%term

How we're actually using AI in the SOC with Eric Capuano

Jun 17, 2026 By LimaCharlie In LimaCharlie

Join us for the final episode of Defender Fridays as Eric Capuano, creator of Defender Fridays and co-founder of Digital Defense Institute, closes out the series with a candid conversation on how he's actually building and running agentic workflows in the SOC today. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

View Video

LimaCharlie

Read more about How we're actually using AI in the SOC with Eric Capuano

RBAC vs. ABAC: Core Differences, Use Cases, & The AI Agent Era

Jun 17, 2026 By Pratish Ray In miniOrange

As organizations expand across cloud platforms, SaaS applications, remote teams, and AI-driven systems, managing access becomes more challenging. Security teams must ensure users, applications, and automated workflows can access the resources they need without exposing sensitive data or critical systems. This is where the RBAC vs ABAC discussion becomes important.

Read Post

miniOrange

Read more about RBAC vs. ABAC: Core Differences, Use Cases, & The AI Agent Era

1Password + Kiro: Trusted Access for AI-Powered Development

Jun 17, 2026 By Dennis Kromhout van der Meer and Scott Lougheed In 1Password

AI agents now write code, fix bugs, and ship to production. But in order to do useful work, agents require credentials. At 1Password, one of our core AI security principles is that raw credentials should never be directly exposed to LLMs, but all too often, that’s exactly what happens: most teams sacrifice security for speed and hand agents secrets in plaintext.

Read Post

1Password

Read more about 1Password + Kiro: Trusted Access for AI-Powered Development

What is IT Security? Understanding the fundamentals

Jun 17, 2026 By Ashley D'Andrea In Keeper

Information Technology (IT) security is the practice of protecting an organization’s systems, data and networks from unauthorized access and cyber threats. It encompasses a wide range of processes, policies and technologies designed to secure everything from employee devices to cloud infrastructure.

Read Post

Keeper

Read more about What is IT Security? Understanding the fundamentals

Your Patch Team Has Hours. Attackers Already Know That.

Jun 17, 2026 By SafeBreach In SafeBreach

AI-assisted exploit generation has compressed the CVE-to-weaponization window from weeks to hours. Patch programs built for 15–30 day cycles are structurally mismatched to that reality—and attackers are already operating inside the gap. The only viable response: architect for assumed compromise, map unpatched paths, and validate that compensating controls are actually firing.

View Video

SafeBreach

Read more about Your Patch Team Has Hours. Attackers Already Know That.

Inside CVE-2026-53435: Authenticated Deserialization to Full Controller Takeover in Jenkins via config.xml

Jun 17, 2026 By foresiet In Foresiet

How a low-privileged account turns an XML configuration upload into arbitrary file read, user impersonation, and remote code execution — and how to detect and stop it. Published 16 June 2026 · Fact-checked against the official project advisory and government vulnerability databases.

Read Post

Foresiet

Read more about Inside CVE-2026-53435: Authenticated Deserialization to Full Controller Takeover in Jenkins via config.xml

What is the NIS2 Directive: A practical overview for organisations

Jun 17, 2026 By Ashley D'Andrea In Keeper

The NIS2 Directive is the European Union’s updated cybersecurity framework, designed to improve cyber resilience across critical sectors. Building on its predecessor, the Network and Information Systems (NIS) Directive, NIS2 significantly expands its scope to include industries such as healthcare, manufacturing, energy, transport and managed services. NIS2 also introduces stricter cybersecurity requirements, direct accountability for senior management and defined incident reporting timelines.

Read Post

Keeper

Read more about What is the NIS2 Directive: A practical overview for organisations

The Hidden Security Risk in AI Extensions!

Jun 17, 2026 By KnowBe4 | Securing Humans & Agents In KnowBe4

AI add-ons can automate everything from travel to banking—but are they opening backdoors to your private data? Here is what to look for before granting permissions.

View Video

KnowBe4

Read more about The Hidden Security Risk in AI Extensions!

Corelight Sensor v29.1 release highlights: Network evidence powers network operations

Jun 17, 2026 By Cynthia Gonzalez In Corelight

Corelight Sensor v29.1 and Fleet Manager v29.1.1 fundamentally expand what a Corelight Sensor delivers. The release turns existing network evidence into a shared source of truth for SecOps, NetOps, triage, and forensic investigation. Network performance monitoring and asset classification unlock new value from traffic you're already collecting.

Read Post

Corelight

Read more about Corelight Sensor v29.1 release highlights: Network evidence powers network operations

We wrote the docs

Jun 17, 2026 By Todd H. Gardner In CertKit

Most security vendors hide their documentation behind a login. Some don’t write it at all. You get a sales page, a demo, and a request to install an agent on your servers, and you’re expected to trust that the thing does what the marketing says. That’s backwards. So we wrote the docs, and we put all of them at certkit.io/docs. No login, no account gate, no “contact us for details.” You can read every page before you create an account.

Read Post