Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

For security teams, the adoption of agents showed up operationally before it showed up strategically - creating new expectations and requirements. Risk is no longer tied to prompts or the model alone. It shows up in what agents do once they are connected to critical systems - coming from permissions they inherit, tools they invoke, and data they move.

Static credential practices — where certificates, keys, and tokens persist for months or years and are manually rotated — create systemic risk in DevOps pipelines. Rotating these secrets is time-consuming and costly. In fact, organizations may spend dozens of hours and involve multiple teams to rotate a single credential. Manual rotation quickly becomes impractical across thousands of service accounts. In this post, you will learn.

As the global cyber threat landscape evolves, adversaries continue to refine and adapt their tactics. Bitsight threat intelligence indicates that there are several tactics, techniques, and procedures (TTPs) that are most commonly and consistently leveraged by threat actors. These attacks are not isolated; they’re systemic.

Security reporting only works when the right people can use it. Appknox reporting and analytics are designed to help security leaders, AppSec teams, and developers work from the same data—without translation layers or manual fixes—so teams can meet targets for report delivery and act faster.

As AI adoption accelerates across business functions, December’s expert roundup focuses on a question many organizations are now confronting in practice rather than theory: how should companies prepare for AI related data processing under GDPR. Unlike traditional automation, AI systems often rely on large, dynamic datasets, continuous learning, and opaque decision logic.

When it comes to data masking or de-identification, one often-overlooked detail is the importance of preserving the original data structure. While it might seem harmless to normalize extra spaces or convert unique newline characters into a standard format, these subtle changes can actually have a significant impact on downstream processing. Let’s explore why this matters, with a couple of concrete examples.

Building an in-house data masking tool often starts as a practical decision. The logic feels sound. Your team understands the data, knows the systems, and can tailor masking logic exactly to your needs. On the surface, it looks like a short engineering project that saves licensing costs and avoids external dependencies. What we’ve learned, after observing many organizations take this path, is that the hidden costs of building your own data masking solution rarely appear during the initial build.

Effective threat hunting requires both comprehensive visibility and quick, data-driven insights. Olly, the AI-powered observability teammate within Coralogix, provides just that. Whether you’re tracking lateral movement, uncovering stealthy persistence, or correlating spikes in anomalous activity, Olly rapidly pinpoints the evidence and presents it in context so you can confirm or dismiss threats before they escalate.

You’ve used wildcard certificates for years. It made your life easier. Once a year you’d renew your wildcard certificate, and copy it around to all the servers. It was way too complicated and expensive to get a unique certificate for every system. But now certificate lifetimes are shrinking to 47 days by 2029 and it’s not going to work anymore. You need to automate your certificates. Soon.

Zscaler has published a report on a new phishing kit dubbed “BlackForce” that uses Man-in-the-Browser (MitB) attacks to steal credentials and bypass multi-factor authentication. Notably, the kit “features a vetting system to qualify targets, after which a live operator takes over to orchestrate a guided compromise.” Additionally, the phishing kit uses mostly legitimate code in order to avoid detection by security scanners.