Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Video Disclaimer: The ROI visual in this video contains mock data from fictional companies and is intended for illustrative purposes only. It does not represent real customer data or actual performance metrics. How does Snowflake, the data-cloud company trusted by over 12,000+ customers, scale trust globally? Before Vanta, Snowflake’s trust team spent nearly 3,000 hours annually responding to repetitive security documentation requests. Now, Snowflake saves 2,000+ hours annually, accelerates sales velocity, and strengthens customer trust worldwide..

One platform to rule them all? Not quite. As Jay Wilson puts it, security stacks behave like a rubber band — always stretching between broad platforms and best-of-breed tools. No enterprise runs on a single vendor. But no one survives seventy, either. The real objective is coherence: a custom platform built from what your business already owns. That’s where Reach fits. ⇢ Unifies disparate controls into one operational view⇢ Bridges gaps as stacks expand or contract⇢ Turns your actual environment into a cohesive, measurable platform.

In this series, we chat with cybersecurity and data resilience leaders from Kroll and our partners. This week’s guest is Krish Raja, Global Head of Offensive Security. Future episodes will cover topics such as the Cyber Threat Landscape, AI Risk Governance and Operational Technology.

This week’s briefing covers: Dive deeper.

NIS2 is now active across the EU and companies can face fines up to 2 percent of global turnover if they fail to comply. This webinar explains who is in scope, what controls are mandatory, how incident reporting works and the fastest way to become NIS2 ready in 90 days. 1) Maximum fines: €10M or 2% global turnover (essential entities); €7M or 1.4% (important entities). 2) Typical reporting timeline companies are implementing: “24–72–30” — early warning within 24h, detailed notification within 72h, final report within 30 days (operationalization varies by Member State).

Managing certificates and client secrets across multiple Azure Key Vaults and applications manually? It's not just time-consuming, it's nearly impossible to do effectively. That's where Key Manager Plus comes in. Its seamless Azure integration gives you complete visibility and control over every certificate and secret across your Azure Key Vault and registered applications, all from one centralized dashboard.

SPARK 2025 | Customer Story In this discussion from SPARK 2025, Cactus Raazi, CEO of The Americas at B2C2, shares invaluable insights on the institutional adoption of digital assets, the strategic partnership between B2C2 and Fireblocks, and the future of stablecoins in the real economy.

Our latest discussion tackles persistent challenges in cybersecurity, specifically focusing on identity and access management (IAM). Experts highlight how attackers are now logging in rather than breaking in, underscoring the critical need for robust password encryption policies. This shift puts a spotlight on effective data protection and online security measures to safeguard against evolving threats.

As organizations accelerate adoption of AI agents, autonomous workflows powered by LLMs and MCP servers are rapidly proliferating across internal systems, partner networks, cloud environments, and API gateways. The result? A sprawling, often invisible attack surface: shadow APIs, duplicate endpoints, context drift, unmanaged agent access, inconsistent policies, and risk of data exposure or compliance failures.

This week on the podcast, we cover OWASP’s update to the top 10 web application security weaknesses and its changes from the 2021 list. We also cover a recently uncovered adversary-in-the-middle campaign that’s pushing malicious software updates to targeted systems. We conclude with our opinions on Microsoft’s latest AI features, which are coming to Windows.