Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this Managed Detection and Response overview, we see how Arctic Wolf delivers 24x7 monitoring, broad visibility, response capabilities and proactive security recommendations to our customers leveraging their existing security tools and the Aurora Platform.

Tanium Converge 2025 announced some amazing tech! Join the Tanium talkers for an insiders look as we review what happened during this special week. Find out which keynotes to watch on-demand for free. Also check out the other in-person Converge interviews on the Tanium Tech Talks playlist on the channel here. Will we see you there in 2026? Tanium's 2025 Converge user conference was held November 17-20 in Orlando, Florida. Converge 2026 will be in Las Vegas, Nevada, November 16-19..

Chris Naish from Forward Networks introduces a new security-centric feature in the Forward Enterprise release version 25.10. The Security Focused Path Search View highlights devices responsible for traffic restriction or IP address translation, improving network path comprehension for security analysis. This mode filters out non-restrictive hops, allowing security professionals to efficiently access crucial information.

There's growing concern that AI automation is removing the hands-on experience junior analysts need to develop into senior defenders. In this Intel Chat, Matt Bromiley and Chris Luft challenge that assumption. Matt breaks down why the traditional entry-level path of endless log review and alert triage was never the best training ground to begin with. Log detection, alert triage, and drift detection are often cited as how defenders learn the trade. But most analysts never had time to get to drift detection because they were buried in repetitive work.

We discovered hackers were testing Shai-Hulud 2.0 three days before the attack. Our researcher Guillaume Valadon explains how GitGuardian's data helped us warn hundreds of companies who didn't even know they were compromised.

Watch our security researcher Guillaume Valadon break down the sophisticated ShaiHulud 2.0 attack where malware exfiltrates secrets directly to GitHub using stolen developer credentials.

Privileged access management has long aimed to control powerful accounts, yet many environments still carry excessive permissions and weak accountability. Password vaults, rotating credentials and stronger governance place controls around admin accounts, linking PAM, access control and identity security to limit damage when something goes wrong.

Ever wondered who answers when you call a cybercriminal? What happens in the aftermath of a Scattered Spider breach? Or why cybercriminals use legitimate platforms to send phishing emails? If so, this is the session for you. Join Jack Chapman, KnowBe4’s SVP of Threat Intelligence, as he pulls back the curtain on these topics. Jack will give you a first look at our latest Phishing Threat Trends Report, walking through attack scenarios and sharing the trends that are shaping the threat landscape.

In this Masters of Data episode, we welcome back Chas Clawson to discuss building effective threat hunting programs from the ground up. We explore the difference between proactive threat hunting and detection engineering, emphasizing how AI tools are making sophisticated security operations accessible to teams of any size. We cover practical approaches, such as prioritizing threats based on business risk, creating feedback loops between red and blue teams, and measuring success through meaningful metrics rather than vanity numbers.

The Salesloft/Salesforce incident revealed the danger of BLA 5: Artifact Lifetime Exploitation. The flaw is simple: the application fails to expire tokens and sessions properly. Stolen OAuth tokens that should have been short-lived were used to steal AWS keys, Snowflake tokens, and passwords. Key Takeaway: If an artifact is meant to be short-lived (a token, a session, a temporary file), it must be retired immediately upon expiration. Rotate your keys aggressively!