Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Plugins are shared libraries that conform to a documented API, hooking into the core functionalities of Falco to allow things such as adding new event sources that can be evaluated using filtering expressions/Falco rules. Since Falco is open source, users can build plugins for just about any arbitrary 3rd party event source. In recent blog posts, we discussed how Falco can be extended to event stream sources such as Gitlab, Salesforce and Box via the Falco Plugin architecture.

Last November, the Open Web Application Security Project (OWASP) released its Top Ten List for LLMs and Gen AI Applications 2025, making some significant updates from its 2023 iteration. These updates can tell us a great deal about how the LLM threat and vulnerability landscape is evolving - and what organizations need to do to protect themselves.

The original NIS Directive came into force in 2016 as the EU’s first comprehensive law governing cybersecurity in member states. As part of its key policy objective to make Europe “fit for the digital age,” the European Commission proposed in December 2020 that NIS be revised, and NIS2 entered into force in January of 2023. Member states were required to transpose it into law by October 17, 2024.

Cloud storage has become a go-to solution for individuals and businesses seeking scalable, cost-effective ways to store data, as it offers significant advantages over traditional methods of storing our files. Public cloud storage works by using remote servers operated by a service provider so you can access files from anywhere with an internet connection. While convenient, trusting your sensitive and potentially confidential files to an external provider leaves many asking, "How secure is cloud storage?".

Quantum computing poses rapidly escalating challenges to many of the public-key cryptographic algorithms currently in use: RSA, ECC, and DSA. Many of the classical public key cryptographic algorithms secure everything that deals with financial transactions, software updates, identity verification, and data encryption.

At IntelliC0N 2025, threat intelligence leaders shared strategies for using AI, uncovering blind spots, improving communication, and improving cyber defenses overall.

Endpoint detection and response (EDR) systems such as SentinelOne Singularity Endpoint, CrowdStrike, and Microsoft Defender monitor IT infrastructure such as computers, mobile devices, and network devices to detect, alert on, and respond to cyber threats. These EDR systems record data about the endpoints to identify abnormal behavior, block malicious activity, and provide remediation suggestions with contextual information.

Cybersecurity performance management (CPM) is the process of continually assessing and optimizing an organization's security posture. As cyber threats evolve, organizations must ensure their security measures are withstanding this increasing sophistication of ensuing attacks. However, with this rapid rate of change, traditional approaches to cybersecurity performance measurement, which often rely on static technical metrics, are failing to capture the broader business impact of cyber risks.

Third-party vendors are essential to organizations, but each vendor an organization adds widens its attack surface and can introduce various security risks, such as data leaks or data breaches. To effectively manage vendor access and prevent security threats, organizations must conduct thorough vendor risk assessments, implement least-privilege access, establish clear vendor access policies, require MFA, log vendor activity, update vendor access and ensure vendors comply with industry standards.

We already know that cybercriminals exploit the weakest link in your IT networks. The best defense against these exploits comes down to safeguarding the most vulnerable entry points. But what if the weakest link in your cybersecurity defense lies beyond your IT network itself?