Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this episode of Security Matters, host David Puner sits down with Deepak Taneja, co-founder of Zilla Security and General Manager of Identity Governance at CyberArk, to explore why 2025 marks a pivotal moment for identity security. From the explosion of machine identities—now outnumbering human identities 80 to 1—to the convergence of IGA, PAM, and AI-driven automation, Deepak shares insights from his decades-long career at the forefront of identity innovation.

APIs are more than technical components—they're business-critical assets. In this powerful moment, Jeremy Dodson lays out why frameworks aren't enough and why companies must treat API security as a core business priority. Security leaders: it’s time to shift your mindset and protect real data flows, not just check boxes.

For security teams, it’s no great revelation to say that DNS cache poisoning prevention is essential for guarding against attacks using that vector. But it’s easier said than done. While traditional network-layer defenses like DNSSEC reduce poisoning risk, they can’t fully prevent it. Downstream – after redirection – bad actors await, ready to harvest credentials, bypass MFA, and take over accounts.

While it may seem convenient, browser password managers leave your sensitive data vulnerable to hackers. In this video, we break down why browser password managers aren’t as safe as they seem — and what you should be using instead.

Cyber insurance is a specialized insurance policy that was created to protect businesses from the losses that can occur as a result of cyber attacks. Learn more about cyber insurance, its cost and what it does and does not cover.

You'd think hackers use the latest zero-day exploits, right? WRONG! PwC's threat intelligence reveals hackers are actually exploiting OLD vulnerabilities that companies just... forgot to patch While cybersecurity teams chase shiny new threats, criminals are walking through the front door with keys we left lying around. The scariest part? Even criminal groups (not just nation-states) are making this their primary attack method.

AI use at work has exploded—nearly every employee is experimenting with AI tools. But behind the productivity gains lies a major blind spot: 71% of AI apps in use today were not approved by IT or security teams. These tools are flying under the radar, and they’re sending sensitive company data to unknown third parties. Cyberhaven Labs analyzed AI tool usage across millions of real-world events and found widespread shadow AI, uncontrolled data exposure, and risky behavior by employees—often without realizing it. The implications are clear: you can’t secure what you can’t see.

JUMPSEC explains how CASM -continuous attack surface management adds another layer of intelligence. CASM continuously monitors dark web forums, illicit marketplaces, and underground communities where threat actors discuss vulnerabilities, trade stolen credentials, and plan their next attacks. Uncovering early warning signs that traditional tools miss.

JUMPSEC explains how Continuous Attack Surface Management.

Modern APIs are under constant attack—from botnets to logic abuse to threats targeting Agentic AI. Most security tools lag behind. Wallarm doesn’t. Join us for a live walkthrough of Wallarm’s advanced API security platform. In this session you will see how to instantly discover vulnerable endpoints, protect business-critical flows, and stop API abuse—without slowing down your teams. What you'll learn.