Platform Release 740 contains 350+ new features, improvements, and updates from Windows Agent 25.5, Mac Agent 25.06, Web 25.10.1, Server 25.7, BI 24.52 as well as other components since the last release. See the highlights below.

IoT compliance for enterprises is essential to avoid legal penalties and protect sensitive data. As IoT devices become more widespread, enterprises must adhere to various regulations to ensure security and privacy. This article delves into what IoT compliance entails, key regulations to know, and strategies to help your enterprise stay compliant. The Cyber Resilience Act, a key regulatory initiative introduced by the European Commission, aims at enhancing cybersecurity standards for IoT devices.

As a CISO or security lead in a SaaS organization, the unthinkable could happen to you at any time. On a Friday evening, as you’re wrapping up work, you get a notification alerting you of a potential vulnerability in a customer-facing application. You have no idea what data has been leaked or how long this has been left exposed.

In today’s hyper-connected digital landscape, APIs (Application Programming Interfaces) are the backbone of innovation. They power seamless integrations, drive generative AI applications, and enable businesses to scale rapidly. But with great power comes great risk. The explosive growth of APIs has created a sprawling attack surface that cybercriminals are eager to exploit.

On March 17th, 2025, security researchers confirmed active exploitation of Apache Tomcat’s recently disclosed vulnerability, CVE-2025-24813. Publicly disclosed on March 10th, the earliest signs of exploitation were observed on March 12th, with attackers leveraging the flaw just 30 hours after disclosure. This vulnerability enables Remote Code Execution (RCE) and information disclosure by exploiting Tomcat’s request-handling mechanism.

Every day, organizations expose their APIs, unknowingly allowing cybercriminals to try and exploit them. A single vulnerability can lead to massive data breaches or help gain unauthorized access. Worst Part? Most organizations realize the weakness when it’s already too late. Without strong security measures, your API is a prime target for attackers trying to exploit unpatched vulnerabilities or misconfigurations in the environments.

Governmental cybersecurity is largely focused on federal government agencies. When we talk about FedRAMP, CMMC, DFARS, and other security standards, it’s almost always with an eye toward the governmental agencies and departments that comprise the federal government and the contractors and suppliers that work with them. For private businesses and non-governmental partners, ISO 27001 provides a great security framework. What about the middle ground, though?