Do you ever feel overwhelmed by the number of data sources you manage with your SIEM? How do you piece together different pieces of the puzzle like SOAR, threat intelligence, and security tools for endpoint, cloud, or identity? Do you actually know which tools are strengthening your security posture, and which are just adding more complexity?

According to Forrester Research, “How do we reduce our SIEM ingest costs?” is one of the top inquiries they receive from clients. Many security organizations rely on SIEMs for their detection, investigation, and response workflows, ingesting critical security information and events to detect and respond to threats.

Threat actors often use techniques such as phishing, lateral movement, and zero-days to gain and maintain access to systems. The increased sophistication of advanced persistent threat (APT) groups compared to other attackers means that long-term infiltration, careful exfiltration of data, and manipulation of systems without detection is often observed.

We’re entering the Spring season, which can mean only one thing - You Did WHAT With Tines?! (YDWWT) Is back! Our bi-annual competition invites Tines builders to submit their most impressive workflows with a chance to win some exciting prizes, including a trip to a very special customer event.

In most cases, migration from Bitbucket to Azure DevOps is driven by the need for better integration within the Microsoft ecosystem. This is especially true when scalability for larger projects and a unified development environment support modern software development practices. Companies undergo such a migration for strategic reasons.

On February 12, 2025, Palo Alto Networks announced CVE-2025-0108, a high severity (8.8) authentication bypass vulnerability affecting Palo Alto Networks PAN-OS management web interface. Successful exploitation of this vulnerability allows unauthenticated attackers with network access to invoke certain PHP scripts without proper authentication. While it does not lead to remote code execution, it impacts the confidentiality and integrity of the affected system.

When it comes to security, 2024 was unfortunately a standout year for the healthcare sector. Kroll found that the healthcare industry was the most breached, had fairly immature incident response practices, and unfortunately suffered numerous cyberattacks culminating in a year that left healthcare boards thinking deeply of the overall risk to their businesses.

The deadline for European Union member states to pass the new EU NIS2 regulation into national law was October 17, 2024, yet only a few countries have transposed it into law, leaving others lagging behind, with regulations in draft or public consultation phases, or not at all. In the absence of certainty for firms (or what NIS2 calls entities), confusion is understandable, but steps can be currently taken considering what we already know.

The growth of remote work and widespread cloud adoption has transformed how and where employees access corporate network resources as well as private and public applications and web sites. Today’s workforce demands access to corporate resources from anywhere, whether at home, on the go, or in traditional office settings. For organizations, this shift continues to present challenges in managing and securing user access without compromising usability or increasing risk.

On February 12, 2025, Palo Alto Networks published a security advisory for CVE-2025-0108, an authentication bypass vulnerability in the management web interface of PAN-OS. The vulnerability was responsibly disclosed to Palo Alto Networks by Assetnote, who published a blog article with technical details about how to exploit the vulnerability the same day it was disclosed. Since then, proof-of-concept exploit code has emerged publicly.