|
By Tara Ragan
Every enterprise security leader is being asked the same question in 2026: what do you use to protect sensitive data when AI has put it in constant motion?
|
By Alexander Sinno
Earlier this year, BlueVoyant adopted a new detection strategy built on the Advanced Security Information Model (ASIM). For those unfamiliar, ASIM is Microsoft's normalisation layer that standardises log data across products into consistent schemas. Our approach is simple: The result? Dramatically faster use case development and cleaner, more maintainable detection logic.
|
By Michael Warren
In March 2026, researchers began linking a series of software supply-chain compromises to Replicating Marauder, the BlueVoyant Threat Fusion Cell (TFC) primary identifier for the actor publicly tracked elsewhere as TeamPCP. What made the campaign stand out was that trusted software was poisoned and one compromise repeatedly appeared to enable the next by exposing credentials, release paths, or Continuous Integration and Continuous Delivery or Deployment (CI/CD) trust relationships.
|
By BlueVoyant
BlueVoyant announces that it has partnered with ODEON Cinemas Group (OCG), Europe's largest cinema operator, to unify and modernise its security operations across eight countries. The collaboration delivers 24/7 protection, rapid incident response, and enhanced visibility into thirdparty risk, significantly reducing operational noise and strengthening OCG's overall cyber resilience.
|
By BlueVoyant
Hernandez brings decades of cybersecurity leadership and experience scaling enterprise software platforms, positioning the company for continued growth.
BlueVoyant Security Operations Center (SOC) and Threat Fusion Cell (TFC) security researchers have been tracking an emerging, rapidly maturing threat group conducting a global SEO-poisoning campaign that distributes trojanized Microsoft Teams installers. These installers ultimately deploy a multi-stage shellcode loader and backdoor BlueVoyant has designated Lorem Ipsum.
|
By Curt Buchanan
Over the past month, the cybersecurity community has published isolated reports detailing disparate attacks by the North Korean state-aligned threat group Shifty Corsair (also known as FAMOUS CHOLLIMA). While individual vendors have documented specific supply chain poisons or targeted spear-phishing campaigns, the Threat Fusion Cell (TFCTI) at BlueVoyant has synthesized these findings to reveal a much larger, coordinated offensive.
Featured Post
In recent weeks, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and the National Cyber Security Centre (NCSC) have all issued warnings about the growing risk of cyber activity attributed to Iranian-aligned actors. Their message is clear: the geopolitical situation is volatile, and organisations should assume they may be in scope for retaliation. The agencies all highlight similar weaknesses being repeatedly exploited: unpatched vulnerabilities, weak identity controls, and exposed remoteaccess services.
|
By BlueVoyant
For every human in a healthcare organization, there are 82 machine identities—service accounts, API keys, cloud functions, medical devices.2 That's the 82:1 ratio, and it means your team is fundamentally outnumbered. The Change Healthcare breach in 2024, which started with one unprotected Citrix credential and disrupted 40% of US claims processing,1 showed exactly what happens when that ratio goes unmanaged. The numbers back this up.
BlueVoyant researchers have uncovered a broad, multi-pronged phishing campaign targeting Spanish-speaking users in organizations across Latin America and now Europe as well. While recent industry intelligence heavily documented attacks utilizing WhatsApp to deliver banking trojans under the umbrella of the Brazil-based eCrime group Augmented Marauder (a.k.a.
|
By BlueVoyant
Discover BlueVoyant's highly customizable, AI-driven questionnaire platform that automates assessment creation and distribution.
|
By BlueVoyant
BlueVoyant has guided hundreds of clients to assess, deploy, and optimize their Microsoft security products. Our sessions are personalized one-on-one engagements where we analyze your unique environment, provide insights and guidance, and help you make data-backed decisions about your next Microsoft Security investment. Optimize security and potentially save up to 60% - Consolidate your solutions with Microsoft, get more out of E5, leverage compliance and security add-ons.
|
By BlueVoyant
Secure your vendor and partner ecosystem in five easy steps with BlueVoyant Supply Chain Defense.
|
By BlueVoyant
In today's increasingly hostile threat landscape, organizations are grappling with a lack of resources and overworked security operations teams, making effective, full-coverage threat detection and response a significant challenge. BlueVoyant Managed Detection & Response provides a cloud-native solution that offers end-to-end consulting, implementation, and managed security services with 24x7 security threat detection and response.
|
By BlueVoyant
The BlueVoyant Cyber Defense Platform helps secure Azure, Microsoft 365, and hybrid cloud environments. We're trusted by more than 1,000 clients in 40-plus countries.
|
By BlueVoyant
Discover how to unleash the full capabilities of your Microsoft Security tools and optimize your Copilot experience with BlueVoyant.
|
By BlueVoyant
Discover how supply chain cyber breaches are impacting global organizations in BlueVoyant's fourth annual survey into supply chain cyber risk management.
|
By BlueVoyant
In the past few years, third-party cyber attacks have imparted financial and reputational damage to every sector, from banks to healthcare systems to governments. The average cost of a third-party data breach in 2021 was $4.33 million, according to a report from IBM and the Ponemon Institute. While CISOs are well aware of the potential supply chain devastation from attacks, preventing them has been a challenge. In this white paper, we'll walk through three third-party breach scenarios, including real-world examples, offering practical solutions to prevent such attacks.
|
By BlueVoyant
Businesses operating within the EU must prepare to comply with the stringent requirements of NIS2. Failure to do so could result in significant penalties, highlighting the urgency for organisations to act swiftly. NIS2 introduces new requirements in areas such as risk management, corporate accountability, reporting obligations, and business continuity.
|
By BlueVoyant
In today's connected world, there's no shortage of entry points into financial institutions. From online banking websites to mobile apps, these crucial parts of a business are also easy targets. Taking a proactive approach to protect your customers' assets and your brand is the answer, but where do you start?
|
By BlueVoyant
Your business is your castle. Once upon a time, you could keep it safe by constructing strong walls, posting a few guards at the door, raising the drawbridge, and digging a deep moat around it. That's now the stuff of fairy tales. Today's networks simply can't be locked down due to the nature of business itself. The perimeter that was once contained to a single building now spreads as far as your furthest third-party connection or remote employee. And while your business benefits from this greater flexibility and increased operational efficiency, so do the cybercriminals.
|
By BlueVoyant
When it comes to designing or improving upon your organization's security program, one key area to focus on and include is cyber resilience. Either as a complementary stand-alone program or embedded into an existing cyber defense program, cyber resilience refers to a company's ability to continue business operations and outcomes in spite of cyber attacks or events.
- June 2026 (2)
- May 2026 (4)
- April 2026 (3)
- March 2026 (7)
- February 2026 (4)
- January 2026 (3)
- December 2025 (4)
- November 2025 (3)
- October 2025 (3)
- September 2025 (5)
- August 2025 (5)
- July 2025 (7)
- June 2025 (4)
- May 2025 (6)
- April 2025 (5)
- March 2025 (2)
- February 2025 (1)
- January 2025 (3)
- December 2024 (2)
- November 2024 (2)
- October 2024 (1)
- September 2024 (11)
- August 2024 (4)
- July 2024 (5)
- June 2024 (3)
- May 2024 (1)
- April 2024 (3)
- March 2024 (1)
- December 2023 (1)
- November 2023 (3)
- October 2023 (7)
- September 2023 (4)
A comprehensive security operations platform empowered by AI to enable uninterrupted protection against potential threats.
BlueVoyant combines internal and external cyber defense capabilities into outcomes-based, cloud-native cybersecurity solution by continuously monitoring your network, endpoints, attack surface, and supply chain, as well as the clear, deep, and dark web for threats.
BlueVoyant Cyber Defense Platform:
- Detection & Response: Protect your endpoints, network, and cloud from sophisticated threats while leveraging your existing security tool investments — EDR, SIEM, others.
- Supply Chain Defense: Rapidly identify and drive remediation of critical cybersecurity issues in your third-party ecosystem, including zero-day and emerging vulnerabilities.
- Digital Risk Protection: Detect and eliminate cyber threats originating in the clear, deep, and dark web before they impact your business and customers.
- Cyber Posture Management: Systematic approach that involves the continuous measurement, management, and mitigation of cyber risk.
- Proactive Defense: Collaborative and holistic approach to attack surface management that includes vulnerability management, penetration testing, phishing awareness, dark web threat research, and configuration management.
Seamless AI-driven internal, external, and supply chain cyber defense, all within one powerful Security Operations Platform.