Estee Robinson leads global alliances for Devo and is responsible for defining and executing Devo’s channel strategy. She was named a 2025 Channel Chief by CRN, which recognizes influential leaders who drive the channel agenda and evangelize the importance of channel partnerships. Estee’s work on channel strategy helped land Devo in the CRN Partner Program Guide and inclusions in the CRN Cloud 100 and Security 100 lists for 2025.

In agile and DevOps-driven environments, APIs are frequently updated to meet evolving business demands, from adding new features to addressing performance issues. However, each deployment introduces potential security risks, as new code, configurations, and endpoints can expose vulnerabilities. In an environment of continuous integration and continuous deployment (CI/CD), the security of an organization’s APIs hinges on rigorous, continuous testing and proactive risk management.

After implementing a DevSecOps strategy from the ground up — including secure design, testing and monitoring, and risk-based remediation — you will need to focus on analysis and governance. After all, organizations need to regularly measure and refine their security processes to mature their DevSecOps programs.

A critical improper authorization vulnerability (CVSS 9.1) in Next.js, tracked as CVE-2025-29927, was publicly disclosed on March 21, 2025. Next.js is a popular React-based web framework used for building full-stack applications. This vulnerability impacts applications that utilize middleware for authorization checks. Middleware functions used to implement access control, session validation, redirects, or security headers on incoming HTTP requests.

Over the past few years, cyberattacks have escalated to unprecedented heights. Just last year, in 2024, 94% of organizations reported being the victims of phishing attacks. And in the first five weeks of 2025, ransomware attacks increased by 149% in the first 5 weeks of 2025. Organizations and users need help understanding and navigating these changing risks to fight against the rising tide of cybercrimes. Thankfully, that is exactly what The OWASP Foundation aims to do.

Networking and infrastructure and operations (I&O) teams often feel that they are facing contradictory challenges. They are expected to manually maintain the complex legacy infrastructure that keeps the business running, while also finding capacity and licence to help their organizations innovate at a time of rapid technological change.

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from March about espionage activities by threat actors Green Nailao and UNC3886.

Secure device onboarding ensures IoT devices connect safely to networks, blocking unauthorized access and safeguarding data. For Managed Security Service Providers (MSSPs), it’s essential for scalable IoT security. This article covers what secure device onboarding is, why it matters, and how to do it right.