|
By Garrett Hamilton
On April 22, 2026, Google's Threat Intelligence Group and Mandiant disclosed a campaign by a threat actor they're tracking as UNC6692. The group breached enterprise networks by impersonating IT helpdesk staff over Microsoft Teams, ultimately exfiltrating Active Directory databases and achieving full domain compromise. What's notable about UNC6692 is what they didn't do. They didn't use a zero-day. They didn't exploit a software vulnerability.
|
By Reach Security
The study, commissioned by Reach Security, reveals widespread misconfigurations, slow remediation cycles, and manual approaches to drift management, highlighting the urgent need for preemptive approaches that continuously validate security controls.
|
By John Dominguez
A new research report from Reach Security reveals that misconfigured security controls, configuration drift, and unused capabilities across an organization’s existing security technology stack are a primary driver of cybersecurity risk.
|
By John Dominguez
In 2025, organizations spent billions on security, deploying EDR/XDR, SASE, firewalls, identity platforms, email security, web security, and more. And yet, breaches persist. The reason often is not a zero-day, an advanced persistent threat, or a cutting-edge exploit. It is far more mundane. Misconfigurations across identity, endpoint, network, and email/web security controls remain among the top root causes of incidents.
|
By CP Morey
Security configurations are not static. They evolve over time due to software updates, policy changes, emergency patches, and human intervention. While these changes are often necessary, they can lead to configuration drift, a gradual misalignment between an organization’s security controls and its intended security policies.
|
By Reach Security
Reach Security Wins Pioneering Continuous Threat Exposure Management (CTEM) in the 14th Annual Global InfoSec Awards at #RSAC 2026.
|
By John Dominguez
Continuous Threat Exposure Management is a continuous security framework for identifying, assessing, validating, and reducing the exposures that matter most to an organization. Rather than treating every exposure, alert, or control issue as equally urgent, CTEM helps organizations focus on the exposures that are actually reachable, relevant to likely attack paths, and meaningful in a business context.
|
By John Dominguez
In its January 2026 report, Emerging Tech: Tech Innovators in Domain-Specific Language Models for SecOps, Gartner examines how domain-specific language models (DSLMs) are reshaping security operations. The report explains that DSLMs are designed to address the limitations of general-purpose language models by focusing on a particular task or use case – in this case, cybersecurity.
|
By Reach Security
Reach Security, an AInative security company that gives customers a single interface to understand and operate security controls at scale, is proud to announce that it has been named a finalist in the prestigious 2026 SC Awards. Reach Security has been recognized in the Best Continuous Threat Exposure Management Solution category, underscoring its commitment to excellence and leadership in the cybersecurity industry.
|
By Reach Security
Garrett Hamilton recently presented at the North Texas ISSA Lunch & Learn in Plano, TX to talk about what risk reduction actually looks like in practice. Reach shows customers exactly which controls they've deployed, the user impact of those changes, and how much risk has been reduced across IAM, EDR, email, firewall, and SASE. Not feature checklists. Targeted, measurable outcomes tied to the business.
|
By Reach Security
New year, new faces, big goals. To close out 2025 and open 2026, we welcomed 43 new team members across engineering, sales, customer success & solutions, marketing, and operations. Reach was founded to close the gap between knowing where you're exposed and actually fixing it. That mission doesn’t scale without the right people. Growth is exciting, but aligned growth—with the right people, at the right time, for the right mission—is what really matters.
|
By Reach Security
Microsoft Defender for Office 365 protects against phishing, malware, and malicious links across email and collaboration tools. But as environments scale and settings are changed, your Defender security controls can drift away from security baselines and degrade your security posture. Reach continuously analyzes your Defender deployment to find and fix misconfigurations, activate unused capabilities, and stop configuration drift.
|
By Reach Security
Garrett Hamilton, CEO & Co-Founder of Reach, joined Bryce Carter, CISO for the City of Arlington, at the NTX ISSA Lunch & Learn in Plano, TX — a practical, operator-focused discussion with the local security community.
|
By Reach Security
Security tools don’t usually break. They just slowly stop doing what you think they’re doing. Or perhaps were never set up to do what you needed in the first place. Something got deployed. It worked. Then it drifted. No one noticed. And three years later, you’re questioning the renewal because you’re not even sure what it’s protecting anymore. That’s configuration rot. Thanks to Julian Lee at eChannelNews for the fun, thoughtful and much needed conversation on this topic and more.
|
By Reach Security
We really enjoyed our conversation with Ed Amoroso from TAG Infosphere. We didn’t start Reach to chase headlines. We started it because the hard security problems weren’t getting solved. The important ones rarely are. Security only works when incentives are aligned to the customer’s actual outcome. Not noise. Not theater. Not (exclusively) shiny tools. That alignment is what makes the work worth doing.
|
By Reach Security
“IT giveth. Security taketh.” A topic examined in a print interview with Colt Blackmore, co-founder & CTO of Reach Security, written by Dan Raywood at Security Boulevard: ︎ The long-standing friction between IT enablement and security restriction︎ Configuration drift as the quiet divergence between intended and actual state︎ How incremental change accumulates into measurable risk︎ The challenge of maintaining alignment in complex, fast-moving environments︎ Why drift often remains invisible until consequences surface.
|
By Reach Security
Zero Trust (and probably many general posture) conversations stall at one question: Where are we actually today? Because Reach connects directly through APIs, teams can quickly assess their environment without deploying new agents or ripping anything out. That makes it practical to benchmark a Zero Trust program against the CISA Zero Trust Maturity Model — and see what’s real vs. assumed.
|
By Reach Security
Vulnerability data isn’t the starting point. Context is. Ed Amoroso and Garrett Hamilton unpack why CVEs on their own don’t explain risk. What matters first: ⇢ What assets actually exist⇢ How controls are deployed and configured⇢ What the live posture looks like, not last month’s report With that context in place, vulnerabilities stop being noise and start becoming decisions. Garrett also makes a critical point near the end: many security tools are excellent at producing findings, but far less effective at helping teams resolve them.
- April 2026 (7)
- March 2026 (7)
- February 2026 (8)
- January 2026 (15)
- December 2025 (15)
- November 2025 (20)
- October 2025 (3)
Reach helps you get the most from your existing security stack by uncovering exposure, misconfigurations, and weaknesses that tools often miss. Using AI agents, it prioritizes and drives remediation based on real exposure, reducing operational costs and enabling measurable, preventive action, all from the leader in AI-Native Exposure Management.
Expose and eliminate hidden risk within your security stack:
- Threat Exposure Management: Reach identifies exposure that is actually reachable, like those on end-user devices that enable ransomware delivery. By focusing on real exposure, it helps you prioritize actions that measurably reduce risk.
- Security Posture Management: Weak controls create protection gaps like those that allow session hijacking or lateral movement. Reach helps you strengthen your posture by continuously validating whether your security controls are working as intended.
- Configuration Management: Misconfigurations leave systems open to attack. Reach finds these weaknesses across your stack and recommends precise, context-aware fixes that simplify remediation and reduce friction for your team.
AI Agents for Security Architects.