Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Five worthy reads is a regular column on five noteworthy items we have discovered while researching trending and timeless topics. In this week's edition, we will discuss how the concept of identity fabric has evolved and what it holds for the future. Securing digital identities is no longer a one-man show; it is everyone's game now.

The modern cybersecurity landscape is being redefined by the human element. With every individual user accessing your network, tools, and sensitive data, managing your human attack surface is growing more critical than ever. Yet, as user autonomy increases and AI erupts, this task has become increasingly difficult, if not impossible, with yesterday's tools.

Clickhouse is an incredible database. Here at Certkit, we’ve long worked in the world of “No SQL” databases like Elasticsearch precisely for their ability to query large amounts of data. But for every database, there’s an amount of data that’s “Too big”. Too big to query quickly or too big to store affordably. Clickhouse manages to thread the needle by efficiently storing truly ridiculous amounts of data while still providing impressive query performance.

Age-based regulations are evolving worldwide. While many people are already familiar with self-attestation forms for accessing adult content, the scope and approved methods of age assurance continue to expand due to evolving regulations worldwide. These regulations include the UK's Online Safety Act, which was accompanied by a set of highly effective methods to gauge age, and Australia's Social Media Minimum Age Act that places guardrails around what digital content children have access to.

Financial services organizations are increasingly turning to AI agents to drive productivity, automate workflows, and deliver an innovative edge. Within the Microsoft ecosystem, two agentic platforms, Copilot Studio and Foundry, are paving new paths for agent development and deployment. Despite their shared vision for enterprise AI, their differences have important implications for user groups, agent capabilities, and security priorities.

The 21st-century gold rush is the AI boom, and it is producing a wave of emerging AI companies. Being the first to build and apply AI in novel ways successfully is the difference between success and failure. Because of this, companies can find themselves making a trade-off between time-to-market and security.

Secure Web Gateways (SWGs) and Firewalls both protect your business, but they defend at different layers. One protects your web traffic and cloud apps the other secures your network perimeter. Let’s explore how they differ and how to use both for maximum protection.

This blog post is adapted from a recent episode of The Cloudcast podcast featuring Rohan Sathe, CEO and co-founder of Nightfall AI. Listen to the full conversation here. Your employees are uploading company documents to ChatGPT. Your healthcare teams are transcribing sensitive call recordings and feeding them into LLMs. Your finance department is pasting confidential spreadsheets into publicly accessible AI tools. And unless you have visibility into these workflows, you have no idea it's happening.

Protecting your most critical services in a datacenter requires more than just regular backups — this demands replication to ensure minimal data loss and downtime in case of a failure. Virtual machines offer a significant advantage over physical servers by simplifying this process. In this blog post, we’ll explore the benefits of real-time replication for virtual machines, covering its principles, key use cases, and how to configure it effectively, with a focus on VMware vSphere.

Modern applications are constantly exposed to various malicious activities, including credential stuffing, API abuse, and advanced injection attacks. Many of these threats can be stopped at the network edge, before they ever reach your application. That’s why Datadog App and API Protection offers real-time threat detection and blocking for popular edge proxies and load balancers, which include integrations for Envoy, Istio, NGINX, and Google Cloud Load Balancers (using Google Service Extensions).