Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Struggling with inefficient secure coding workflows, lack of visibility into developer actions, and growing security debt? In this clip, Christian Dalomba breaks down the biggest challenges organizations face with secure development and shows how Veracode Fix Analytics helps you move beyond just finding vulnerabilities to actually fixing them faster and smarter. Key takeaways.

In this session, LimaCharlie CEO Maxime Lamothe-Brassard walks through Grid, LimaCharlie's agentic SecOps layer built on Claude Code, and shows how it solves security operations problems end-to-end, from initial setup to ongoing autonomous maintenance. What's covered: Grid runs on Claude Code under the hood, with your own API keys, so cost is transparent and fully in your control. Timestamps.

https://www.youtube.com/watch

A firewall's entire job is to control what gets in. In Reach's research, it was the most common source of a configuration-related near miss or exposure, ahead of EDR and identity controls. It does not take much. One rule broadened for a project, one exception that outlived its reason, one change that shipped without anyone checking it against intent. A single overly permissive rule, sitting live between quarterly reviews, is enough.

Keeper’s Just-In-Time Workflow gives admins the control layer needed to manage how privileged access is requested, approved, and used within KeeperPAM putting least privilege into practice directly inside the Keeper Vault.

That moment your phone suddenly goes dark — no signal, no texts, no calls — could be more than a network issue. SIM swap scams are a growing form of identity theft where criminals impersonate you to your mobile carrier, hijack your phone number, and use it to bypass SMS-based security on your bank, email, and social accounts.

ggshield 1.52.0 and 1.52.2 bring several practical updates for teams securing AI-assisted development workflows. This release adds honeytoken plant, a command for adding local decoy AWS credential profiles Also, GitGuardian AI hooks installation will guide you through any issues you might encounter. As well as better macOS Keychain handling before hooks run in non-interactive agent sessions. The release also adds standalone Linux ARM builds and new one-line install and uninstall scripts for Linux, macOS, and Windows.

Every secret leak matters, but not every incident needs the same level of alerting. GitGuardian’s new Smart Notifiers let teams define per-channel rules so notifications are only sent for the incidents that matter most, using filters like severity, ML risk score, validity, secret type, and GitGuardian tags. This is available now for custom webhooks, Slack, and Microsoft Teams. We will be adding support for ServiceNow, Jira, Splunk, PagerDuty, Discord, and broader email filtering coming next.

Most security teams find out about a critical vulnerability after it's been added to CISA's Known Exploited Vulnerabilities (KEV) catalog. By then, the clock is already running. In Episode 3 of SecurityScorecard's Demo Tuesday series, see how TITAN AI Agents automate KEV remediation workflows — so your team spends less time triaging and more time closing exposures. Watch to learn how to: Instantly identify which vendors in your ecosystem are exposed to KEV-listed vulnerabilities.

Observability is not the problem anymore. The data that tells you a change will break something usually already exists. Most teams have the events, the logs, the configuration history. What is missing is the step that turns all of it into a clear yes or no on a specific change, while there is still time to pull it. Garrett Hamilton, CEO of Reach Security, on objective data and the changes that get made before anyone checks.