Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The 2025 year in review reflects on research that shows daily grind and relentless tasks weigh more on the mind than rare major incidents. Flight deck style design offers a model for soc dashboards in 2025, where each instrument should cut cognitive load instead of drowning analysts in flashing warnings and clutter.

“The best way to compromise a ‘secure organization’ was to go find the things they didn’t know about.” Vulnerability management – within both the enterprise as well as the vendor ecosystem – is largely broken. Join Aleksandr Yampolskiy and HD Moore for this webinar discussing: SecurityScorecard monitors and scores over 12 million companies worldwide.

Safe Remediation is the process of turning validated exposure insights into coordinated, non-disruptive fixes across security controls ensuring teams can reduce risk quickly without breaking production. More specifically, Safe Remediation includes: Validation before enforcement Remediation without downtime Automated, coordinated action across controls Preemptive blocking of attacker infrastructure Safe-by-design automation Safe Remediation ensures that exposures are fixed quickly, automatically, and without operational risk – turning detection into trusted, validated action.

In this section, we cover what to do when ggshield finds something you don’t actually need to remediate, like a false positive, an intentionally fake credential in a demo repo, or a known non-sensitive test value. ggshield secret ignore lets you mark specific findings as ignored by adding them to the secrets.ignored_matches section of your local configuration. If your repo doesn’t already have a local config file, ggshield will create a.gitguardian.yaml file for you.

Watch the second episode of CISO Global's podcast, "Black Hat News," with host CEO David Jemmett. In this episode, David sits down with Steve Kass, COO of Highspring.

Try THIS Prompt to Build a CRUD Note Taking App!

How are defenders supposed to keep up when attackers move at the speed of AI? In this episode of Security Matters, host David Puner welcomes Rick McElroy, founder and CEO of Nexasure, for a candid conversation about cybersecurity’s breaking point. Together, they unpack the realities of defending organizations in an era of identity sprawl, machine risk, agentic AI, and relentless automation. Rick shares hard-won insights from decades on the front lines, challenging the myth of perfect defense and revealing why identity remains at the root of most breaches.

The Razorwire Christmas Party 2025 episode compares most cyber incidents to shoplifting rather than aviation disasters, with losses treated as part of the cost of doing business. Burnout in 2025 often grows from false positives, alert fatigue and badly shaped workflows, so security economics and ergonomics matter more than dramatic nation state stories.

How does a lean IT team of just 5 people support 900 users across offices in Barcelona, Paris, and Reims? In this video case study (presented in Spanish), Carles Anton Güell, IT Manager at Papernest, explains how they moved away from "tedious" Active Directory to a single unified solution. By integrating JumpCloud with their Google Workspace, Papernest centralized identity, hardware (MDM), and office Wi-Fi into one seamless workflow.