Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Shopify's recent update introduces advanced extensibility features for Shopify customer accounts, significantly enhancing both Direct-to-Consumer (DTC) and Business-to-Business (B2B) customer accounts. This update allows for more seamless and customizable customer interactions, boosting satisfaction and operational efficiency for both types of customers. Shopify has revealed that developers can now access customer accounts using customer account UI extensions, which are currently in developer preview.

Connect Okta & Shopify with any apps on the web using Okta Integration with Shopify with Okta as IDP. Enable secure SSO into Shopify Plus and Non-Plus stores, streamlining access for both customers and employees. Okta is a platform in the Identity-as-a-Service (IDaaS) category, meaning it allows you, your colleagues, or customers access to all other (company) software with a single set of login credentials.

Enable secure Single Sign-On (SSO) access to your Staff Members and add an unlimited number of staff members in Shopify Admin to manage your Shopify Store. You can completely own your Shopify Store by restricting your staff member’s access based on tags assigned to them. Login from multiple IDPs is also supported which will help in authenticating users from different IDPs for your Plus & Non-plus Shopify Store.

This week’s McKinsey incident should be a wake-up call for every enterprise moving fast to deploy AI. Not because AI itself is inherently insecure. But because too many organizations are still thinking about AI security at the model layer, while the real enterprise risk sits in the action layer: the APIs, MCP servers, internal services, and shadow integrations that AI agents can reach, invoke, and manipulate. That is the part most companies still do not see.

In case you missed it, Egnyte recently presented a webinar focused on an ongoing yet potentially overlooked problem for many organizations—their file server strategy. Our discussion covered a ton of ground, but I thought it was important to recap some of the takeaways and recommended next steps here.

Recent reports of a cyberattack targeting medical device manufacturer Stryker highlight a growing challenge for modern organizations: maintaining visibility across every device connected to their networks. The Michigan-based healthcare technology company reported a global network disruption affecting its Microsoft environment following a cyberattack.

LevelBlue has developed a suite of managed detection and response solutions to help organizations maintain strong security as threat groups grow more sophisticated. LevelBlue’s Managed Extended Detection and Response (MXDR) with a Co-Managed Security Operations Center (SOC) combines MDR security technology with collaborative expertise to help organizations monitor, investigate, and respond to threats across their environments.

SafeBreach Senior Product Marketing Manager Tova Dvorin explores the critical necessity of continuous validation in Zero Trust architectures, specifically focusing on the integration of SafeBreach and Akamai Guardicore. While microsegmentation is a foundational element in the defense against lateral movement and ransomware propagation, dynamic infrastructure and policy drift often create “blind spots” that compromise security posture.

According to a Verizon report, the majority of data breaches are made possible by compromised credentials, especially on email servers. Social engineering, credential phishing and brute force attacks are some of the methods used by malicious actors to steal credentials. To improve the security of Office logins and help prevent data breaches, Microsoft introduced the modern authentication method.

One recurring theme in my research and writing on agentic AI security has been the distinction between soft guardrails and hard boundaries. As someone who serves on the Distinguished Review Board for the OWASP Agentic Top 10, and who spends every day thinking about how to secure agents across enterprise environments at Zenity, this distinction is not academic. It is potentially the single most important conceptual framework practitioners need to internalize right now.