents a novel approach to detecting malicious activity by leveraging advanced AI techniques to analyze runtime x86 machine code execution, captured directly from the CPU. This method bypasses traditional security strategies that rely on file scanning, behavioral indicators, or cloud sandboxing, focusing instead on the actual instructions executed by the processor in real-time.

“Intel TDT-DTECT introduces a new approach to threat detection by applying AI to processor-level execution tracing, available uniquely with Intel” said Dennis Luo, Sr. Director and GM, Worldwide AI PC Developer Relations at Intel. “We’re working closely with ESET as they are implementing TDT-DTECT to offer commercial users an effective solution to counter advanced malware threats in today’s evolving cybersecurity landscape.”

Intel TDT-DTECT exemplifies a paradigm shift by embedding detection capabilities at the hardware execution level, enhancing security beyond conventional software-based methods. By innovating on top of Intel TDT-DTECT, ESET customers will gain better visibility and overall performance in the following areas:

• Polymorphic Malware Detection: Tracking malware families that constantly regenerate binaries or packers.
• Loader and Sideloading Identification: Detecting sophisticated loader frameworks designed to blend in with legitimate processes.
• Fileless and Memory-Resident Threats: Identifying in-memory payloads that leave no filesystem footprint.
• Distinguishing Legitimate vs Malicious Use: Differentiating benign and malicious execution paths of legitimate binaries.
• Early-Stage Behavior Monitoring: Capturing subtle initialization routines such as API hashing and sandbox checks that typically precede attacks.

These capabilities enable enhanced detection, threat hunting, and intelligence sharing, helping security teams intervene early and proactively.

Visitors to RSAC 2026 are able to hear more about this strategic partnership at ESET’s Booth N-5253 where Intel Corporation’s Global Lead for Security Partner Enabling, Client Computing Group, Tyler Welt, will present with ESET’s Vice President of Enterprise, SMB and MSP, Michal Jankech on the companies’ collaboration and latest innovations. Learn more at https://www.eset.com/us/business/rsac/.

©Intel, the Intel logo and other Intel marks are trademarks of Intel Corporation or its subsidiaries.

¹Based on ESET internal testing comparing Q2’26 Release Presets to the prior versions from Sept. 2025 in a fully configured live IT environment. See http://www.Intel.com/vPro for details. Results may vary.

• ESET to protect cloud virtual machines (VMs) from advanced threats with its new ESET Cloud Workload Protection module.
• While competitors often offer cloud workload protection as a stand-alone offering, ESET includes it at no additional cost for ESET PROTECT customers.  
• Other updates include advanced AI reporting for ESET’s cloud sandboxing technology with autonomous remediation, improved investigations, and expanded integration for AI Advisor into the ESET PROTECT console.

SAN FRANCISCO — March 23, 2026 — ESET, a global leader in cybersecurity, today launched ESET Cloud Workload Protection as part of a comprehensive update for its ESET PROTECT Platform. Announced at RSAC 2026, this new module helps customers to move beyond endpoints and servers to cover cloud workloads, significantly enriching telemetry for detection and response while consolidating security management across endpoint and cloud environments inside a single pane of glass.

“Many businesses, especially those in the midmarket, as well as MSPs, have been steadily adopting cloud features such as virtual machines to enhance their productivity,” said Michal Jankech, Vice President, Enterprise & SMB/MSP at ESET. “About 80% of organizations regard the public cloud as crucial for their digital business initiatives. With ESET Cloud Workload Protection, we have reduced the attack surface for customers by extending our protection to virtual machines running in AWS, Azure, and GCP environments.”

ESET’s Cloud Workload Protection module protects virtual machines in public cloud environments, ingesting cloud VM data into the ESET PROTECT XDR Platform to gain extended visibility. While competitors often offer cloud workload protection as a stand-alone offering, ESET includes it at no additional cost for ESET PROTECT customers (except ESET PROTECT Entry).

With the average cost of a public cloud data breach amounting to a striking $5.17 million per incident—the highest among all environments, this new module cuts complexity with AI-driven automation and gives customers a richer set of tools to respond to threats at every stage of an attack. Known for being lightweight, the module helps IT managers to validate their controls and generate audit evidence for regulatory frameworks such as NIST, CIS, HIPAA, PCI DSS, and others.

Additional improvements to ESET PROTECT include:

• New AI reporting in ESET LiveGuard Advanced, which makes the lives of security specialists easier—providing behavioral reports that detail the actions and characteristics of incidents analyzed by ESET’s cloud sandbox, and autonomous remediation. For those with XDR-enabled subscriptions, these reports are enhanced with AI-generated summaries that simplify complex findings.
• Improved Incident Graphs and Advanced Investigations for EDR and XDR customers that provides a clear visual representation of each incident—enabling security teams to quickly understand the attack, identify the initial entry point, and track its progression over time. Incidents now include richer contextual insights, such as identity-related information, along with overall quality improvements that support faster, more effective investigation and response. Advanced Search features enable fast and flexible investigation across security indicators and related events from multiple security perimeters.
• ESET AI Advisor has been added to the ESET PROTECT console to improve usability and to simplify access to this assistant, previously included only in a dedicated ESET Inspect Incidents section.

Launched ahead of RSAC 2026, visitors to this global cybersecurity tradeshow can visit booth N-5253 to receive a demo of ESET PROTECT and talk to ESET’s threat experts. Details on ESET’s presentation schedule, meeting requests, and booth activities can be found here.

For more information about ESET PROTECT, visit ESET’s website. To find out how these products fared in independent testing, visit MITRE and AV-Comparatives.

• Launching ahead of RSAC 2026, ESET’s stand-alone eCrime reports provide security teams with curated, high‑quality insights into incidents, including key lessons, IoCs, hunting rules, and guidance, to strengthen resilience.  
• ESET Threat Intelligence eCrime Reports deliver a clear, operational view into real-world intrusions and uncover hidden clusters of activity, including TTPs and infrastructure, moving beyond monitoring MaaS and RaaS advertisements.
• Enabled with ESET AI Advisor, security teams are able to rapidly analyze and act upon threats with SOC team-level advisory.

Bratislava, San Diego — March 12, 2026 — ESET, a global leader in cybersecurity, today released eCrime Reports, a new strategic offering in the ESET Threat Intelligence portfolio. As companies have become increasingly overwhelmed by the growth and complexity of ransomware and infostealers, the demand for high-quality, curated cyber threat intelligence (CTI) has grown. With ESET’s new eCrime Reports, businesses have unprecedented access to data that shows how actual incidents unfold, including affiliate-level attack visibility, full attack-chain timelines and tooling, and region-specific telemetry.

“For over 30 years, ESET has helped governments, channel companies, and businesses stay protected from the world’s most advanced cybersecurity threats,” said Roman Kováč, Chief Research Officer at ESET. “Our newly launched eCrime Reports combine technical depth with functional defense guidance – based on feedback from ESET’s threat researchers around the world. This means law enforcement, IT, and security teams don’t just read about threats; they gain insights needed to anticipate attacks, close gaps, and strengthen defenses proactively. Focused on ransomware and infostealers, these eCrime reports help organizations to strengthen their overall cybersecurity postures, particularly in high-stakes environments.”

The new offering comes in two tiers – ESET Threat Intelligence eCrime Reports and ESET Threat Intelligence eCrime Reports Advanced. These curated reports are built on proprietary data and telemetry, with unique insights from real-world intrusions occurring across the globe. By following TTPs, ESET’s eCrime Reports uncover hidden clusters of activity, enabling and enhancing eCrime-related strategic decisions. Moving beyond monitoring MaaS and RaaS Dedicated Leak Sites (DLS), eCrime Reports can be supplemented with ESET’s proprietary intelligence feeds, including Android Infostealer, Malicious Email Attachments, Ransomware, Cryptoscam, Phishing URLs, Scam URLs, Smishing, and more. 

“Quality is essential in threat intelligence data,” said Kováč. “ESET Threat Intelligence customers are able to reduce maintenance and manpower associated with processing feeds – cutting through information overload associated with competitor threat intelligence offerings. Rather than struggling to sift through huge, noncurated external datasets, ESET’s services allow organizations to quickly identify and prioritize emerging business risks and previously unknown threats – giving them more time to accelerate incident response, mount an effective defense, and implement an overall more proactive cybersecurity posture.”

What’s Inside the Reports:

Activity Summary

A high-level overview of recent ransomware and infostealer campaigns distilled into strategic insights. Includes targeting patterns, attack progression, lessons learned, IoCs, and actionable guidance, to improve resilience.

Technical Analysis

Deep-dive reports on specific threat actors, campaigns, and more, detailing the full attack chain – from initial access to data theft. The technical analysis includes attacker tactics, tooling, infrastructure mapping, MITRE ATT&CK® coverage, and associated IoCs.

Monthly Digest

An executive-ready summary of current ransomware and infostealer activities. Outlines key trends, major incidents, and emerging threats, to help leadership set priorities and assess organizational risk.

eCrime Feed

A continuously updated stream of curated IoCs focused on ransomware gangs, their affiliates, and infostealer campaigns, delivered in standard STIX/TAXII format.

ESET AI Advisor (Advanced only)

ESET AI Advisor enables security analysts and decision-makers to rapidly interpret incidents and act upon threats. Built on 20+ years of AI and ML expertise, this generative AI module seamlessly integrates into day-to-day operations of security analysts.

Access to MISP Server (Advanced only)

Direct integration with curated threat intelligence. Automatic IoC ingestion enriches defenses, streamlines workflows, enhances detection, and supports incident response operations.