Security Debt in Government Software: The Hidden Risk You Can't Ignore

When we think about software security risks, we often focus on immediate threats—new vulnerabilities discovered in the latest release or zero-day exploits making headlines. But beneath the surface lies a more insidious problem, especially in the public sector: security debt. This hidden risk accumulates quietly, but its impact can be severe, eroding the integrity, resilience, and trustworthiness of government software systems.

EP 9 - J&J's former CISO on trust, identity, and the future of cybersecurity

In this episode of Security Matters, host David Puner sits down with Marene Allison, former Chief Information Security Officer (CISO) of Johnson & Johnson, for a candid and wide-ranging conversation on trust, identity, and leadership in cybersecurity. From securing global vaccine supply chains during the COVID-19 pandemic to navigating the rise of AI and machine identities, Marene shares hard-earned insights from her decades-long career in national security and the private sector.

Innovations in Splunk Security Expands Unified TDIR Experience to On-Premises and FedRamp Moderate Environments

At RSAC 2025 Conference we announced new innovations to Splunk Security. Today, we are pleased to announce the general availability of Splunk Enterprise Security 8.1. Splunk becomes the only vendor to bring truly unified threat detection, investigation, and response (TDIR) workflows fueled by automation to both customer managed deployments and FedRAMP Moderate environments.

EASM Buyer's Guide 2025: A guide for a futureproof EASM solution

Your external attack surface is growing — whether you’re aware of it or not. Cloud migration, IoT, AI, and remote work are all contributing to the rapid expansion of organizations’ external attack surfaces, and many security teams are struggling to keep up. According to a 2021 report, 69% of organizations admitted they had experienced at least one cyberattack that was initiated through exploiting an unknown or unmanaged internet-facing asset.

PCI 6.4.3 and 11.6.1: The Complete Guide to Stop E-Skimming

PCI 6.4.3 and 11.6.1 are critical requirements for protecting payment pages from JavaScript-based attacks in e-commerce. JavaScript powers modern e-commerce but also exposes sites to digital skimming attacks. Common threats include supply chain compromises, Magecart injections, and CDN breaches. To combat this, PCI DSS 4.0 mandates script management and tamper detection. Protecting your payment pages with real-time monitoring tools and client-side security is essential for compliance and customer trust.

The future of identity governance: fast, secure, and scalable

If the mere mention of identity governance and administration (IGA) stresses you out, you’re in good company. Managing digital identities and access privileges is a significant challenge that only grows more difficult as cloud adoption accelerates, and environments and threats become increasingly complex. Today, many organizations struggle to support the three key IGA business drivers: compliance, lifecycle management, and security.

The Howler Episode 19: Todd Warner, SVP of Customer Success

This month, we sit down with Todd Warner, Senior Vice President of Customer Success, as he shares the best leadership advice he's ever received, why he loves working in customer success, his love of swim spas, and much more! Todd Warner is the SVP of Customer Success at Arctic Wolf, where he focuses on taking care of our customers and leading the CS team. With 10+ years leading and building CS teams and 10+ years in various sales roles, he has learned the importance of listening to customers and working toward outcomes that best suit their needs.