Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

IBM's Institute for Business Value has released a report on the benefits of cybersecurity platformization. It's an important piece of research, but is focused mainly on enterprise users. In this post, we'll discuss what the IBM report means for managed security services providers (MSSPs) and how they can take advantage of security platformization.

Financial institutions face a tricky balancing act: they need to innovate quickly while also following strict compliance rules in an environment where security is paramount. Recently, Snyk's Field CTO, Steven Schmidt, sat down with Mihai Saveschi, Senior Director of Security Service Management at CIBC, for a fireside chat to discuss these pressing issues. We’ve pulled key insights from their conversation on some of the most pressing AppSec challenges facing financial services organizations today.

As organizations increasingly adopt cloud-native architectures, they face a sprawling attack surface with novel threats that traditional security measures struggle to manage. ARMO’s Behavioral Cloud Application Detection and Response (CADR) offers the precise solution to these problems. It is designed to address the complexities and challenges of securing cloud-native applications in runtime.

To stay ahead of evolving cyber threats, it’s not just data that is needed—it is actionable intelligence. With the increasing complexity of attacks, regulatory pressures, and resource constraints, it’s essential to have a proactive approach to threat management. This whitepaper, Maximising the Value of Threat Intelligence, is a strategic, actionable guide tailored for CISOs and security teams.

Industrial facilities increasingly rely on interconnected systems to improve operations. As they implement these technologies into their legacy environments, they create new cybersecurity risks within previously isolated Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) by connecting them to public internet-facing applications.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Quite a persistent threat, but oddly sometimes easy to spot. How weird…

With the rapid evolution of artificial intelligence (AI), attackers are now leveraging machine learning (ML) to mount sophisticated attacks on Application Programming Interfaces (APIs). These AI-powered threats, including adaptive bots, automated vulnerability scanning, and synthetic identity generation, represent a new wave of risks that traditional defenses are unable to address effectively.

Supply chain attacks, particularly those targeting continuous integration/continuous delivery (CI/CD) pipelines, are on the rise. It’s easy to think of these attacks as something that only happens to others, but the reality is that your organization is part of the supply chain too. Whether your company develops software for internal use, offers it as part of a service to your customers, or sells it as a product, you’re exposed.

Our latest Phishing Threat Trends Report explores the evolving phishing landscape in 2025, from renewed tactics to emerging attack techniques. Ransomware may be an “old” threat, but new tactics are making people more susceptible than ever. In this edition, we break down a highly advanced attack detected by KnowBe4 Defend that bypassed native security and a secure email gateway (SEG)—and would have been nearly impossible to stop if launched.

There are thousands of people worldwide trying to scam you, hoping they can make you a victim, steal your money, and harm you in some way. While some of it is done by individuals or small gangs of people, a lot of it happens on an industrialized scale. In countries around the world, there are large teams of people living and working together, controlled by managers, with profits going up the corporate ladder to people who think they are the next Elon Musk.