Cloud Security's Unspoken Truth

Every DevSecOps, cloud security and even AppSec team knows the feeling: scanners flag hundreds – sometimes thousands – of critical issues across your pipelines, environments and apps. But how many of those findings actually matter? How many represent real, immediate risk to applications running in production? The uncomfortable answer? Very few. At ARMO, we’ve seen firsthand how over 60% of security findings are irrelevant hypothetical risks that will never be exploited.

EP 10 - A new identity crisis: governance in the AI age

In this episode of Security Matters, host David Puner sits down with Deepak Taneja, co-founder of Zilla Security and General Manager of Identity Governance at CyberArk, to explore why 2025 marks a pivotal moment for identity security. From the explosion of machine identities—now outnumbering human identities 80 to 1—to the convergence of IGA, PAM, and AI-driven automation, Deepak shares insights from his decades-long career at the forefront of identity innovation. Listeners will learn.

Trustwave SpiderLabs Goes Inside the AI Cyber Arms Race

While all manner of legitimate organizations are attempting to understand how to best and safely use artificial intelligence to improve productivity, the Trustwave SpiderLabs' Technology Deep Dive: AI Cyber Arms Race takes a forward-looking view at how adversaries are gaining experience and capability in their ability to turn AI against us.

What Is an Advanced Persistent Threat (APT)?

If the term “cyber threat” alone is enough to make any company nervous, imagine a sophisticated cyberattack designed not only to infiltrate but to remain hidden within a network for extended periods. These threats are real, but they can also be countered. Let us introduce you to the infamous APTs or advanced persistent threats.

How to Reduce IoT Risk with Policy-Based Identity Automation

Policy-based identity management transforms security administration from individual device and user management to comprehensive policy frameworks that automatically govern identity lifecycle, access controls, and security enforcement across entire IoT ecosystems. The key elements of policy-based identity management include defining user roles, managing user access, implementing identity governance, and leveraging role based access control to ensure appropriate access and compliance.