Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Artificial intelligence is no longer just an emerging technology in security operations and modern SIEMs. AI agents now enrich alerts, drive investigations, generate reports, and increasingly act as extensions of human analysts. But as with any powerful technology, new risk surfaces follow. From the Exabeam perspective, every entity in your environment deserves protection.

Losing a MySQL database without a backup means losing customer records, transactions, and your business’s good reputation. Whether you’re running a single application or managing containerized workloads, you need a backup strategy that works when disaster strikes. The challenge isn’t just creating backups but making sure that they’re consistent, they’re recoverable, and they match your recovery time objectives.

Blog post updated for clarity. In late September 2025, several European airports reported significant delays and flight cancellations due to disruptions with their check-in and passenger systems. As a global leader in aviation technology and the backbone of passenger travel, protection of systems and customer operations is paramount for Collins Aerospace. Nonetheless, the vendor of the vMUSE check-in system had been hit by a ransomware attack.

Modern breaches rarely begin with a brute-force attack on a firewall, they now start with a user login. Valid account credentials are now a top initial access vector, responsible for 30% of all intrusions. In this post, we address a common misconception surrounding the inforstealer malware that may be putting you at risk of a data breach.

It’s bad enough that organizations must worry about threat actors launching phishing attacks, injecting ransomware, or exploiting vulnerabilities; now, there is a new attack variant on the loose. Legal scammers. These are companies, which seem to be emerging particularly in Australia, are set up and registered as legal cybersecurity firms, but in the end just take a company’s money without delivering any services.

Workflows aren’t new, or glamorous. But every major leap in technology has been about making work flow better. The assembly line automated production. The personal computer and the internet reshaped knowledge work. The cloud, mobile, and collaboration tools broke down barriers of place and time. We explored this evolution in a recent piece, “A History of Workflows.” Today, we’re examining the present. With automation and AI, we’re at the next leap.

AI-powered SOCs are dominating industry conversations, yet security leaders remain split on whether a truly autonomous SOC can ever exist. Despite certain vendors aggressively marketing fully autonomous SOC solutions, Gartner's analysis "Predict 2025: There Will Never Be an Autonomous SOC" suggests solutions in the market are unlikely to deliver against claims of full autonomy. As someone who has run SOCs, I agree. Full autonomy isn’t the answer.

Nowadays, thinking about backups in terms of redundancy alone is old-fashioned. Along with the ‘what’ and ‘how’ approach, it’s vital to ask ‘where’. And it’s not a matter of GDPR or HIPAA requirements. Knowing about your backup location(s) can be a factor that distinguishes between mere compliance and a catastrophe.

This user quote, captured on Reddit, underscores the real-world consequence of cloud outages: when it happens, the world stops. As your organization scales, you often make strategic decisions to centralize your workloads, whether it’s meeting strict regulatory requirements that demand data locality, or minimizing latency for compute-heavy applications. The true challenge isn’t deciding which cloud vendor to go with; it’s mitigating the risk of a single point of failure.