Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As AI adoption accelerates, a new security risk is emerging from inside organizations, driven not by attackers, but by well-intentioned employees. Across the business, teams are rapidly building AI-powered applications, workflows, and automations using low-code/no-code platforms, custom scripts, and MCP servers.

Most organizations have commitment issues. Like tracking all your customer obligations on sticky notes, Slack threads, email chains, screenshots, whiteboards, and spreadsheets. Why not save yourself the scavenger hunt and, you know, just use Vanta? Customer Commitments is a security intelligence layer that pulls critical SLAs out from legalese, and surfaces the commitments that actually matter with the Vanta AI Agent. Helping you centralize + operationalize every promise—so revenue and reputation aren’t on the line.

Garrett Hamilton, CEO & Co-Founder of Reach, joined Bryce Carter, CISO for the City of Arlington, at the NTX ISSA Lunch & Learn in Plano, TX — a practical, operator-focused discussion with the local security community.

Join us as Paul from Sumo Logic's Threat Labs team shares his team's responsibilities and campaign processes, along with real-world threat lab examples.

Cloud environments have reshaped the way applications are built and the way attackers break in. Traditional security strategies centered on malware and compromised endpoints are no longer enough. In today’s cloud, adversaries increasingly rely on valid credentials, identity abuse, and native cloud capabilities to move laterally and establish persistence without ever deploying malware.

How do you scale a world-class tech company while staying ahead in application security and AI-driven innovation? In this powerful exclusive interview on The Vlad Kachur Show, Brian Roche, CEO of Veracode, breaks down exactly how he transformed Veracode into one of the globe's leading application security platforms trusted by enterprises worldwide.

AI skill gaps are a real conversation right now, and Chris Cochran, Field CISO and VP of AI Security at SANS Institute, breaks it down into three practical buckets for defenders who want to stay ahead. Start by figuring out what you can offload to AI: summarization, enrichment, repetitive tasks. Save the deterministic decisions for humans. Then learn how to secure AI itself: Finally, understand governance. Not just the technical side, but what your company is actually trying to do with AI. Security practitioners who can enable the business, not just protect it, become irreplaceable.

Richard Bejtlich sits down with Jean Schaffer, Corelight’s Federal CTO, to discuss the unique hurdles facing government agencies in an era of escalating state-sponsored threats. Jean highlights the persistent challenge of legacy IT infrastructure and the "technical debt" that complicates modernization efforts across the Department of Defense, the intelligence community, and the civilian sector. The conversation explores the strategic shift toward cloud adoption as a means to decommission vulnerable on-premise hardware and the evolving "whole of nation" defense strategy that requires deeper public-private partnerships.

In Episode of Guardians of the Enterprise, Ashish Tandon, Founder & CEO, Indusface, spoke with Madhur Joshi, CISO at HDB Financial Services (part of the HDFC Group), about how leadership expectations from cybersecurity are evolving. They discussed how boards today are looking beyond traditional security metrics, with a sharper focus on third-party risk, data governance, and organizational resilience.