Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As organizations shift to cloud services and third-party vendors, maintaining visibility and control over cyber risk has become increasingly complex. In this video, we explore one of the biggest challenges facing security leaders today: how to manage cyber risk without full visibility into your environment. Learn why visibility is critical to effective cybersecurity—and how the right data enables organizations to.

What does sharpening a knife over a case of onions have to do with incident response? For Myke Lyons, CISO at Cribl, the answer is everything. Myke trained at the Culinary Institute of America — learning speed and accuracy under the clock of a professional kitchen — before a summer IT job in Manhattan set him on an entirely different path. In this episode of The New CISO, host Steve Moore traces that journey and the surprising parallels between culinary craft and security leadership.

ManageEngine Key Manager Plus Cloud is a cloud-based comprehensive certificate life cycle management solution that helps consolidate, control, audit and automate the entire life cycle of enterprise TLS and SSL certificates. In addition, Key Manager Plus also offers end-to-end Azure Key Vault and application secrets management, and PGP key management. This demo will cover all the key features of Key Manager Plus Cloud.

In a world where 80% of attacks exploit compromised credentials, your identity posture is your only real defense. Join us for a mockumentary tabletop where we stop blaming the humans and start fixing the identity architecture. Check out our website for more info.

Sisense powers analytics experiences inside the applications businesses rely on every day. As an API-first platform, securing those connections is critical, especially as AI agents increasingly operate through APIs to access data and trigger workflows. In this conversation, Sangram, CISO and VP of IT at Sisense, and Michael Callahan, CMO at Salt Security, discuss how Sisense approached API security strategically to protect their platform, maintain customer trust, and support innovation in the Agentic AI era.

Organizations put in place firewalls, antivirus, intrusion detection and prevention systems, but the bad guys still get in and wreak havoc – often through the front door. Teams need to put strict controls and governance around all identities with access to resources to defend against insider threats.

What looks like a simple coding task can quickly turn into a real cyberattack. In this demo, we show how a modern malware-free attack works step by step. It starts with something that feels completely normal: a job interview and a small coding assignment. No suspicious files. No obvious malware. But once the script is executed, everything changes. You’ll see how adversaries use trusted tools like Git, Notepad, and Python to gain access, establish command and control, and move inside an environment without being detected at first.

Your CI pipeline enforces tests, security scans, and policy checks before code hits production. But your backups? Still running on a schedule, completely disconnected from your deployments. In this video, I'll walk you through how to use Rubrik's powerful APIs to build what I'm calling "Backup as Code": a GitHub Action that triggers an on-demand Rubrik snapshot of your GitHub repository every time code is merged into the main branch. We'll look at the action code, wire it up to a live repo, and watch the whole thing run end to end.

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

In this episode of the Cyber Resilience Brief, we shift from chaotic cybercriminals to the calculated world of Russian nation-state threat actors—breaking down the three agencies that dominate Russia’s cyber operations: the GRU, SVR, and FSB. What many organizations mistakenly treat as a single “Russian threat” is actually a complex ecosystem of competing intelligence agencies—each with distinct goals, tactics, and operational philosophies.