Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Defense teams and many others across the organization don’t always understand what intelligence is or how to use it. Scott Scher explains why that second part, how to use it, is what CTI teams often miss. Scott shares why intelligence must go beyond reports and clearly communicate what matters and what to do next. Key Points: Most teams don’t know how to apply raw intelligence CTI must embed the “so what” and “what now” Reports alone are not enough Actionability is what makes intel valuable.

When your AI agents go awry, rewind those changes easily with Agent Rewind from Rubrik. As AI agents gain autonomy and optimize for outcomes, unintended errors can lead to business downtime. Agent Rewind will enable organizations to undo mistakes made by agentic AI by providing visibility into agents' actions and enabling enterprises to rewind those changes to applications and data. We’ve integrated Predibase's advanced AI infrastructure with Rubrik's recovery capabilities to enable enterprises to embrace agentic AI confidently.

Claude Opus 4.1 and Github Copilot Causes a Coding Error.

Even as authentication improves, broken authorization remains one of the most exploited vulnerabilities in APIs. In this clip, Wallarm and Oracle experts discuss real-world authorization flaws—including how missing or weak access checks can let attackers access sensitive data and functions. Learn why robust, field-level authorization is essential to protecting your APIs.

In this episode of the Make Work Happen podcast, we explore the strategic imperative of unified IT and how it helps leaders shape the future of their organizations. We draw on key findings from JumpCloud’s latest IT trends report to understand why IT fragmentation is a critical challenge for leaders worldwide. Joining us is JumpCloud customer Ricky Jordan, who provides a real-world case study on how a unified platform can simplify complex IT environments, address security risks, and drive strategic conversations.

Bank account takeover fraud is a growing global threat, costing financial institutions and customers billions each year. Attackers are refining their tactics, blending phishing, credential stuffing, and mobile malware to bypass traditional defenses. For banks, the stakes are high: a single breach can erode customer trust and regulatory standing overnight. We break down five of the most impactful account takeover attacks in recent years, examining what happened, how it happened, and how Memcyco’s real-time, browser-level, and mobile-layer protections could have mitigated the damage.

Take control of cloud access for AI-driven workflows without slowing down your team. CyberArk SCA MCP Server is the latest innovation in identity security, purpose-built for the age of agentic AI. Now available in the AWS Marketplace, CyberArk SCA MCP Server empowers developers and AI agents to securely request elevated access directly from their IDE while enforcing Zero Standing Privileges across multi-cloud environments.

In this episode of How to Hack a Cloud: Insider Threat, discover how standing administrative access in AWS can be exploited by a disgruntled employee. Follow Michael Scott’s story as he misuses his S3 admin privileges to silently delete critical data, leaving the company blindsided. Learn how CyberArk Secure Cloud Access enforces Zero Standing Privileges, ensuring time-bound, need-based access to prevent such malicious activity—all while maintaining seamless workflows for legitimate tasks. See how this solution strengthens identity security across multi-cloud environments.

Protect Your Cloud: Prevent Access Mismanagement with CyberArk Secure Cloud Access Discover how to safeguard your cloud environment from access mismanagement in this eye-opening episode of How to Hack a Cloud: Access Mismanagement. The video demonstrates how attackers exploit standing AWS IAM access keys, turning a common oversight into a major security breach.

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.