Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today’s adversaries are fast, distributed, and increasingly coordinated. Yet many SOCs remain reactively trapped in fragmented tools, endless alert queues, and growing pressure from executives to prove not just security, but resilience. It’s no longer enough to collect threat feeds or stand up a threat intel team. What’s needed is integrated intelligence—curated, contextualized, and operationalized—so your team can detect sooner, respond faster, and adapt continuously.

Modern exposure management has evolved beyond vulnerability scanning and alert volume into a discipline focused on measurable risk reduction. As the exposure management market matures, security leaders are adopting cyber exposure management platforms that unify signals across vulnerability, cloud, application, and attack surface tools to prioritize what truly matters.

With the rise of CI/CD pipelines, cloud-native development, and globally distributed teams, sensitive credentials like API keys, tokens, and database passwords often slip into source code. Sometimes accidentally, sometimes under pressure to deploy fast. This is not a rare mishap. A recent study found that 34% of API security incidents involve sensitive data exposure. And according to Cyble, over 1.5 million.env files containing secrets have been discovered in publicly accessible environments.

A newly disclosed denial-of-service vulnerability, CVE-2025-66675, affects a wide range of Apache Struts 2 versions and poses a serious availability risk for applications that handle file uploads. While the EPSS score is 0.05%, indicating a low probability of exploitation in the next 30 days, the vulnerability still represents a high availability risk for exposed and unpatched environments.

Managing user access across the entire employee lifecycle has become increasingly complex for modern IT and security teams. From provisioning new hires and modifying existing permissions during role changes to quickly deprovisioning departing employees, organizations must maintain granular access controls without disrupting operations. To keep up with the growth of hybrid and remote work, modern Identity Lifecycle Management (ILM) is essential for organizations to mitigate identity-based security risks.

Secure all your non-human identities across providers and without secrets. Explore how AWS and GitGuardian can help organizations migrate to short-lived tokens.

As holiday lights go up and inboxes fill with year-in-review emails, it’s tempting to look back on 2025 as “the year of AI.” But for security teams, it was something more specific – the year APIs, AI agents, and MCP servers collided across the API fabric, expanding the attack surface faster than most organizations could keep up. At Salt Security, we spent 2025 focused on one thing: defending the API action layer where AI, applications, and data intersect.

Mexico has taken a major step toward strengthening its digital defenses with the official unveiling of its first National Cybersecurity Plan, a landmark initiative that establishes the country’s first specialized policy framework for cybersecurity.

It was a quiet Monday morning until John, head of IT, opened his laptop and saw 424 new support tickets. Users across the office were reporting issues like “apps won’t load” and “internet not working.” After hours of investigation that stretched into the next day, the team traced the problem to a branch router overwhelmed by malformed DNS queries from a misbehaving IoT device.

Organizations are under pressure to protect more devices, users, and distributed workloads than ever — while adversaries are moving faster, smarter, and across more domains. Many businesses still depend on complex solutions that create gaps between tools and strain security teams.