Workload Identity Meets Supply Chain Security: Teleport's Sigstore Integration

It’s no secret that the software development life cycle is becoming more complex. With a plethora of libraries, frameworks, and now AI coding agents and assistants, we can build far more ambitious software in a fraction of the time. This is fantastic! But with it come greater opportunities for accidental or malicious security bugs and vulnerabilities to sneak in undetected, with potentially devastating consequences for your users and their trust in your company.

What is an SBOM and Why is it Critical to Third-Party Risk Management?

A decade ago, the primary focus of TPRM was questionnaire management and distribution, usually done in a simple and manual way, relying on vendors to self-report on their security practices. Today the basic best practices of TPRM have grown to include continuous monitoring and other advanced AI-based capabilities like CVE alerting for third parties as elementary aspects of an effective program.

99% False Positives. Why Security Analysts Are Burned Out

•The brutal truth about cybersecurity work: Analysts spend their days chasing 99% false positive alerts instead of doing meaningful security work. Grant Oviatt reveals why security professionals didn't get into the field to send Slack messages asking if someone is "supposed to be traveling to Mexico today." This is why AI agents are becoming essential - to let security pros focus on what they actually signed up for!

What is XML External Entity Injection? Find, Test and Prevent XXE Vulnerabilities

XML external entity injection or XXE, is a type of web security vulnerability and an application-layer cybersecurity attack. This vulnerability allows the hacker to interfere with an application while it is processing XML data. The attacker can inject unsafe XML entities into the application and can interact with systems to which the application has access. The hackers can also view files on the server and even perform remote code execution (RCE).

AI-Driven Cyber Defense in Action: How AI Agents Are Saving SOC Analysts From Burnout

AI-powered SOC platforms are revolutionizing cybersecurity by dramatically reducing false positives and enabling analysts to focus on high-value security work. In this episode of Data Security Decoded, join Caleb Tolin as he sits down with Grant Oviatt, Head of Security Operations at Prophet Security, to explore how AI agents are transforming security operations centers (SOCs) and reshaping the future of cyber defense.