CVE-2025-20281 & CVE-2025-20282: Maximum Severity Unauthenticated RCE Vulnerabilities in Cisco ISE and ISE-PIC

On June 25, 2025, Cisco released patches for two maximum-severity vulnerabilities in Cisco Identity Services Engine (ISE) and ISE-Passive Identity Connector (ISE-PIC). Both flaws allow unauthenticated, remote threat actors to execute commands on the underlying operating system with root privileges via exposed HTTPS APIs. Although similar in outcome, the vulnerabilities are independent and do not require each other to be exploited.

Throw MS Defender into Overdrive with LimaCharlie

Looking for a fast, powerful, and easy way to get more control and performance out of Microsoft Defender? LimaCharlie has what you need. Chris Botelho, Senior Solutions Engineer at LimaCharlie, hosted a live walkthrough of our new MS Defender Endpoint Protection extension. Chris demonstrated how our SecOps Cloud Platform enhances MS Defender by providing: Defender Check: Instantly query Windows machines to verify the presence of an active Defender instance.

HPE Zerto Names 11:11 Global Partner of the Year

The famous Hall of Fame and Olympic basketball coach John Wooden once said, “Winning takes talent, to repeat takes character.” With that in mind, we are thrilled that 11:11 Systems is part of those in the “repeat” category. We have just been awarded the Zerto Global Partner of the Year for 2024, the fifth prestigious recognition from Zerto, a Hewlett Packard Enterprise Company.

How Fidelis Deception Strengthens Network Detection and Response

Network Detection and Response systems excel at monitoring network traffic and identifying patterns, but they face inherent challenges with sophisticated threats that mimic legitimate behavior. Fidelis Deception addresses these NDR limitations by creating definitive detection points that eliminate ambiguity in threat identification.

Software Security: Treat Vulnerabilities Like Regular Bugs! #cybersecurity #softwaresecurity

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

EP 10 - A new identity crisis: governance in the AI age

In this episode of Security Matters, host David Puner sits down with Deepak Taneja, co-founder of Zilla Security and General Manager of Identity Governance at CyberArk, to explore why 2025 marks a pivotal moment for identity security. From the explosion of machine identities—now outnumbering human identities 80 to 1—to the convergence of IGA, PAM, and AI-driven automation, Deepak shares insights from his decades-long career at the forefront of identity innovation.

Tackling Technical Debt to Secure and Streamline Federal Networks

In today’s dynamic threat landscape, technical debt isn’t just a budgeting headache—it’s a growing national security risk. According to McKinsey, technical debt consumes up to 20% of engineering and DevOps capacity across large enterprises. For U.S. federal agencies—defense and civilian alike—the cost of carrying outdated, unsupported infrastructure goes far beyond inefficiency.

From Chaos to Clarity: How to Modernize Vulnerability Management

Fragmented tools. Manual data wrangling. Burned-out teams. Sound familiar? In this expert roundtable with Trey Ford (CISO, Bugcrowd) and Jeff Gouge (CISO, Nucleus Security), we break down how today’s security leaders can transform vulnerability management from a chaotic, spreadsheet-driven burden into a unified, automated, and trusted function. Watch to learn.

Choosing the Best Board Portal for Your Nonprofit Mission

Decentralized teams and mounting compliance requirements make nonprofit boards search for better alternatives to traditional document sharing via Google Drive and Gmail. Picking a board portal can reduce the inefficiencies in the boardroom and help members focus on mission-critical tasks instead of administrative burdens. This guide provides a checklist of the best board portal features for nonprofits, along with selection and implementation tips.

Why the M&A Data Room Is Your Silent Negotiator in Every Deal

Negotiations happen not only at the table of boardrooms or during late-night conference calls in this high-stakes jockeying for position of mergers and acquisitions. Some of the most far-reaching "conversations" occur backstage - between documents, data, and decision-makers. In this field, the M&A data room becomes a strong, mute negotiator that can either make or break a deal.