Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

See your Blind Spots in Minutes, not Months: How Salt Security & AWS Simplify API Security AI agents and cloud-native architectures have unleashed a wave of APIs and with them, new attack surfaces. Most security teams are struggling to keep up, especially in dynamic AWS environments where shadow and zombie APIs can easily go undetected. This Salt Security and AWS webinar explores a better approach to API discovery and security in AWS without the burden of in-line traffic collection or sensor deployments.

In this podcast, we uncover the tactics behind Volt Typhoon, a Chinese state-sponsored operation targeting critical national infrastructure. Learn how this group is moving from espionage to disruption, using stealthy, “living off the land” techniques and exploiting legitimate system tools to hide in plain sight.

Most teams think vulnerability scanning equals progress. But scanning without effective remediation is just expensive noise. Two things block real fixes: Meanwhile, our own research shows as much as 30% of vulnerabilities in transitive dependencies remain unresolved, simply because upgrades break production. That means most organizations aren’t “secure”. They’re sitting on unfixed issues their scanners excluded.

Automatic updates were supposed to make us safer. Instead, they’ve become one of the easiest entry points for supply-chain attacks. When a public repository is compromised, an attacker uploads a malicious version and waits, for 30 minutes to a few hours, before the community detects and removes it. During that window, automated tools like Dependabot can pull that version straight into production. That small window of time is enough to compromise thousands of systems.

30% of open source vulnerabilities are marked “unfixable”. Not because they can’t be fixed but because traditional tools stop there. Your customers don’t care. They just see unresolved CVEs. And they won’t sign off on software that fails a scan. That’s where the real business risk lies. In mid-size software companies, “unfixable” means delayed deals, failed audits, and lost revenue. Seal Security was built to close that 30% gap.

Hiring in 2025: Is the person you hired even real? Deepfakes resumes. Outsourced interviews. Candidates landing jobs they never intended to do. We've moved from KYC to KYE, and organizations haven't caught up yet. In the latest episode of The Connectivity Cloud Podcast, we explore how attackers are weaponizing the job market with Vladimir Krupnov and Blake Darché. For anyone in hiring, HR tech, or security leadership, this is a must-listen.

APIs, AI, and the Amplification of Security Risk A10 Networks experts Jamison Utter and Carlo Alpuerto discuss how the rise of Agentic AI is dramatically scaling up existing API security problems, creating an "amplification effect" rather than introducing fundamentally new security challenges.

Google announced Gemini 3 Pro, which they tout as their most intelligent model yet that's best for complex tasks and bringing creative concepts to life. We're going to put this model to the test and see how good it is at fulfilling our prompt with a production ready app and the security of the code it produces.

As boards face AI risk, digital transformation, and evolving regulation, technical expertise has become essential. But when it comes to board seats, CISOs or CTOs are often underrepresented. Speakers Dr. Aleksandr Yampolskiy, Co-Founder and CEO of SecurityScorecard | Beth Stewart, Founder and CEO of Trewstar Corporate Board Services SecurityScorecard monitors and scores over 12 million companies worldwide.

On the 8th night of Scam-mas, Hannah Klein almost fell for a Hanukkah online scam. See how Avast Scam Guardian blocks phishing links and protects personal data. Stay safe from holiday online scams this season! SUBSCRIBE to our Avast channel for more tips, updates, and advice: YouTube.com/Avast CHAPTER TIMESTAMPS: FOLLOW US.