How an Energy Customer Used FERC 887 Compliance to Boost Security

Corelight CEO Brian Dye shares how a customer in the energy sector turned a mandatory compliance project into a broader security win. Brought in to meet FERC 87 monitoring requirements for bulk electric systems, Corelight also helped advance their security operations. The customer used the compliance mandate not just to check a box—but to gain meaningful visibility and security value from day one.

Leveraging AI for Continuous Code Quality Improvement

Maintaining continuous code quality is critical—not only to ensure functionality, but also to safeguard against security vulnerabilities. However, the challenge of balancing speed, complexity, and security is a tough one. Enter AI-powered solutions like Veracode Fix, which are transforming how organizations detect, remediate, and prevent software flaws — all while improving developer productivity and code quality.

Snyk for Government Achieves FedRAMP Moderate Authorization: A Milestone for Secure Government Software

Today marks a significant milestone for Snyk and, more importantly, for the security posture of the U.S. government. I'm thrilled to introduce Snyk for Government, our FedRAMP Moderate authorized solution for the public sector. This authorization underscores our unwavering commitment to providing secure development solutions that meet the rigorous standards of the Federal Risk and Authorization Management Program (FedRAMP). It means that U.S.

API Security Issues

How to Fix the Challenges with Web App Firewalls A10 expert Jamison Utter discusses with Gary Wang why API security is a challenge to manage, as these APIs are headless and cannot be accessed through a login. There is no authentication mechanism, such as completing a CAPTCHA. APIs are also vulnerable to bots, which complicates matters. Watch the full video to learn more about multi-layered approaches, threat intelligence, behavioral analysis, and protection against modern threats like bots and APIs.

Who's Most at Risk? Breaking Down Fraud and Scams by Demographic

Fraud and scams continue to evolve, with criminals finding new ways to exploit individuals regardless of background. In this article, we explore the most common types of fraud including virtual currency scams, investment fraud, unique scams, and loan scams, to inform you about how they operate, and who is typically affected.

Bridging network identity and endpoint intelligence: DDI Central now integrates with Endpoint Central

In today’s hybrid networks, an IP address is more than a connection point—it’s a digital identity. But for most admins, that identity is still surface-deep. Traditionally, IPAM tools show you which IP addresses are in use, who’s using them, and what vendor the device belongs to. But they don’t tell you whether that device is secure. That changes now. What if every IP handed out by your DHCP server revealed not just what the device is—but how vulnerable it might be?

How Falcon Next-Gen SIEM Protects Enterprises from VMware vCenter Attacks

Internet-facing assets are targeted for many reasons, such as to establish persistence, evade defensive capabilities, and access sensitive networks. According to the search engine Shodan, approximately 1,600 VMware vSphere instances are directly accessible via the internet, representing a significant attack surface.

Using Password 123456 is Bad, but No Password is Worse

An independent cybersecurity researcher claims to have uncovered a breach of an unnamed database containing 184 million records, with exposed information including emails, passwords, and login links. The kicker is that the database was all in plain text and required no password to access. Let’s count how many basic account hygiene rules this breaks—all of them. Yes, more snarkiness, but this type of ineptitude must be called out.