Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Attackers use AI to craft phishing, automate ransomware, and slip deepfakes into job interviews—breaching systems without ever touching a keyboard.

Watch the final session of Sedara’s October Cyber Bytes 2025 series — ASM: Turning Awareness into Actionable Defense with Julian Anjorin. In this webinar, Julian explores the importance of Attack Surface Management (ASM) as a foundational layer of any security program. Learn how understanding your organization’s full digital footprint helps identify blind spots, reduce exposure, and strengthen overall security posture.

How much value are you really getting from your logs, and what are you giving up to stay on budget? In this episode of Logs and Lattes, host Palmer Wallace sits down with Seth Goldhammer, VP of Product Management at Graylog, for a candid conversation about the hidden cost of traditional SIEM pricing. Seth explains how ingest-based and resource-heavy licensing models pressure security teams into tough tradeoffs, such as dropping logs, tuning down detections, or limiting retention just to avoid budget overages.

Why do people take shortcuts in security, and how can we prevent them? Join us for a special live episode of Arctic Wolf SOCast as our experts unpack the psychology behind risky security behaviors and explore how AI is influencing decision-making in today’s workplaces. We’ll also reveal new data on how IT leaders and employees are using tools like ChatGPT and other generative AI platforms, and what that means for your organization’s security posture.

Adam Dudley, Nucleus VP of Strategy and Alliances, provides some background on the Common Vulnerability Scoring System (CVSS) version 4.0 in this Nucleus conversation. He discusses the improvements made in the new version, the evolving role of CVSS in vulnerability management, the limitations practitioners face, and the future of scoring systems in the context of emerging technologies like AI. The conversation emphasizes the importance of context and quality inputs in effectively utilizing CVSS for risk assessment.

Richard Bejtlich sits down with Vince Stoffer, Corelight's Field CTO, to dive into the recent wave of cyberattacks attributed to Chinese threat actors, known as "Typhoon" groups. Vince unpacks the distinctions between "Volt Typhoon," targeting critical infrastructure sectors such as energy and transportation, and "Salt Typhoon," which is infiltrating telecommunications networks for espionage. The conversation explores the evolving tactics, techniques, and procedures (TTPs) used by these groups, including their exploitation of zero-day vulnerabilities and outdated infrastructure.

his week on the podcast, we have our resident ransomware expert, Ryan Estes, on to give an update on the latest in the ransomware ecosystem. We cover a few recent changes to operators, extortion techniques, and business impact from ransomware attacks in recent months.

Datadog Detect is a virtual mini-conference dedicated to helping security teams modernize detection and response by applying engineering best practices. Hear talks from industry experts, including security researchers and engineers at Datadog, Red Canary, and Corelight to learn about building scalable, effective security operations.

In their talk, Katie Nickels (Sr. Director of Intelligence Operations) and Jesse Griggs (Sr. Threat Researcher) from Red Canary show you how to adapt an endpoint detection mindset to the cloud, specifically focusing on pre-impact TTPs and building robust cloud detections.

Kubernetes is powerful — but let’s be honest, managing access and identities across users, clusters, kubectl sessions, RBAC rules, CI/CD pipelines, and AI agents can feel like wandering through a corn maze in the dark. Static kubeconfigs, sprawling IAM roles, and long-lived credentials are the cobwebs and skeletons cluttering your path to secure, scalable infrastructure.