Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In June 2017, the world witnessed one of the most destructive cyberattacks in history: the NotPetya attack. Unlike traditional ransomware, NotPetya was a wiper. Once it infected a system, recovery was impossible. The ransom demand was a ruse because no decryption keys were ever made available. The true intent of the attackers was to cause disruption and damage. Nearly a decade later, NotPetya is considered a turning point in how organizations approach backup and recovery. The threat has only grown.

Among the many updates to Windows Server 2025, there’s a new Forest Functional Level (FFL) for Active Directory. This first new FFL since Windows Server 2016 underscores Microsoft’s long-term commitment to AD.

The cybersecurity industry is currently defined by “WTF” moments of panic, from overwhelming vulnerability backlogs to sophisticated AI-driven attacks that bypass traditional defenses. To combat this, organizations must shift their narrative away from reactive frustration and toward the most critical part of exposure management: The Fix. By redefining WTF, security teams can move beyond context-less alerts and manual spreadsheets.

Your Privileged Access Management (PAM) tool is running. Your vaults are configured. Your sessions are monitored. And somewhere in the environment, a former contractor’s account still has domain admin rights. This is the problem that Privileged Access Governance (PAG) solves. In this blog, we'll see why having the right Privilege Access Management tools isn’t the same as having privileged access under proper control.

Managing modern IT infrastructure often feels like balancing completely different ecosystems. For years, organizations have run separate, hand-built, Kubernetes stacks on top of legacy virtualization platforms. Due to security concerns, it just made sense to build a separate, tailored container environment that they could automate and schedule their exact needs. This fragmented approach leads to inconsistent security policies, fragile integrations between clusters, and operational silos.

The era of human-speed defense is over. With eCrime breakout times collapsing to as fast as 27 seconds and attacks from AI-powered adversaries increasing 89% year-over-year, the traditional SOC has reached a breaking point. Manual processes, fragmented tools, and rule-based playbooks were built for a different era. Today, if your defense depends on human reaction time, you’re not just behind — you’re at risk.

• EDR false positives are a structural profitability problem for MSPs, not just a technical nuisance. Under flat-fee, per-incident, and man-hours pricing models, every false alert erodes margins directly. • Seventy-five percent of MSPs experience alert fatigue at least monthly, and MSPs managing 1,000+ clients report daily fatigue (Source: Heimdal, The State of MSP Agent Fatigue, 2025).

PowerShell is an amazing scripting language that empowers Managed Service Providers (MSPs) to automate repetitive tasks, dramatically improving efficiency, consistency, and scalability across client environments. While traditional training or formal education may cover the basics, real-world MSP automation requires going beyond the basics with hands-on PowerShell scripting and continuous learning.

We’ve been collaborating with others to explore when and how agentic commerce will work. Robin Gandhi is the CPO of Lithic, a leading card issuer that’s already seeing agents use its cards to make purchases. Below, he shares his thoughts on what’s changed, and what needs to change, for agentic commerce to become mainstream. Last year, I wrote about the opportunity for agentic payments to revolutionize travel bookings, ad spend management, procurement, and more.