Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Over the past few months, the team has been working on some pretty cool things for the Tines platform. Check out this video for the biggest highlights, or use the following timestamps to jump to a specific topic.

After years of drafts, revisions, and shifting timelines, the Cybersecurity Maturity Model Certification (CMMC) program is no longer just a concept. It's a contractual requirement, and enforcement begins soon. ‍ On September 9, 2025, the U.S. Department of Defense (DoD) released the final CMMC rule (48 CFR) for public inspection, with official publication in the Federal Register on September 10. From this point forward, all DoD contracts require some level of CMMC certification. ‍

Managed Detection and Response (MDR) services are experiencing significant growth due to the increasing sophistication and frequency of cyberthreats. As the cybersecurity landscape continues to evolve with more frequent, targeted, and sophisticated threats, organizations are increasingly turning to MDR to shore up their cyber defenses. But what exactly is behind the rising adoption of MDR security services, and what makes these services such a compelling option for modern enterprises?

Modern development teams do far more than simply write code. Now, with the help of AI, software development organizations are orchestrating its creation, maintenance, and delivery at a bigger scale than ever before. Tools like Windsurf and Devin from Cognition help developers across the Software Development Lifecycle (SDLC) by augmenting people with multi-step reasoning agents that can write code.

In the rapidly evolving landscape of AI, Retrieval-Augmented Generation (RAG) has become the go-to solution for grounding language models in factual data. It has been effective for question-answering, but for complex, exploratory tasks that demand vast data analysis and culminate in a structured narrative, we must look beyond simple RAG. This isn’t just a theoretical challenge, it's the next step in our own product journey: This progression now culminates in a more advanced capability.

Choosing the wrong AST (Application Security Testing) platform doesn't just waste your budget. It leads to: In its latest research, “How to Avoid Common Pitfalls in Selecting Application Security Testing Tools,” Gartner highlights the five most common mistakes security leaders make when evaluating AST platforms. In this blog, we break down Gartner’s key insights and share what teams should look for when choosing a tool that works in the real world.

We’re excited to announce the release of TMU 770, packed with over 370 new features and enhancements across Windows Agent 25.28, Mac Agent 25.24, Web 25.30.1, Server 25.28, and BI 25.28. This release focuses on bolstering security, giving you greater control over your monitoring, and optimizing performance across the platform. Here’s a summary of what’s new and improved in TMU 770.

Today we’re excited to announce the launch of Apono’s new AI-powered Access Assistant, now live across the Apono Cloud Access Management Platform. As AI continues to transform engineering and security workflows, this assistant brings natural language interaction to access management. Helping teams move faster while staying secure. By eliminating the guesswork from access requests, Apono’s Access Assistant gives engineers a powerful new way to get exactly the access they need.

Azure CSPM (Cloud Security Posture Management) helps users maintain secure cloud setups. This post covers the basics, including the role of scanning virtual machines, various scan methods, and methods for viewing results.

Let’s be honest — nobody wakes up excited to read documentation. You’ve been there. You’re configuring a tricky workflow, testing an API, troubleshooting a weird corner case. And instead of finding the answer fast, you’re 12 tabs deep, elbows in a PDF appendix, hoping for a miracle. That’s not how it should be.