Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Among the many updates to Windows Server 2025, there’s a new Forest Functional Level (FFL) for Active Directory. This first new FFL since Windows Server 2016 underscores Microsoft’s long-term commitment to AD.

The cybersecurity industry is currently defined by “WTF” moments of panic, from overwhelming vulnerability backlogs to sophisticated AI-driven attacks that bypass traditional defenses. To combat this, organizations must shift their narrative away from reactive frustration and toward the most critical part of exposure management: The Fix. By redefining WTF, security teams can move beyond context-less alerts and manual spreadsheets.

Your Privileged Access Management (PAM) tool is running. Your vaults are configured. Your sessions are monitored. And somewhere in the environment, a former contractor’s account still has domain admin rights. This is the problem that Privileged Access Governance (PAG) solves. In this blog, we'll see why having the right Privilege Access Management tools isn’t the same as having privileged access under proper control.

Managing modern IT infrastructure often feels like balancing completely different ecosystems. For years, organizations have run separate, hand-built, Kubernetes stacks on top of legacy virtualization platforms. Due to security concerns, it just made sense to build a separate, tailored container environment that they could automate and schedule their exact needs. This fragmented approach leads to inconsistent security policies, fragile integrations between clusters, and operational silos.

The era of human-speed defense is over. With eCrime breakout times collapsing to as fast as 27 seconds and attacks from AI-powered adversaries increasing 89% year-over-year, the traditional SOC has reached a breaking point. Manual processes, fragmented tools, and rule-based playbooks were built for a different era. Today, if your defense depends on human reaction time, you’re not just behind — you’re at risk.

• EDR false positives are a structural profitability problem for MSPs, not just a technical nuisance. Under flat-fee, per-incident, and man-hours pricing models, every false alert erodes margins directly. • Seventy-five percent of MSPs experience alert fatigue at least monthly, and MSPs managing 1,000+ clients report daily fatigue (Source: Heimdal, The State of MSP Agent Fatigue, 2025).

PowerShell is an amazing scripting language that empowers Managed Service Providers (MSPs) to automate repetitive tasks, dramatically improving efficiency, consistency, and scalability across client environments. While traditional training or formal education may cover the basics, real-world MSP automation requires going beyond the basics with hands-on PowerShell scripting and continuous learning.

We’ve been collaborating with others to explore when and how agentic commerce will work. Robin Gandhi is the CPO of Lithic, a leading card issuer that’s already seeing agents use its cards to make purchases. Below, he shares his thoughts on what’s changed, and what needs to change, for agentic commerce to become mainstream. Last year, I wrote about the opportunity for agentic payments to revolutionize travel bookings, ad spend management, procurement, and more.

In the current AI boom, we race to use copilots, orchestration scripts, CI workflows, retrieval pipelines, and background jobs. Sometimes, we take for granted that every one of these things needs an identity. Service accounts. OAuth apps. API keys. Short-lived tokens. As AI velocity increases, so does the number of these non-human identities (NHIs). Instead of obsessing over model quality, latency, hallucinations, and GPU costs, we also need to consider how these identities impact security.