%term

From Dugouts to Data Lakes: Applying Moneyball to the AI SOC

Jan 13, 2026 By Arctic Wolf In Arctic Wolf

In AI-powered security, advantage comes not from automation alone, but from clear insight into how decisions are made. At Arctic Wolf, home to one of the world’s largest commercial security operations centers (SOC), we process over 10 trillion security events weekly. Rather than chasing automation for its own sake, we build AI that scales human expertise – preserving judgment where it matters most. But what is the optimal combination of humans and machines for security operations?

Read Post

Arctic Wolf

Read more about From Dugouts to Data Lakes: Applying Moneyball to the AI SOC

Sensitive Data Is the Common Thread Across Most OWASP Top 10 Issues. Here's Why

Jan 13, 2026 By Anwita In Protecto

The OWASP Top 10 is usually presented as a list of technical failures. Broken access control. Injection. Insecure design. Misconfiguration. Each category points to something that went wrong in the application. What it doesn’t say explicitly is what was actually at risk when it went wrong. In most real incidents, the answer is not “the application.” It’s the data inside it. Sensitive data is the reason attackers care about OWASP failures in the first place. Credentials.

Read Post

Protecto

Read more about Sensitive Data Is the Common Thread Across Most OWASP Top 10 Issues. Here's Why

Building Trust and Autonomy in the Age of Agentic AI - Saqib Khan, Global Field CIO at Tanium

Jan 13, 2026 By Tanium In Tanium

Speaking with iTnews, Saqib Khan, Global Field CIO at Tanium, explores how real-time, trustworthy endpoint data forms the foundation of Agentic AI. He explains why confidence in data sources is key to enabling autonomous decision-making, reducing incidents, and driving faster, more reliable outcomes across IT and cybersecurity environments.

View Video

Tanium

AI
Security

Read more about Building Trust and Autonomy in the Age of Agentic AI - Saqib Khan, Global Field CIO at Tanium

Using LLMs, CVSS, and SIEM Data for Runtime Risk Prioritization

Jan 13, 2026 By Jeff Darrington In Graylog

A recent University of North Carolina Wilmington study tested whether general-purpose large language models could infer CVSS v3.1 base metrics using only CVE description text, across more than 31,000 vulnerabilities. The results show measurable progress, but they also expose a hard limit that matters far more than model selection: Model quality helps, but missing context sets a ceiling on reliability.

Read Post

Graylog

Read more about Using LLMs, CVSS, and SIEM Data for Runtime Risk Prioritization

GreyNoise Findings: What This Means for AI Security

Jan 13, 2026 By Greg Zemlin In Zenity

Late last week, GreyNoise published one of the clearest signals we have seen that AI systems are no longer just research targets. They are operational targets. Their honeypot infrastructure captured 91,403 attack sessions between October 2025 and January 2026, revealing two distinct campaigns systematically mapping AI deployments at scale. This is a meaningful inflection point.

Read Post

Zenity

Read more about GreyNoise Findings: What This Means for AI Security

Vibe Coding and GenAI Security: Balancing Speed with Risk

Jan 13, 2026 By Natalie Tischler In Veracode

If you think AI-generated code is saving you time and boosting productivity, you’re right. But here’s the problem: it’s also likely introducing security vulnerabilities. However, there are GenAI security practices that can be weaved into your workflow to help protect your apps. The software development landscape is shifting under our feet.

Read Post

Veracode

Read more about Vibe Coding and GenAI Security: Balancing Speed with Risk

How X-Design's AI Agent Is Replacing Drag-and-Drop Branding Tools

Jan 13, 2026 By SecuritySenses In SecuritySenses

The timeline for launching a brand has crashed. Two years ago, building an identity was a month-long slog of negotiations and revisions. Today, it happens in the afternoon. The old method of stitching together disjointed tools is dead; the market simply moves too fast for that.

Read Post

SecuritySenses

Read more about How X-Design's AI Agent Is Replacing Drag-and-Drop Branding Tools

StrongestLayer Research Finds Trusted Platforms Like DocuSign and Google Calendar Are Now the Primary Email Attack Surface

Jan 12, 2026 By StrongestLayer

77% of attacks impersonated business-critical brands such as DocuSign, Microsoft, and Google-platforms most organizations cannot afford to block.

Read Post

Read more about StrongestLayer Research Finds Trusted Platforms Like DocuSign and Google Calendar Are Now the Primary Email Attack Surface

PGA of America Trusts LevelBlue as Official Cybersecurity Advisor

Jan 12, 2026 By LevelBlue In LevelBlue

LevelBlue and the PGA of America share a commitment to excellence under pressure. As the Official Cybersecurity Advisor of the PGA of America, LevelBlue brings championship standards of protection, continuity, and trust to the organizations that keep the game - and business - moving forward. From fairways to firewalls, LevelBlue safeguards mission-critical operations, member data, and high-profile events with always-on defense, accelerated response, and expert-led security operations powered by AI-driven threat intelligence.

View Video

LevelBlue

Read more about PGA of America Trusts LevelBlue as Official Cybersecurity Advisor

The Silent Killer in Security Stacks: Configuration Drift | Todd Graham x Garrett Hamilton

Jan 12, 2026 By Reach Security In Reach Security

The silent killer in modern security programs? Garrett Hamilton and Todd Graham discuss how the real killer is settings quietly slipping out of alignment over time — even in environments packed with “best-in-class” tools and clean audit results. Misconfigurations don’t announce themselves. They accumulate. They age. They slowly pull your security posture away from original intent. What teams think is “turned on” often isn’t enforced consistently — or at all. Without continuous validation, drift becomes invisible risk.

View Video