%term

The IT Operations and Security Skills Gap: What if We Don't Know What We Don't Know?

Jul 11, 2025 By Tanium In Tanium

A recent survey and report cosponsored by Tanium and conducted by the Enterprise Strategy Group, now part of Omdia, uncovered data that some may find surprising—perhaps even alarming.

Read Post

Tanium

Read more about The IT Operations and Security Skills Gap: What if We Don't Know What We Don't Know?

Elevate web security and mitigate third-party risk with Reflectiz in the Datadog Marketplace

Jul 11, 2025 By Candace Shamieh In Datadog

Modern websites have become increasingly reliant on third-party applications and open source tools to deliver functionality and enhance the user experience. However, this reliance introduces both security and privacy risks, as external code can act as a vector for sophisticated attacks, such as Magecart and web skimming. Without visibility into these apps and tools, organizations are left vulnerable to undetected threats, unauthorized data access, and regulatory violations.

Read Post

Datadog

Read more about Elevate web security and mitigate third-party risk with Reflectiz in the Datadog Marketplace

Securing Model Context Protocol (MCP) with Teleport and AWS

Jul 11, 2025 By Boris Kurktchiev, Dylan Souvage (AWS), Thierno Diallo (AWS) In Teleport

Enterprise AI adoption is accelerating rapidly, with organizations deploying large language models and AI agents to access sensitive corporate data and automate critical business processes.

Read Post

Teleport

Read more about Securing Model Context Protocol (MCP) with Teleport and AWS

What Is Application Security Posture Management (ASPM)?

Jul 11, 2025 By Mend.io Team In Mend

Application security posture management (ASPM) centralizes and automates the monitoring, evaluation, and management of application security across an organization’s software lifecycle. ASPM provides a unified view of the risk posture by aggregating data from various security tools, such as static application security testing (SAST), dynamic application security testing (DAST), software composition analysis (SCA), and runtime protection solutions.

Read Post

Mend

Read more about What Is Application Security Posture Management (ASPM)?

Autonomous Vulnerability Remediation: Securing Web & API Apps Instantly

Jul 11, 2025 By Indusface In Indusface

One-third of critical and high vulnerabilities remain open for 180+ days from the time they are discovered. When it comes to business growth vs security, business always wins by prioritizing features over vulnerabilities. This gives hackers enough time to exploit the vulnerabilities, putting the organization at risk. However, most of these vulnerabilities can be virtually patched within a few hours using solutions like AppTrana's SwyftComply, with zero impact on business continuity.

View Video

Indusface

Read more about Autonomous Vulnerability Remediation: Securing Web & API Apps Instantly

Identity Based Attacks: Why You Need Behavioral Detection in XDR

Jul 11, 2025 By Fidelis Security In Fidelis Security

You’ve likely invested in traditional security tools that monitor failed logins or privilege requests—but more advanced threats use legitimate credentials to hide. If attackers bypass authentication protocols or hijack stolen tokens, they can roam freely under the radar. That’s why behavioral detection in an XDR solution is crucial. It does not just look at logs — it looks at patterns.

Read Post

Fidelis Security

Read more about Identity Based Attacks: Why You Need Behavioral Detection in XDR

CISO Spotlight: Andrew Storms on Trust, AI, and Why CISOs Need to Be Optimists

Jul 11, 2025 By Wallarm In Wallarm

Andrew Storms, VP of Security at Replicated, has spent three decades on the frontlines of cybersecurity. From building Unix systems in the early ‘90s to leading incident response and AI security strategies today, he has seen the CISO role evolve from back-office function to boardroom mainstay. In this spotlight, he shares the lessons that shaped his thinking, why storytelling is a critical CISO skill, and how API security is no longer optional.

Read Post

Wallarm

Read more about CISO Spotlight: Andrew Storms on Trust, AI, and Why CISOs Need to Be Optimists

Who Owns CMMC Evidence Collection in a Small Business?

Jul 11, 2025 By Max Aulakh In Ignyte

The Cybersecurity Maturity Model Certification, CMMC, is a critical part of ensuring robust and equal information security from top to bottom throughout the Department of Defense’s supply chain. A common misconception about CMMC, stemming from previous pre-CMMC security, is that it primarily applies to prime contractors and big businesses.

Read Post

Ignyte

Read more about Who Owns CMMC Evidence Collection in a Small Business?

AI-Generated Summaries Mistakenly Suggest Phishing Sites

Jul 11, 2025 By KnowBe4 Team In KnowBe4

Researchers at Netcraft warn that AI-generated search engine summaries are suggesting phishing sites when users ask them to find legitimate login pages. The researchers tested popular AI models, asking them for the login pages of fifty major brands, and found that the models provided the wrong sites 34% of the time. "In many cases, users see AI-generated content before (or instead of) traditional search results—and often without even needing to log in," the researchers explain.

Read Post

KnowBe4

Read more about AI-Generated Summaries Mistakenly Suggest Phishing Sites

Beyond The Click: Unveiling Fake CAPTCHA Campaigns

Jul 11, 2025 By Michael Haag In Splunk

Social engineering attacks continue to be among the most effective methods for delivering malware and compromising systems. Among these, a concerning trend has emerged and rapidly gained traction: "ClickFix" and "FakeCAPTCHA" campaigns. These sophisticated attacks exploit users' familiarity with everyday verification systems while leveraging clipboard manipulation techniques to deliver malicious payloads—all without exploiting a single technical vulnerability.

Read Post