Celonis, Uniper & Microsoft drive AI-powered energy overhaul
The arrangement will support Uniper in achieving greater transparency in its business processes and facilitate AI-driven automation and end-to-end process orchestration across the company.
Leveraging Microsoft Copilot Studio and Power Automate, in conjunction with Celonis Process Intelligence, Uniper intends to implement artificial intelligence solutions company-wide, enabling the adoption of new technology-driven processes for broader operational gains.
Damian Bunyan, Chief Information Officer at Uniper, commented, "The energy industry is facing major challenges, and we want to be a pioneer in digital transformation. The powerful combination of Microsoft's AI technologies with Celonis' process intelligence lets us identify value-driving AI use cases, intelligently automate workflows, and track performance gains. Thanks to this strategic collaboration, we can optimise our operations, empower our employees, and deliver greater value to our customers."
Bastian Nominacher, co-founder and co-CEO of Celonis, stated, "AI is only as effective as the data and context it feeds on. Celonis provides the process data and business context that gives AI the understanding it needs to drive meaningful business transformation and real value. Together with Microsoft, we're enabling Uniper to drive tangible results."
Celonis will deliver its system-agnostic process intelligence platform as part of the collaboration. This platform creates a process-centric data foundation, which is key for developing agents using AI platforms such as Microsoft Copilot Studio and is now integrated with Microsoft Fabric to enhance interoperability and data availability.
Microsoft will contribute its AI technology and its ability to scale AI deployment rapidly, supported by its productivity suite that includes Microsoft Teams, Microsoft Power BI, and Power Automate. Uniper has been recognised as an early adopter, applying the joint capabilities of Celonis and Microsoft in real-world, high-impact AI use cases with results intended to act as an example within the global energy industry.
Charles Lamanna, Corporate Vice President for Business and Industry Copilot at Microsoft, said, "The next generation of AI requires deep reasoning grounded in enterprise data and business processes. By combining Celonis Process Intelligence with Microsoft Copilot Studio and Microsoft AI, we are enabling companies to build intelligent solutions that deeply understand and optimise business operations. Uniper is a great example of how this powerful combination can accelerate transformation, unlock significant value, and help companies lead their industries forward."
Uniper's involvement with Celonis began five years ago, focusing on operational excellence within its global energy operations. To date, Uniper has deployed Celonis across 27 business processes, connecting to eight source systems, and involving over 350 active users throughout the company.
Reported operational improvements from Uniper's use of Celonis technology cover areas such as plant maintenance, human resources, hydro power operations, IT service management, energy sales and technology, financial services, and internal audit. Among key achievements, Uniper has optimised its plant maintenance processes to ensure workplace safety and compliance, thereby reducing risk and supplier waiting times.
Within HR, Uniper has improved the recruiting process for managers by reducing the time to hire and optimised the candidate experience through the deployment of automated notifications. Business reporting in the hydro power segment was made more timely, decreasing operational costs and improving supplier steering.
IT service management was enhanced to allow more efficient supplier steering and faster incident response. In energy sales and technology operations, Uniper shortened proposal management cycles, while automating daily and timely reporting in financial services and optimising opportunities for cash discounts. Meanwhile, the internal audit department benefited from support for its "Trusted Advisor" and data-driven eAudit approach.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
26 minutes ago
- Techday NZ
SharePoint zero-day flaw exploited as over 9,000 servers at risk
Cybersecurity experts have raised fresh alarms following reports of active exploitation targeting Microsoft SharePoint servers worldwide. The scale and sophistication of the attacks, which began to surface in detailed research at the end of last week, are causing concern among organisations that rely on the popular collaboration platform for critical information infrastructure. The vulnerability at the centre of the incident, now assigned as CVE-2025-53770, affects a wide cross-section of SharePoint Server deployments. Research from Eye Security first brought attention to what it described as "active, large-scale exploitation," driven by a zero-day weakness identified within a pair of vulnerabilities collectively known as ToolShell. Successful exploitation allows attackers to extract the MachineKey configuration details from vulnerable servers - exposing both the validationKey and decryptionKey, which are crucial to securing authentication tokens and encrypted data. This critical information, once in criminal hands, can be weaponised. As Satnam Narang, Senior Staff Research Engineer at Tenable, explained, "Attackers were able to exploit the flaw, now identified as CVE-2025-53770, to steal MachineKey configuration details from vulnerable SharePoint Servers. These details can be used by attackers to create specially crafted requests that could be used to gain unauthenticated remote code execution." Narang noted that the consequences for affected organisations may be severe, with broad implications for data integrity and security across industry sectors. Indicators of compromise are already being circulated among security teams. Organisations are being urged to check for evidence of unauthorised access, with one telltale sign being the sudden creation of files named " on vulnerable servers, possibly under other extensions. The scope of exposure is significant, with estimates suggesting over 9,000 externally accessible SharePoint servers are potentially at risk. These systems are deployed globally by enterprises, government entities, and a range of other organisations relying on SharePoint for document management and collaboration. Patching efforts have commenced in earnest. Microsoft began distributing fixes late on 20 July, prioritising SharePoint Server 2019 and SharePoint Subscription Edition. A remedy for SharePoint Server 2016 remains pending but is expected imminently. Narang advised, "We strongly advise organisations to begin conducting incident response investigations to identify potential compromise; otherwise, apply the available patches and review the mitigation instructions provided by Microsoft." Andrew Obadiaru, Chief Information Security Officer at offensive security firm Cobalt, warned that the speed and depth of zero-day exploitation leaves little margin for delay or complacency. "Zero-day vulnerabilities in widely deployed platforms like SharePoint are a goldmine for attackers because they provide immediate, scalable access to high-value environments. "The challenge isn't just patching - it's that attackers typically implant persistence mechanisms within hours, ensuring long-term footholds. Defence strategies need to assume breach and validate controls through proactive testing, including red teaming and continuous pentesting, to uncover weaknesses before adversaries do. In today's threat landscape, reactive security alone is a losing game." Obadiaru's remarks echo growing industry consensus that traditional perimeter defences are proving insufficient in the face of increasingly sophisticated and rapid cyber threats. Security teams are being encouraged to revisit their incident response and detection protocols, embracing a proactive security posture and preparing for the possibility that attackers may already be inside their networks. For now, the advice from the security community is clear: immediate action is essential. Organisations are urged to initiate incident response processes, apply available patches without delay, and review configuration settings for any signs of compromise. Vigilance and proactive testing will be the defining factors in limiting the fallout from yet another high-profile zero-day targeting widely used enterprise software.
Techday NZ
26 minutes ago
- Techday NZ
Critical SharePoint zero-day flaw exploited, urgent actions urged
A critical zero-day vulnerability in Microsoft SharePoint Server, identified as CVE-2025-53770, has been actively exploited by threat actors and now poses a significant security risk to organisations operating on-premises SharePoint environments. Security researchers and technology companies have raised urgent concerns about the sophistication and reach of the campaign, which has been dubbed "ToolShell" and enables remote code execution (RCE), system compromise, and persistent backdoor access - even in environments protected by measures such as multi-factor authentication (MFA). According to Adrian Culley, Senior Sales Engineer at SafeBreach, the situation is particularly serious because the attacks exploiting this vulnerability commenced before any security patches were made available, placing it in the most dangerous category of threats to enterprise infrastructure. "This CVE represents a critical security incident: it was exploited as a zero-day vulnerability in active attacks against production systems before any patches were available - the most severe type of threat organisations face," Culley stated. Further complicating the response, there is currently no single remediation patch for the vulnerability. Microsoft has taken the unusual and cautionary step of advising organisations to assume their systems may already be compromised, and to immediately conduct comprehensive investigations to verify the integrity of their environments. This approach is rarely adopted in public advisory language, and reinforces the gravity of the incident. SharePoint Server 2016 installations face unique challenges due to the absence of technical fixes at present. Organisations running these environments are being told to lean on breach and attack simulation, alongside current security controls, to gauge their exposure. Culley recommended, "Proactive defence requires targeted hardening measures and resilience improvements to prevent falling victim to this sophisticated attack vector." Analysis from Mandiant Consulting, part of Google Cloud, indicates that this exploit is being used by multiple threat actors, including groups linked to China. Charles Carmakal, CTO at Mandiant Consulting, stressed the breadth of the threat landscape: "We assess that at least one of the actors responsible for this early exploitation is a China-nexus threat actor. It's critical to understand that multiple actors are now actively exploiting this vulnerability." Carmakal warned that further threat actors are expected to join as awareness and knowledge of the exploit spreads, increasing the urgency for defensive actions. Google's Threat Intelligence Group has observed attackers leveraging CVE-2025-53770 to install webshells and exfiltrate sensitive cryptographic secrets from compromised servers. This enables unauthenticated, long-term access to targeted systems, putting confidential data and business operations at risk. In its emergency guidance, Microsoft clarified that this vulnerability currently affects only on-premises versions of SharePoint Server. Organisations using SharePoint Online as part of Microsoft 365 are not impacted. For those running on-premises servers exposed to the internet, immediate action is advised. Experts recommend implementing Microsoft's mitigation advice, closely monitoring systems for signs of compromise, and preparing to deploy an emergency patch as soon as it becomes available. Carmakal summed up the reality facing organisations: "This isn't an 'apply the patch and you're done' situation. Organisations need to implement mitigations right away (and the patch when available), assume compromise, investigate whether the system was compromised prior to the patch/mitigation, and take remediation actions." Given the current lack of a comprehensive patch, vigilance in monitoring, rapid application of mitigations, and thorough investigative processes will be mandatory in defending against the expanding wave of exploitation. Security professionals emphasise that building resilience and continually reviewing security postures are critical as the situation evolves and more actors target the vulnerability.
Techday NZ
9 hours ago
- Techday NZ
Celonis invests in Bloomfilter to boost AI SDLC insights
Celonis has made a financial investment in Bloomfilter as part of a broader effort to enhance the software development lifecycle with process intelligence and artificial intelligence. This move extends the existing cooperation between the two firms, following the launch of the Celonis for Software Development Lifecycle Management (SDLC) application. The partnership is aimed at supporting organisations looking to address the challenges of timely and cost-effective software delivery, even as artificial intelligence has accelerated code writing. Software development teams are frequently confronted with issues not in producing code, but in orchestrating processes that ensure projects are completed on time and within budget. Traditional business intelligence tools used for SDLC generally offer limited, isolated insights and are seen as inadequate for the complexity of modern development environments. Celonis' SDLC application, powered by process intelligence and artificial intelligence, provides companies with continuous monitoring of development processes. The technology flags inefficiencies, identifies root causes of delays or problems, and proposes specific recommendations for improvement. The app is designed to provide transparency into questions such as project deadlines, process effectiveness, risk areas caused by deviations, and ways to utilise data and AI to enhance outcomes. According to Celonis, one organisation in the network security sector was able to use the application to increase the proportion of successful sprints to 85%, cut stage wait times by 30-40%, and double delivery velocity within a single month. "At Celonis, we are committed to building a robust ecosystem where partners can innovate and thrive on our platform. This investment in Bloomfilter underscores our belief in their groundbreaking work applying Process Intelligence to SDLC and our shared vision that effective enterprise AI is fundamentally reliant on Process Intelligence." This statement was made by Carsten Thoma, President and Board Director at Celonis. Erik Severinghaus, co-CEO of Bloomfilter, said the partnership and associated investment are an important step for the company as it seeks to bring process intelligence to bear on the challenges of software delivery. "Process Intelligence is the key to solving the crisis of complexity with Human and AI-powered software development. This strategic investment from Celonis is a powerful validation for Bloomfilter by the world leader in PI. Together, we are enabling agents and to work more effectively, building the software of tomorrow, today." Allan Jaenicke, Vice President, Global Operations Strategy & Operational Excellence at Waters Corporation, an early user of the Celonis SDLC solution, also welcomed the news: "We chose Celonis for its platform approach, and this investment in Bloomfilter further validates our decision. We are excited to see how our usage of Celonis + Bloomfilter transforms our speed to market and software quality through improving our software development life cycle processes." The SDLC application from Celonis and Bloomfilter is already being used by early adopters, who report improved insights into their development and delivery processes. The firms indicate that the product is capable of supporting businesses as they navigate both human and AI-powered workflows, providing analysis and recommendations tailored to the requirements and risks of specific projects. Bloomfilter's approach uses artificial intelligence-driven process mining across the software development lifecycle to identify waste, risk and other inefficiencies. The platform's stated aim is to make software delivery processes more transparent, predictable and efficient for its customers. The partnership between Celonis and Bloomfilter is focused on integrating more advanced process intelligence into organisations' development cycles, aiming to address persistent pressure points around software project overruns, delays and quality concerns.
