Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Imagine this. Your phone rings on January 2nd, and it’s your DevSecOps and AppSec groups. A major security vulnerability is exposing your business, and your teams are trying desperately to find and fix it to protect your data. You probably have scars as far back as Log4j, as well as threats from more recent incidents like npm attacks, Glassworm and others ringing in your ears. With CVEs expected to rise by tens of thousands a year, you can envision that the situation will only worsen.

Energy. Water. Finance. Healthcare. Transportation. Each of these sectors underpins the daily functioning of modern society—and each is now a potential attack vector for cyber attacks.

Following our successful MITRE ATT&CK Evaluation results earlier this month, WatchGuard has now achieved an AAA rating in the SE Labs Endpoint Protection Suite (EPS) evaluation, the highest possible score in this independent test. SE Labs evaluates prevention and response in real-world scenarios, validating the ability to stop attacks while allowing legitimate business activity to continue uninterrupted.

Cyberattacks are growing in frequency and sophistication. Data from the 2024 Verizon Data Breach Investigations Report shows that breaches exploiting application vulnerabilities have increased by 180% in the last year alone. Applications remain a primary target, yet development teams are under constant pressure to innovate and deliver faster. Using disconnected or inadequate application security tools creates security gaps, slows down development pipelines, and ultimately increases business risk.

Welcome back to our threat hunting series with Corelight and CrowdStrike. In our previous posts, we armed you with techniques to spot adversaries during Initial Access and how they establish Persistence to maintain their foothold. Now, we're diving into the shadowy dance of Defense Evasion and Lateral Movement.

For security teams, the adoption of agents showed up operationally before it showed up strategically - creating new expectations and requirements. Risk is no longer tied to prompts or the model alone. It shows up in what agents do once they are connected to critical systems - coming from permissions they inherit, tools they invoke, and data they move.

Static credential practices — where certificates, keys, and tokens persist for months or years and are manually rotated — create systemic risk in DevOps pipelines. Rotating these secrets is time-consuming and costly. In fact, organizations may spend dozens of hours and involve multiple teams to rotate a single credential. Manual rotation quickly becomes impractical across thousands of service accounts. In this post, you will learn.

As the global cyber threat landscape evolves, adversaries continue to refine and adapt their tactics. Bitsight threat intelligence indicates that there are several tactics, techniques, and procedures (TTPs) that are most commonly and consistently leveraged by threat actors. These attacks are not isolated; they’re systemic.

Security reporting only works when the right people can use it. Appknox reporting and analytics are designed to help security leaders, AppSec teams, and developers work from the same data—without translation layers or manual fixes—so teams can meet targets for report delivery and act faster.

As AI adoption accelerates across business functions, December’s expert roundup focuses on a question many organizations are now confronting in practice rather than theory: how should companies prepare for AI related data processing under GDPR. Unlike traditional automation, AI systems often rely on large, dynamic datasets, continuous learning, and opaque decision logic.