Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This week’s briefing covers: Dive deeper.

NIS2 is now active across the EU and companies can face fines up to 2 percent of global turnover if they fail to comply. This webinar explains who is in scope, what controls are mandatory, how incident reporting works and the fastest way to become NIS2 ready in 90 days. 1) Maximum fines: €10M or 2% global turnover (essential entities); €7M or 1.4% (important entities). 2) Typical reporting timeline companies are implementing: “24–72–30” — early warning within 24h, detailed notification within 72h, final report within 30 days (operationalization varies by Member State).

Managing certificates and client secrets across multiple Azure Key Vaults and applications manually? It's not just time-consuming, it's nearly impossible to do effectively. That's where Key Manager Plus comes in. Its seamless Azure integration gives you complete visibility and control over every certificate and secret across your Azure Key Vault and registered applications, all from one centralized dashboard.

SPARK 2025 | Customer Story In this discussion from SPARK 2025, Cactus Raazi, CEO of The Americas at B2C2, shares invaluable insights on the institutional adoption of digital assets, the strategic partnership between B2C2 and Fireblocks, and the future of stablecoins in the real economy.

Our latest discussion tackles persistent challenges in cybersecurity, specifically focusing on identity and access management (IAM). Experts highlight how attackers are now logging in rather than breaking in, underscoring the critical need for robust password encryption policies. This shift puts a spotlight on effective data protection and online security measures to safeguard against evolving threats.

As organizations accelerate adoption of AI agents, autonomous workflows powered by LLMs and MCP servers are rapidly proliferating across internal systems, partner networks, cloud environments, and API gateways. The result? A sprawling, often invisible attack surface: shadow APIs, duplicate endpoints, context drift, unmanaged agent access, inconsistent policies, and risk of data exposure or compliance failures.

This week on the podcast, we cover OWASP’s update to the top 10 web application security weaknesses and its changes from the 2021 list. We also cover a recently uncovered adversary-in-the-middle campaign that’s pushing malicious software updates to targeted systems. We conclude with our opinions on Microsoft’s latest AI features, which are coming to Windows.

GitGuardian Playbooks are now available for Public Incidents, bringing the same powerful automations used in internal monitoring to leaks in public repos. Playbooks now available for Public Monitoring customers.

That “too good to be true” vacation rental? Yeah… sometimes it really is. Scammers are making fake listings look premium, polished, and totally legit, right up until your money disappears. A quick vibe-check on the host, photos, and reviews can save your whole trip.

In this video breakdown, we unpack the three pillars of a successful agentic experience: Autonomy — agents that act independently Guardrails — to keep decisions safe and data protected Integration + Context — so agents work seamlessly across tools without losing meaning At Protecto, we’re building the guardrails that keep your agents autonomous, context-aware, and enterprise-ready.