Page 3 – OpenText Blogs

Spotlight On: #OT4Good in Bengaluru

At OpenText, we believe in taking steps to support a more sustainable and fair future. Our employees are at the heart of this effort, dedicating their time and energy to making a lasting impact in their communities. Whether volunteering their time with the help of three paid volunteer days each year or fundraising for global causes, OpenTexters across the globe are committed to creating positive change. At OpenText we call this: #OT4Good.

In this blog post, we shine a spotlight on the employee-led initiatives in Bengaluru, India, that are helping to drive progress in education and climate action.

Spreading Joy with Every Kit

In July 2024, the OpenText Bengaluru office partnered with Youth for Seva, a nation-wide movement that inspires youth to volunteer and drive positive change. OpenText sponsored approximately 950 school kits, each containing essentials like backpacks, books, and stationary products. High school kits also included a geometry box, while nursery kits featured colored pencils in addition to their books.

Our employee volunteers helped assemble and distribute the kits across four schools in Bengaluru city.

“It was an incredible opportunity to volunteer with Youth for Seva. Our team felt a great sense of fulfillment and joy knowing that we could make a difference in the lives of so many youth and children that will hopefully have a lasting impact and inspire them to give back to society as they grow up and accomplish great things.” – Moby

OpenText employees pose with children at Youth for Seva volunteering event

Stationery Drive with Samarthanam Trust for the Disabled

As the school year began in Bengaluru, our volunteers organized a drive to collect unused stationery materials, gently used clothing and toys for families in need. They then visited Samarthanam Trust for the Disabled to distribute the donations and spend time with the children.

“Our collective efforts have reached the hearts of 350 children at Samarthanam Trust. The entire OpenText Bengaluru family united to contribute and deliver over 23 cartons filled with stationery, toys, and clothes. The meaningful impact we’ve made fills us with immense pride and gratitude. This experience reminds us of the transformative power of kindness and teamwork.” – Amudha

OpenText employees participating in the stationary drive

Tree Planting Drive

In October, OpenText India partnered with United Way of Bengaluru for a tree planting drive as part of the Sidlaghatta Social Forestry project, located in the outskirts of the city.

Sixty passionate OpenText volunteers gathered to dig the pits, add manure, and carefully plant and water each sapling, resulting in 200 saplings successfully planted that day!

OpenText Bengaluru team tree planting

This project was chosen by our team to fulfill a long-term vision: reforesting 100 acres of land while supporting local families through future fruit sales. This initiative will help restore green cover and strengthen the livelihoods of nearby villages.

“Sustainability reflects the core values of responsibility and innovation that we embrace at OpenText. It’s fulfilling to be part of an organization that prioritizes creating a positive environmental impact.” – Gaurav

“I chose to participate in the event because I deeply believe that each of us has a role to play in protecting and preserving the environment. Taking small, proactive steps today can lead to a more sustainable future. Beyond the cause itself, the event also offered a unique chance to interact with my colleagues in a more relaxed and meaningful setting, strengthening our sense of community and shared purpose.” – Pushpanjali

At OpenText, our employees recognize the importance of giving back to the communities where they live and work. Over the past months, the OpenText team in Bengaluru focused their impact on quality education, aiding the well-being of underprivileged students, and supporting the environment around us. If you want to learn more about life at OpenText, visit our careers page at careers.opentext.com.

Corporate Communications

May 27, 2025

News & Events, OpenText Life
What’s new in OpenText Digital Asset Management
May 2025: What’s new in DAM 25.2

Digital asset management is having a moment. Industries that traditionally create high volumes of rich media enjoy the productivity advantages of AI-led innovation in usability a nd automation. At the same time, new use cases for images, video, audio, 3D models, and other rich media formats have emerged in industry verticals such as manufacturing, transportation, and utilities, adding to the need in the market for both specialized and versatile DAM solutions.

OpenText™ Digital Asset Management is a leading Enterprise DAM solution that excels in securely handling multiple use cases and user communities across any organization. One of the pillars of the OpenText DAM team is relentless innovation. Let’s look at the top capabilities unlocked in the latest updates.

Generative AI Search

Helping colleagues find the perfect assets for their project is one of the biggest benefits of digital asset management. A skilled user can craft the ideal search query for any situation with OpenText DAM’s industry-leading Advanced Search. However, Generative AI search using RAG (retrieval augmented generation) is a powerful asset discovery assistant for occasional DAM users, releasing super-users to focus on higher-value tasks.

By leveraging the exceptional power of OpenText™ Knowledge Discovery, OpenText Digital Asset Management 25.2 now offers Aviator Search, including:
- Natural Language Search enables users to find assets using their own words
- Reverse Image Search enables users to find assets using a local or online image
- AI Asset Summary adds natural language descriptive metadata, ideal for SEO and GEO
Unlike most alternatives, OpenText Knowledge Discovery is available as a Private Cloud or on-premises solution, so all your data stays securely under your control in the same location as OpenText Digital Asset Management.

Video and 3D model enhancements

Recent releases have further improved the video and 3D model management capabilities of OpenText Digital Asset Management.
- Use AI auto-tagging to analyze 3D model previews, improving discoverability
- Export video transcripts in VTT format, providing more options for translation and subtitles
- Improved video and audio analysis when using OpenText Knowledge Discovery for AI Media Analysis
Continual improvement

While those are the top highlights, every update keeps OpenText Digital Asset Management at the leading edge of usability and security. Recent versions have included improvements in accessibility, watermarking, asset linking, project management, API functionality and many other areas. With an exciting roadmap and a powerful vision, OpenText continues to lead the market for Enterprise DAM.

February 2024: Product content integrations, new file formats, AI and more

For a category that has been around for over 30 years, digital asset management (DAM) is surprisingly dynamic. However, it remains challenging to manage the increasing volume and complexity of rich media that organizations and individuals create and consume. Whether it is new formats, like 3D models, new channels, like social short-form video, or new technologies like Generative AI, DAM innovation must keep up the pace.

At OpenText™, we are proud of our track-record of relentless innovation. But we spend so much time looking forward that we are sometimes guilty of not considering the milestones we have achieved. So this is a look at the highlights that were achieved over the last year in digital asset management.

Product content integrations

For many online retailers, DAM and product information management (PIM) have been a power-couple for years. We have integrated OpenText DAM with leaders like SAP, Stibo, Riversand, and Salsify. But as more brands market their products directly, the PIM market has expanded rapidly. That’s why we introduced a PIM Integration Framework to OpenText DAM in 2023, making it easy and fast to integrate with (almost) any PIM.

More file format support

As is typical with emerging content types, the number of file formats for 3D assets continues to grow. In 2023, OpenText added support for GLB/GLTF, WRL/VRML, and 3DS. This is in addition to the existing support for PLY, FBX, STL, DAE and OBJ file formats. Our objective is to eliminate the need for dedicated 3D editing software when it is only necessary to view and rotate the object.

Also in 2023, we introduced support for viewing animated GIFs in the user interface and delivery through Adaptive Media Delivery (AMD). In addition, we won’t disagree with how you pronounce GIF.

Dynamic search experience

Keyword search now dynamically displays thumbnails of top results. This accelerates the discovery of key resources and reduces the friction that decreases user engagement.

Automated workflows

Automation is more than a way to increase productivity, it also drives compliance and consistency. The workflow engine in OpenText DAM was improved to allow easy scheduling and recurrence of automated jobs. New actions were added including watermarking and unpublishing from collections. A sample expiration workflow, developed in collaboration with our customers, is now provided to show how to use the new capabilities.

AI and ML

OpenText completed the acquisition of Micro Focus in February 2023, and that included the powerful and flexible IDOL Media Analysis. We wasted no time in adding support for IDOL into OpenText DAM, adding to the options available to customers looking for world-class AI image and video analysis. Key to some customers, IDOL can be installed as a private service for security-conscious organizations, so training sets and assets needing analysis do not need to be sent outside the organization.

But the big buzz of 2023 was generative AI (GenAI). We partnered with Google Vertex Imagen to add this exciting new capability into the creative request workflow as inspiration images that clarify the requirement. Listening to the needs and concerns of our customers, we added governance options such as automatic tagging, watermarking, and clean-up of images, to avoid accidental or unapproved use of assets created by AI.

A big year

It has been a big year for OpenText DAM in n ovation, and these were just the highlights. We’ve continued to improve usability, security, and connectivity in ways that deliver success for our customers and help them deliver success to their customers.

2024 is set to be even bigger, so stay tuned for more!
Conrad Henson

May 26, 2025

Customer Experience, Line of Business, Marketing & Communications, News & Events, Product Updates, Technologies

digital asset management, digital assets, enterprise digital asset management, OpenText Media Management
Insider threats in cybersecurity: When danger comes from within
In today’s digital landscape, the most dangerous cybersecurity threats aren’t always sophisticated hackers in hoodies writing malware in the dark. Sometimes, they’re employees or contractors who already have legitimate access. They may not even realize they’re part of the problem. Insider threats, malicious or unintentional, are increasingly becoming the easiest path into an organization’s network.

On Episode 150 of the Reimagining Cyber podcast, host Ben welcomed back Tyler Moffitt, Senior Security Analyst at OpenText Cybersecurity, to explore the complex and growing issue of insider threats. From third-party vendor risks to phishing schemes and ransomware partnerships, this conversation highlighted why insider threats must be a top concern for every organization.

Reimagining Cyber, EP# 150 The enemy within: the hidden risks of insider threats

Breaking down insider threats

Tyler began by categorizing insider threats into two key types:

Malicious insiders – These individuals knowingly exploit their access for personal gain or revenge. Whether disgruntled employees, collaborators with threat actors, or simply susceptible to bribery, their insider knowledge can make them extremely dangerous.

Unintentional insiders – Far more common, these are employees or contractors who fall victim to phishing, social engineering, or other manipulative tactics. They may unknowingly click malicious links, give up credentials, or fall for voice phishing (“vishing”) scams.

While both types are damaging, unintentional insider threats are easier to scale through social engineering campaigns and represent a broader risk surface.

Case study: Coinbase and the price of access

A chilling real-world example came from a recent breach at Coinbase, the popular cryptocurrency exchange. The attack was facilitated through a third-party contractor at an outsourced call center. Cybercriminals impersonated internal IT staff, contacted the contractor via a vishing campaign, and bribed them to gain access internal systems.

The result? Criminals exfiltrated sensitive customer data and targeted those individuals with phishing campaigns, successfully defrauding them of cryptocurrency.

However, the company’s response makes the Coinbase case particularly notable. Instead of quietly paying off the attackers to keep the breach under wraps, Coinbase went public, disclosed the breach, and offered a $20 million bounty for information leading to the perpetrators. Even more impressively, they committed to reimbursing affected customers—an unusual and commendable move in the often murky world of crypto.

This breach affected internal operations and highlighted serious risks in third-party vendor management. As Tyler points out, even if your company maintains rigorous security controls, you’re only as secure as your least secure partner. Your entire infrastructure could be compromised if a contractor can be bribed or tricked into granting access.

Scattered Spider: Masters of social engineering

If Coinbase illustrates the risk of malicious insiders, the UK-based retail breaches show how unintentional insiders can be just as dangerous.

Retail giants like Marks & Spencer, Co-Op, and Harrods recently suffered outages and data exposure linked to a notorious cybercriminal group known as Scattered Spider (Octo Tempest or UNC3944). This group specializes in social engineering. It tricks internal employees—often native English speakers—into giving up credentials or resetting multi-factor authentication (MFA), which allows further infiltration.

Tyler explains that these groups act as “access brokers,” working within a broader ransomware economy. Once they’ve gained access, they sell it to ransomware affiliates, who then deploy the actual payloads and extort companies for millions. It’s a well-oiled criminal operation, and companies worldwide struggle to keep up.

Marks & Spencer, for instance, has been battling system issues for over a month following the breach. It continues to struggle with online orders, contactless payments, and even inventory shortages. The Co-Op took a more decisive approach by shutting down its systems early to cut off the attack, preventing deeper damage.

Which insider threat is worse: Malicious or unintentional?

Tyler’s answer is clearly unintentional insiders represent the bigger threat. Why? Because malicious insiders, while severe, are limited in scale. Bribing or turning an employee takes effort and coordination. But unintentional insiders? They’re everywhere, and they’re vulnerable. With phishing and social engineering attacks, threat actors can target thousands at once, hoping that even a small percentage will fall for it.

And with AI now empowering scammers to create deepfake voices, realistic spoofed emails, and convincing fake Slack messages, it’s getting harder for employees to detect fraud.

Remote work adds fuel to the fire

Remote and hybrid work environments, which have become the norm since the pandemic, further complicate the insider threat landscape. Verifying identities and intentions is more challenging when employees aren’t physically present. Tyler notes that the decentralized nature of remote work makes impersonation schemes more plausible and successful.

Defending against insider threats

Despite the doom and gloom, there are practical defenses organizations can deploy. Tyler emphasizes the importance of layered security, including:
- Zero-trust mindset: Don’t assume that just because someone is inside the network, they’re trustworthy. Validate everything, especially identity and access.
- Least privilege access: Only give employees and contractors the minimal level of access necessary for their roles. Implement secure escalation protocols for sensitive actions like MFA resets.
- MFA hardening: Require multiple levels of identity verification, especially for support or admin-level users. Video verification and secure PINs can provide additional safeguards.
- Behavior analytics: Monitor user behavior to detect anomalies, such as logins at odd hours or unusual system access patterns.
- Training: Regularly educate all employees, especially those in support roles, on recognizing phishing, social engineering attempts, and internal impersonation scams.
- Vendor security: Vet your third-party vendors thoroughly. Ensure their security standards match yours, especially if they handle customer data or sensitive internal systems.
The insider threat will grow

As cybercriminals become more creative and organizations become more distributed, the insider threat will only grow. Whether it’s a bribed contractor or a tricked help desk agent, people have become the new perimeter—and that perimeter is fragile.

The solution? Invest in people-first security strategies, harden your identity controls, and never underestimate the importance of awareness and training. In the world of cybersecurity, trust must be earned continuously.

As Tyler put it, “Identity is the new perimeter.”

Listen to this latest episode of Cybersecurity Reimagined on your favorite podcast app by clicking on the share button below. You can also listen to any of our previous episodes on demand.
Jennifer Crump

May 23, 2025

Line of Business, Security, Security, Technologies

AI Cybersecurity, insider threats, SOC, threat detection and response, Threat Hunters
Get DevOps answers—and ideas—at Gartner® Application Innovation & Business Solutions Summit
Are you headed to the 2025 Gartner Application Innovation & Business Solutions Summit in Las Vegas, June 3-5? If accelerating software delivery, taming hybrid-cloud complexity, and hardening supply-chain security are on your 2025 agenda, carve out time for the OpenText® DevOps Cloud team. We’re bringing our experts, our latest platform innovations, and a packed schedule of live demos and information sessions designed to help you turn DevOps from a hopeful initiative into a predictable engine of value.

Why stop by the OpenText DevOps booth at Gartner® Application Innovation & Business Solutions Summit?

1. See a true end‑to‑end DevOps cloud in action

Most “DevOps” toolchains are stitched together with brittle scripts and tribal knowledge. OpenText DevOps Cloud unifies planning, version control, release orchestration, application security, and observability in a single SaaS experience. Watch our architects push a code change from commit to production—with automated policy checks, SBOM generation, container signing, and instant rollback—before your coffee gets cold.

2. Learn how global enterprises ship 4× faster

Whether you’re in finance, healthcare, manufacturing, or the public sector, you’ll find real‑world patterns you can steal. We’ll showcase:
- a reduction in audit prep time via traceable pipelines
- fewer production defects thanks to AI‑powered test automation
- annual savings through environment-as‑code and dynamic provisioning
3. Experience AI‑assisted DevSecOps

Catch our live demo on “Gen AI automation across DevOps” featuring our innovative AI and LLM-powered solution, OpenText DevOps Aviator. Generate compliance reports with a prompt, surface the root cause of flaky tests in seconds, and let policy‑aware AI recommend the safest remediation path.

Can’t‑miss session

When: June 5 @ 11.15 AM PST
Topic: Learn how leading teams are scaling intelligence across the pipeline with GenAI and agentic AI.
Speaker: Gabriel Martinez, Director, Product Marketing, OpenText DevOps Cloud

Arrive early—seating is limited.

Meet the brains behind the OpenText DevOps platform

Gartner events are legendary for hallway insights, and our bench is ready. Schedule a 1:1 to dig into:
- Regulated‑industry compliance – PCI DSS, ISO 27001
- SAP integration – DevOps for heritage systems
- FinOps optimization – Cutting CI/CD infrastructure costs without slowing teams
Swing by the booth to chat about how OpenText Core Software Delivery Platform, powered by AI, is making testing smarter, forecasting more accurate, and release decisions more confident across your entire SDLC.

Plan your visit to see OpenText DevOps at Gartner® Application Innovation & Business Solutions Summit

📍 Expo Hall—look for the carnival!
🗓️ June 3 – 5, 2025 at Caesars Forum Conference Center, Las Vegas
💻 Add our sessions in the Gartner event app under “Exhibitor Sessions > OpenText”

Ready to run DevOps like a business?

Register for the Gartner Application Innovation & Business Solutions Summit, book a 1:1 with an OpenText DevOps expert, and follow @OpenTextDevOps on LinkedIn for live updates and swag alerts. The future of high‑velocity, audit‑ready software delivery is here—and it’s running on OpenText DevOps Cloud. See you in Vegas!
Rebecca Graves

May 22, 2025

DevOps, News, News & Events, Technologies

devops, DevOps Aviator, DevOps Cloud, Gartner, Gartner conference
To measure is to know

Our daughter was diagnosed with diabetes at a young age. To keep her glucose at an acceptable level, my wife and I had to understand the effects that food, play, bedtime, the weather, and a number of other factors would have.

“To measure is to know,” became our mantra.

Before a sporting event, exam, or anything that required our daughter to perform optimally, there was a lot of preparation, orchestration, and, pun intended, examination. If we didn’t prepare, concern for her health would take center stage, resulting in undesirable mental pressure on the entire family. Not to mention the (obviously less important) potential for poor results caused by diabetes symptoms.

Fast forward through her childhood: Our independent, cheerful, and loving daughter is now travelling the globe by herself in between her studies with constant (and automated) monitoring to measure her intake and resulting glucose levels.

Which reminds me…

Obviously it’s not the same, but I can’t help but notice similarities between giving her the best possible chances for optimal performance and ultimate success to rolling out an enterprise-wide information management solution.

“To measure is to know” is still the mantra.

We require enterprise solutions to be stable, performant, and ultimately deliver on (or above) expectations. To ensure success, organizations will often use a dedicated team to manage operations. Consumers of these solutions can just do their work without having to worry about operational excellence.

I’m describing a private managed service that caters to specific use cases. (Not to be confused with the term adolescent daughter.)

Customer success with OpenText

At OpenText all our privately managed information management cloud solutions are constantly monitored, measured, and assessed during their operational lifecycle, including and especially before they go into production. We call this the Production Readiness Assessment (PRA).

As part of our promise to deliver on our L.O.V.E. model and ensure customer success we prepare, orchestrate, and examine all our managed solutions before releasing them into the world. PRA involves a thorough evaluation of various elements such as performance, security, the application of best practices, and adherence to requirements, both functional and technical.

Gartner highlighted that businesses who adopt a solid production readiness practice are 30% less likely to experience any form of downtime.

This blog introduces PRA as a standard deliverable for all OpenText private managed cloud solutions. Please stay tuned for my follow-up blogs with more detail on the reasons, goals, benefits, and specific checks the PRA delivers.

Until then please access our Production Readiness Best Practices and many more cloud and product-success resources on the OpenText Customer Success Portal (login required) and be part of our L.O.V.E. journey.

Serge van Lith

May 21, 2025

Customer Success Services, Services

cloud, Cloud migration, Customer Success, private cloud
What’s keeping CIOs up at night? Part 1
Today, the question for most organizations is no longer “Should I deploy AI?” but “How should I deploy AI?” As the benefits of AI become more tangible, that question gets easier to answer—every way you can.

But that’s just the first in a long list of questions that come to mind regarding AI. And, as with innovative technology of the past, everyone is looking to the CIO for answers.

It’s a tricky place to be for IT leaders. Given AI’s potential to drive innovation and efficiency, the stakes are high. As the overseers of information technology strategy, CIOs have the responsibility—and the opportunity—to align AI initiatives with broader business objectives. That’s important, since all eyes will be on AI projects to gauge the concrete benefits and return on investment they bring.

To align AI projects with expected benefits as well as business goals, it’s worth it to first take a step back and evaluate what you need from AI.

Everyday AI

If you’re looking to improve employee productivity and gain operational efficiencies, everyday AI might be the best place to start. These projects take advantage of AI to automate tasks such as searching documents, summarizing content, and recommending next actions.

Here are some examples of how AI can automate tasks in different areas of an organization:
- Sales account executives: Accessing account-related information (open opportunities, order history, campaigns), viewing customer documents, and gathering information before engaging with customers.
- Customer service representatives: Accessing order information, determining order status, communicating with customers about order status, and accessing documents and data from other systems.
- Sales order specialists: Reviewing contracts and sales orders, uploading final contracts, viewing contract information, and accessing related sales orders.
- Legal counsel: Browsing contracts and sales orders, accessing the latest contract versions, and viewing order fulfillment information.
- Product specialists: Assisting with resolving customer support cases by assembling information and accessing relevant product documentation.
Check out this list of AI use cases for more examples of how you can apply everday AI to business challenges.

Game-changing AI

Maybe you’re ready to swing for the fences with game-changing AI that can have a greater impact on the business, such as discovering new revenue opportunities or completing multi-step processes.

For more strategic uses and to explore the next phase of AI, read this blog to learn about OpenText™ Titanium X (CE 25.2). This latest upgrade helps organizations create digital knowledge workers—AI agents that perform tasks and extend the capabilities of human teams. Together they create a new digital workforce that will unlock human potential and productivity.

For an in-depth example, watch this video that demonstrates how OpenText™ Content Aviator saves time and improves service at an insurance company by expediting customer claims processing.

OpenText Content Aviator cuts a multi-step process into just a few clicks

You can see more OpenText Aviator demos here.

What’s next for AI?

What about the future of AI—where is the technology going? What’s real and what’s hype? How do you keep up? Explore perspectives about the impact of AI in the latest ebook by Mark J. Barrenechea, OpenText CEO & CTO, Business at the Speed of AI.

AI-driven information management helps you make the most of your organization’s most valuable asset—information. Learn more about maximizing its value by reimaging information with OpenText.

Read other blogs in the What’s keeping CIOs up at night? series:
- Part 2: Reducing costs while improving employee productivity
OpenText

May 20, 2025

Aviator AI, Information Management, Technologies

AI, Aviator, Content Aviator, Information Management, Information reimagined, Titanium X
Select the right cybersecurity AI tools with these 3 crucial steps
The overwhelming impression from just wrapped up RSA or any other cybersecurity conference, AI is everywhere. There are dozens, if not hundreds, of AI-based cybersecurity tools with look-alike UIs and extremely similar features. They all sprinkle their marketing materials with the same buzzwords: GenAI, Agentic AI, AI assistants, etc.

One thing is clear every cybersecurity team will have to use AI tools and better sooner than later. Most of the people we met with had the same question – how to choose the best solution for their team. I have been building cybersecurity AI solutions for over a decade. Here is a consideration framework than can assist you with that decision.

1-Define what your team needs with a cybersecurity AI tool

Even though cybersecurity professionals are all tasked with protecting their organizations the circumstances vary from team to team. There are four major dimensions to consider: threats you face, the data you have, your team’s composition, and your processes and workflows.

The threats you face

Let’s start with identifying the primary threats that your organization is concerned with, whether AI or not. What are the main security problems you’re trying to solve by adding a new tool to your arsenal? Ideally, you want to compile that list using a data-driven approach. Consult the results of your red team activities. Are there any blind spots in your existing tools?

Monitor news of the main threats and breaches that affect your industry or similar organizations. What are the high-return targets or goals that malicious actors may pursue in your organization? Are there geo-political tensions and events that may spike specific types of threats aimed at your organization?

Make sure to include in your threat prioritization process the notion of how likely they are to strike your organization and how much damage they will cause if you miss them. For instance, the healthcare industry is experiencing the rise of phishing and ransomware attacks aimed at sensitive patient data exfiltration. Meanwhile, for the financial industry this year, it is advisable to be on the watch for APTs, nation-state-sponsored espionage as well as supply chain and vendor vulnerabilities in addition to ransomware attacks.

The data you have

Check your cybersecurity data inventory. Compose a list of all data sources that you are currently using. Add information about its coverage as well as how accurate is your data. For example, if your organization deploys a mixture of endpoint agents, providing only some of the logs to your AI system may result in a partial view with some aspects of the attack missing.

Inferior quality or incomplete data will require additional cleanup and filtering otherwise it not only will not produce valuable results in your AI system but will cause degradation of the quality, bearing the signal in the noise. Your AI model can be only as good as the data you are feeding into it.

Your team’s composition

Every cyber security team has a unique composition as well as distinctive styles of communication and collaboration patterns. The AI tools should empower your team rather than set up a trap.

Consider the expertise of your team members. For example, a team composed of seasoned threat hunters versus a team of newly hired SOC analysts will need different tools with diverse levels of detail and context. Is your team being uniform in the areas of expertise and tasks or it composed of several “specialists” who tend to have deeper expertise in specific areas of threat hunting, digital forensics, or mitigation techniques?

Some AI assistants provide flexibility to retrieve the answers based on the various levels and areas of the user’s expertise. Was your team exposed to AI in the past? Consider how much assistance your team will need to get up to speed with AI tools. What would benefit them is a highly configurable, hands-on, direct interaction AI tool or something that works behind the scenes incorporating AI enhancements into already familiar types of interactions and interfaces.

Keep in mind the famous Spiderman quote – “With great power comes great responsibility”. Size of the team. The size of the SOC and threat-hunting teams could vary from a “one-person shop” to dozens of members. Smaller teams are likely to be much faster adopters and use direct communication methods. While larger teams are more likely to have more levels in the internal team org structure. If this is the case, the ability to create specialized reports using AI agents or automate the generation and distribution of the latest status summaries is a valuable feature for your team.

Distribution of the team.

Some teams are collocated, while others are distributed across different geo-locations. This factor often affects communication patterns and methods. Your communication AI tool should be able to enhance the type of communication that is currently prevalent in your team and solve existing problems. For example, a team distributed across a wide range of time zones, will benefit from the automated detailed AI-generated reporting.

Your processes and workflows

Your team has already established “well-oiled” team practices. Independent of the origin of these routines, they’ve withstood the test of time and are reasonably effective. Take an inventory of these, so you don’t throw away a baby with the bathwater in your excitement to embrace AI. Consider:
- Investigation workflows
- Incident handling policies
- Inter- and intra-team reporting methods
- Response techniques
What can you optimize with AI? Where can your team save some time by implementing automated Agentic AI workflows? What decision making to do you want to avoid passing on to AI?

You must set up “healthy boundaries” and determine what you can delegate to an AI system and what you want done by a human. At last, the integration of the new tool should be organic it should enhance and improve your team’s life. Choose evolution over revolution. If you must mandate usage of a tool or if the same tasks take longer and the quality of the work goes down, even after the expected “ramping up” period that is natural for a new tool adoption you should explore different options.

Now that you’ve created a tailored “wish list” of the features and capabilities, prioritize it according to your needs. Make sure to note which are must haves and which are just nice to haves. You may also want to consider incorporating multiple AI tools with complementary capabilities.

2- Avoid the red flags of some cybersecurity AI tools

Now let’s look at what you don’t want to see in an AI solution that you consider.

Can’t try before you buy

How do you verify that an AI solution fits your list of parameters? You can try evaluating an AI tool based on the marketing materials and demos. However, the best option is to “test drive” it. If a vendor provides an opportunity to try the AI solution on your data and provides hands-on experience with the system for your team – go for it. It is by far the best option and speaks volumes about the confidence of the vendor in their solution. If you must commit before seeing the performance of the tool on your data, this should be your first red flag.

Obscure models

Another red flag is undisclosed core AI models’ details. Specifically, if the vendor refuses to provide any information about the origin or data the vendor used to train or fine-tune the model. Naturally, you will not get a level of detail that could benefit their competitors, but you should be able to verify that the AI model adheres to the standards and policies of your organization.

The absence of that information makes it extremely hard to evaluate the AI solution for ethics, privacy, security, and even the legality of the model usage for your use case. With laws and regulations tightening around the world in real time, what was acceptable yesterday may no longer be that tomorrow.

Fuzzy AI ethics

The topic of ethical AI is repeatedly surfacing in the headlines of major media outlets. Why is it important for your selection of AI-powered cyber security tools? AI can cause wide range of issues without ethical considerations and guardrails:
- Misinformation
- Bias and discrimination
- Compromised data privacy
- IP Infringement
- Insufficient governance and accountability
The consequences of these issues can pass to you if the vendor uses an AI system that does not address them.

Results lacking explainability and transparency

It is alarming if the signals are hard to explain. It isn’t sufficient if the AI system just indicates if some activity or a user is risky it should provide a clear explanation based on what evidence it came to that conclusion. Even better, drill down to the specific raw events that resulted in that conclusion.

Your top attacks aren’t there

The next red flag is less definitive. It is possible that even though the top-priority threats aren’t listed in their coverage material, the system will still detect them. If you can, red team these attacks and test drive the tool on your data. This will allow you to verify the efficiency of the AI tool to detect these attacks experimentally. However, if you can’t assess, and your top use cases aren’t mentioned, the chances are high that you will have weak or no coverage for at least some of them from that AI system.

Adoption of the tool will break your current process.

Also consider compatibility between the AI tool and your current work processes. Adoption of the new tool should enhance your team’s productivity and the quality of their work. If the AI tool doesn’t align with your team’s current workflow, if you must mandate its adoption, it is unlikely to be a right fit.

Note, that that there will be some kind of learning curve. A reliable vendor should provide sufficient training, onboarding or threat hunting services that would minimize the ramping-up time for your team and get them up to speed without missing a heartbeat.

You don’t see the tool saving you money.

The final red flag is if you don’t see the tool saving you money or time, which is also money. Most of our teams have limited resources that must and budgets. When you consider adopting a new AI tool ask yourself the following questions. Do you expect it to save time for your team and broader costs for your organization? If yes, try to be as specific as possible in your estimations – this will help you to compare multiple AI tools or their combinations. Consider your existing operational costs as well as potential costs of delayed detections or even missed attacks.

3- Evaluate the cybersecurity AI tool

Here are proven best practices for your evaluation methodology:
- Assess it in conditions as close to reality as possible. Specifically, the data that you are trying the AI tool on should be composed of a wide variety of data sources (for instance, include at least one endpoint and authentication data sources to cover a broad variety of attacks)
- Include an assortment of devices and user types like what you have in your organization.
- “Red team it” and be as specific and close to your prioritized list of threats as possible.
- Ideally, you should test for both quick and targeted attacks as well as advanced persistent threats. Let’s be honest, you don’t need a sophisticated algorithm to detect an obvious DDOS attack.
- Bring into the evaluation process at least one of your “frontline” team members who spends most of his/her day monitoring the alerts, threat hunting, analysing the logs, and responding to the attacks.
Now you have a solid, systematic way to find the tool that helps your team succeed in your own unique combination of requirements and circumstances.

OpenText Executive Vice President, Security Products, Muhi Majzoud, recently spoke to Bank Info Security about the integration of GenAI and threat detection and response in cybersecurity strategy. Watch the interview.

You can also view presentations by OpenText data scientists at RSA on demand or use our complimentary threat detection and response checklist to assess vendors.
Mari Pospelova

May 16, 2025

Line of Business, Security, Security, Technologies

AI Cybersecurity, RSA2025
EDI vs. API: Why both still matter in a modern supply chain
As supply chains become more digital, global, and complex, businesses are under growing pressure to modernize the way they connect, communicate, and operate.

Two of the most critical technologies enabling this transformation are Electronic Data Interchange (EDI) and Application Programming Interfaces (APIs). While both are used to exchange data between systems and partners, they work in fundamentally different ways—and understanding when and how to use each is key to building a future-ready supply chain.

In this blog, we’ll break down EDI vs. API, explaining their differences, and why EDI remains vital despite the rise of modern APIs. And, explore how combining the two can give your business the flexibility, speed, and scalability needed to thrive in today’s dynamic environment.

What is the difference between EDI and API?

Electronic Data Interchange (EDI) and Application Programming Interfaces (APIs) are both methods of exchanging business data, but they serve different purposes and operate differently.

EDI (Electronic Data Interchange) is a standardized method for exchanging structured business documents like invoices or purchase orders in batches—ideal for high-volume, stable transactions.

APIs (Application Programming Interfaces) enable real-time, flexible data sharing between systems, suited for dynamic tasks like live shipment tracking or inventory checks.

Understanding EDI vs. API is essential because each serves a distinct role. EDI excels at handling high-volume, standardized transactions, while APIs enable real-time, flexible data exchange.

By understanding their strengths, businesses can strategically use both to create a connected, agile supply chain that balances stability with speed and adaptability. This hybrid approach ensures seamless integration across partners, systems, and workflows.

EDI simplifies key transactions

EDI enables fast, structured, and automated data exchange between trading partners, which simplifies key transactions, such as sending orders, giving notice of deliveries, confirming receipt of deliveries, booking transport, sending invoices, among others.

EDI is understood globally and follows recognized formats, such as EDIFACT, ANSI X12 for seamless data exchange. It’s secure and efficient at handling large volumes of data transactions, but it can be complex and costly to set up the initial configuration and trading partner mappings, especially for smaller companies.

Despite being trusted and used for decades, for years now, many believed that EDI would be phased out and replaced by Application Programming Interfaces (APIs). However, given its value in delivering structured, error-free data exchange in an increasingly complex global marketplace, EDI usage continues.

Companies around the world, from suppliers and logistics providers to retailers and manufacturers, rely on an EDI strategy to exchange critical business documents securely, quickly, and in a standardized format.

APIs enable instant data exchange

APIs allow instant data exchange without waiting for batch processing and offer integration flexibility with a wide range of systems, such as CRMs, ERPs, analytics tools, and other cloud-based applications within your digital ecosystem. However, where EDI is all about standardization, API formats vary, requiring custom integrations with each partner, which can be costly and time-consuming in multi-partner environments.

Many businesses use APIs to communicate between disparate systems within their system chain. Since APIs provide real-time data exchange, this can improve supply chain transparency and visibility.

And, APIs connect to e-commerce platforms and support the integration of analytics tools, allowing businesses to gain insights into performance metrics and adapt to changing conditions.

The importance of a strategy that connects EDI and API

The supply chain workforce is changing. Some professionals are retiring, others joining don’t know much about EDI and want to go forward with API-first strategies.

There are also business challenges, like rising costs, but fewer resources, supply chain disruptions, and technology innovation initiatives, and more. Given these factors, it’s less about EDI vs. API, and more about taking a “best of both worlds” approach, which sets you up for success.

Rather than replace EDI, integrate it with APIs, other cloud platforms, and AI/ML, so you can enhance automation and flexibility within your digital ecosystem. This connected approach will reduce costs in the long term, improve operations despite possible disruptions and workforce changes, and ensure compliance with global standards.

With a connected strategy, you can bridge the gap between bulk transaction support and real-time data exchange, making it easier to handle high-volume processes and dynamic, immediate updates needed to keep the flow of business going.

You can more easily integrate with ERP systems, such as Microsoft Dynamics, Oracle NetSuite, Oracle Fusion, and SAP S/4HANA, that are already in place instead of ripping and replacing to make new technology fit with legacy technology.

How to get started with EDI and API integration

Every day you try to keep operations running smoothly, find ways to innovate and drive efficiencies, reduce costs, and simplify your supply chain. But you are asked to do this with limited resources and budget, making it hard to keep up with the speed of technology.

When managing all these connections and the information attached to them, it’s important to think long-term, not just one year at a time. You need solutions that evolve with you and continuously add new capabilities to assist you as your business grows.

You don’t have to go it alone. There are several solutions out there, but what you need is a partner and a solution that will take the time to understand your digital ecosystem, so everything is done right from the start.

Here are questions to ask when selecting an EDI and B2B integration solution and partner:
- Knowledge and Know-How: Can they ensure a successful implementation—on time and on budget?
- Automated Workflows: Can they help you find ways to reduce manual tasks and errors and increase productivity?
- Enhanced Visibility: Does the solution – as built out of the box – enable access up-to-date information for better decision-making, gaining insights into your supply chain operations?
- Cost Reduction: Will the solution reduce long-term costs, including total cost of ownership (TCO), and avoid hidden implementation fees?
- Compliance: Can they ensure adherence to industry standards and regulations?
- Ongoing Support: Will you receive regular customer support, including help with data validation and mappings from onboarding through implementation and after go-live?
EDI and APIs: How OpenText can help

OpenText Business Network supports both EDI and API-based integration—allowing businesses to connect with all partners, regardless of their technology maturity. This hybrid approach ensures end-to-end visibility, flexibility, and scalability across your digital supply chain.

OpenText’s B2B Integration solutions create a unified environment connecting your ERP system (Microsoft Dynamics 365, Oracle NetSuite, Oracle Fusion, SAP S/4HANA, etc.) with EDI and APIs in one digital ecosystem.

OpenText offers pre-built ERP EDI-to-API adapters on a modern, scalable B2B platform and VAN—enabling faster deployment without requiring deep EDI expertise.

Our trusted, flexible solutions let businesses connect once to everything. With our expertise, you’ll streamline supply chain operations and build a foundation for innovations like AI/ML that maximizes your business data value.

Ready to get started? Learn more about OpenText’s Easy EDI integration.
Tara Holt

May 14, 2025

API Services, Automotive, Banking, Business Network, Industrial Manufacturing, Industries, Information Technology, Integration, Line of Business, Oil & Gas, Public Sector, Supply Chain, Technologies, Utilities

EDI
The road to Digital Forensics and Incident Response
Cybersecurity is a major concern for organizations today. As cyber threats grow more complex, the need for strong mechanisms to detect, respond to, and investigate incidents is crucial. Digital Forensics and Incident Response (DFIR) is a key part of modern cybersecurity strategies. It helps organizations mitigate the impact of cyber incidents, understand their root causes, and prevent future occurrences. This blog explores DFIR, its importance, and how OpenText™ can help organizations be cyber resilient.

A brief history of (computer) time

Decades ago, business automation relied on isolated computing platforms like midrange and mainframe computers. These systems operated on private networks with limited connections to the public internet. As a result, the number of vulnerabilities and risks of exploitation were lower compared to other enterprise risks.

Today, multi-tiered and hybrid on/off-premises solutions are common. The internet is everywhere, and many employees work remotely on untrusted networks. Consequently, this shift has increased the need for strong cybersecurity solutions. Alongside this evolution is the need for managing incident response and digital forensics.

Incident response and digital forensics

Incident response started in IT Operations, focusing on specific platforms or software. As cybersecurity threats evolved, incident response integrated with digital forensics. This integration provides a complete approach to managing and mitigating cyber incidents. It ensures organizations can detect and respond to incidents and understand what happened.

Need for digital forensics

Organizations face increasingly sophisticated attacks. Detecting and responding to incidents and understanding what happened is critical. Digital forensics provides this ability. Mature forensic capabilities help security teams reconstruct attack timelines, identify root causes, recover compromised data, and understand attacker motives and techniques.

For environments with regulatory compliance, forensic evidence may be legally required for reporting, liability assessments, or litigation. Without sound forensics, organizations risk making decisions based on incomplete or inaccurate information, potentially worsening the damage caused by an incident.

The evolving threat landscape

The cyber threat landscape includes both external and internal adversaries. Nation-state actors, ransomware groups, and organized cybercriminals continue to evolve their tactics. Internal threats from disgruntled employees, careless insiders, or compromised internal accounts are also common.

Moreover, remote work and decentralized networks have expanded the attack surface. This makes it easier for insiders and outsiders to exploit weak points in a digital ecosystem. Additionally, integrating third-party vendors and supply chains into core business operations extends threats beyond traditional perimeter defenses. Therefore, modern organizations must be vigilant and ready to investigate incidents from all angles.

DFIR posture and success criteria

A mature DFIR posture involves a proactive and integrated approach to threat detection, containment, investigation, and recovery. Successful DFIR programs combine automated detection tools, playbooks for incident triage, real-time alerting, and a seasoned response team.

Key success criteria include clearly defined roles and responsibilities, the ability to collect and preserve forensic evidence legally, rapid containment procedures, and post-incident reviews. Metrics like mean time to detect (MTTD), mean time to respond (MTTR), and the quality of forensic reporting indicate how well an organization can respond to cyber threats. These metrics are often required to meet service level agreements with clients and customers.

OpenText solutions for DFIR

OpenText offers solutions to enhance an organization’s DFIR capabilities. These solutions enable efficient collection, analysis, and reporting of evidence from various data sources. Here are some key services and tools provided by OpenText:
1. Digital Forensics and Incident Response Solutions (EnCase): OpenText’s DFIR solutions help organizations collect, analyze, and report on evidence from various data sources. These solutions streamline incident response investigations, helping teams quickly identify the intrusion source, impacted systems, and root cause while preserving all evidence. For more details, visit the Digital Forensics and Incident Response page.
2. Incident Response (IR) Services: OpenText provides tools that speed up the triage of IR artifacts. These tools help security teams quickly understand the full extent, impact, and nature of a security compromise. They also offer visibility into forensic artifacts to identify the root cause and timeline of an incident. For more information, check out OpenText IR Services.
3. Forensic Lab Advisory: OpenText’s Forensic Lab Advisory service provides expert guidance and support for forensic investigations. This service ensures that critical digital evidence is captured and analyzed, improving response effectiveness and helping organizations recover from incidents more quickly. Learn more about the Forensic Lab Advisory Service.
Where do we go from here?

Organizations serious about cyber resilience are increasingly turning to DFIR retainers. A DFIR retainer provides guaranteed access to seasoned incident response professionals and forensic investigators when an incident occurs. These retainers often include readiness assessments, tabletop exercises, and ongoing consulting to enhance the organization’s defensive posture.

With cyber insurance providers and compliance frameworks emphasizing the importance of documented response plans and expert support, a DFIR retainer is a strategic necessity. It bridges the gap between reactive and proactive security and ensures that when the unexpected happens, the organization steps into action with clarity and confidence.

As cyber threats continue to evolve, having a strong DFIR strategy is essential for maintaining operational continuity and protecting sensitive information. OpenText’s comprehensive DFIR solutions and services help organizations effectively manage and mitigate cyber incidents. If you’re interested in discussing how OpenText can support your DFIR needs and enhance your cybersecurity posture, reach out to us at SecurityServices@opentext.com. Our team of experts are ready to assist you in building a resilient and proactive security framework.

Co-Author: Mark Cappers is a Principal Consultant for OpenText Managed Security Services. A seasoned Consultant with over 20 years of experience in security, networking, and computing environments. Mark has specialized in information security, contributing to the founding of the EDS GIS Security Incident Response/Forensics team and leading enterprise security projects for global clients. Joining OpenText in 2017, he continued his career as a seasoned digital forensics and IR practitioner. Today, Mark advises customers on their e-Discovery, Digital Forensics, and Security Incident Response.
Marc St-Pierre

May 12, 2025

Line of Business, News & Events, Professional Services, Security, Security, Services, Technologies, Threat Alerts

cyber attack, cyber defense, cyber incidents, cyber insurance, cyber resilience, Cyber Threats, cybersecurity, DFIR, digital forensic evidence, digital forensics, incident response, regulatory compliance, Security posture
Inspiring people with creativity, curiosity, and new solutions

Every day, dm opens its doors to more than two million customers in Germany. We also have an extensive retail footprint across Europe, offering health and beauty products through 4,000 stores across 14 countries.

At dm, employee wellbeing is part of our DNA. We’re always looking for new ways to empower each of our 89,100 employees to make dm an even better place to work. To put that philosophy into action, we give people in back-office teams a chance to experience customer-facing roles in our retail stores.

Some years ago, I took time out from my enterprise content management (ECM) duties to work at one of our stores. It was a brilliant opportunity to see first-hand how our teams use our digital systems to support their work.

Recognizing opportunities for innovation

My time working in-store gave me many valuable new ideas about how we could improve the employee experience and reduce manual workload for our colleagues, so they can spend more time on value-added customer service interactions.

For example, our in-store teams used to manually collate and send paper documents such as delivery receipts and supplier invoices from our stores in Germany back to our headquarters. Then, colleagues in our central back-office departments would manually re-key the information into our SAP systems to make sure key data was available for other business processes. It was time-consuming, repetitive work.

There were also challenges with document-driven processes in other parts of the organization. Previously, some teams relied on a mixture of shared folders, email inboxes, and phone calls to collaborate on tasks. This led to challenges in terms of transparency and insight into status information, making it difficult to respond to specific requests. Version control was also tricky, and it was hard to avoid duplication of effort.

In total, we store around 80 million documents across the business, and that number is growing steadily year-on-year. To take control of that data, we looked to consolidate and streamline document management across the business.

Taking a fresh approach to document management

Around the same time, we were embarking on another digital transformation project. One of the main goals of the project was to move our country-specific instances of SAP ERP to a single global SAP Retail solution. This transformation will pave the way for our migration to SAP S/4HANA. The driving motivation for all of this was the harmonization of processes and maintaining a future-proof technology platform. It was the perfect opportunity to modernize our approach to document management.

When we evaluated the capabilities of OpenText Content Management for SAP Solutions and OpenText Core Archive for SAP Solutions, we knew that they would be an excellent fit for our needs. Both solutions can be tightly integrated with SAP, including SAP Fiori mobile apps. And with OpenText Content Cloud, we can enhance our document management capabilities while reducing maintenance and management workload.

Harnessing cloud solutions and industry best practices

Working with OpenText Professional Services and a consulting partner allowed us to implement the new solutions very quickly and efficiently. By using tools and accelerators from OpenText FasTrak Migration and FasTrak Move & Modernize, we consolidated over 80 million existing documents on the new platform on time and within budget. That was a big achievement for such a large and complex migration project.

By leveraging the integration capabilities of our OpenText and SAP solutions, we’ve transformed the way we store, manage, and archive documents across our business. For example, our in-store employees now use an SAP Fiori app to take photos of delivery receipts and supplier invoices from their mobile devices. Using digital workflows, we can capture the relevant data and bring it into SAP Retail in real time. Not only are we eliminating manual, repetitive work, but we’re also making information available to the business faster than ever.

Replacing information silos with a central, secure document management solution is also making it much easier for other teams to collaborate. For example, our product and quality teams can now work together on shared documents in the cloud, facilitating full transparency and always up-to-date status information.

Planning for an AI-powered future

Looking ahead, we’re excited to build on what we’ve achieved. We plan to expand our OpenText solutions to our international business units, and to explore how we might use generative AI technology to automate more tasks and unlock productivity improvements.

To learn more about how we worked with OpenText to boost the efficiency of document-driven business processes, read our case study.

Meike Weber-Keßler

May 12, 2025

Cloud, Content Services, Finance & Procurement, Industries, Line of Business, Retail, Sales, Supply Chain, Technologies

content services, customer story, customer success story

Spreading Joy with Every Kit

Stationery Drive with Samarthanam Trust for the Disabled

Tree Planting Drive

May 2025: What’s new in DAM 25.2

Generative AI Search

Video and 3D model enhancements

Continual improvement

February 2024: Product content integrations, new file formats, AI and more

Product content integrations

More file format support

Dynamic search experience

Automated workflows

AI and ML

A big year

Breaking down insider threats

Case study: Coinbase and the price of access

Scattered Spider: Masters of social engineering

Which insider threat is worse: Malicious or unintentional?

Remote work adds fuel to the fire

Defending against insider threats

The insider threat will grow

Why stop by the OpenText DevOps booth at Gartner® Application Innovation & Business Solutions Summit?

1. See a true end‑to‑end DevOps cloud in action

2. Learn how global enterprises ship 4× faster

3. Experience AI‑assisted DevSecOps

Can’t‑miss session

Meet the brains behind the OpenText DevOps platform

Plan your visit to see OpenText DevOps at Gartner® Application Innovation & Business Solutions Summit

Ready to run DevOps like a business?

Which reminds me…

Customer success with OpenText

Everyday AI

Game-changing AI

What’s next for AI?

1-Define what your team needs with a cybersecurity AI tool

The threats you face

The data you have

Your team’s composition

Distribution of the team.

Your processes and workflows

2- Avoid the red flags of some cybersecurity AI tools

Can’t try before you buy

Obscure models

Fuzzy AI ethics

Results lacking explainability and transparency

Your top attacks aren’t there

Adoption of the tool will break your current process.

You don’t see the tool saving you money.

3- Evaluate the cybersecurity AI tool

What is the difference between EDI and API?

EDI simplifies key transactions

APIs enable instant data exchange

The importance of a strategy that connects EDI and API

How to get started with EDI and API integration

EDI and APIs: How OpenText can help

A brief history of (computer) time

Incident response and digital forensics

Need for digital forensics

The evolving threat landscape

DFIR posture and success criteria

OpenText solutions for DFIR

Where do we go from here?

Recognizing opportunities for innovation

Taking a fresh approach to document management

Harnessing cloud solutions and industry best practices

Planning for an AI-powered future

Why stop by the OpenText DevOps booth at Gartner® Application Innovation & Business Solutions Summit?

Plan your visit to see OpenText DevOps at Gartner® Application Innovation & Business Solutions Summit