In this week's Weekly Brief: The Driftnet Edition, Brandon Torio explains why internet scanning is a lot like modern healthcare. Just as blood tests help doctors identify hidden health risks before they become serious problems, internet scanning helps organizations uncover unseen cyber risks across their attack surface and third-party ecosystem. "The internet has evolved past any one person's understanding.".

Read the full report here: https://www.gitguardian.com/state-of-secrets-sprawl-report-2026

Join us for this week's Defender Fridays as Carlo Anez, Founder & Lead Instructor at IgniteCyber Academy and DEFCON Training Instructor, breaks down how to build practical blue team skills using open-source labs, MITRE ATTACK, and real-world defender workflows, and where AI fits into the picture without replacing the analyst.

"Usually it's not a question of if the bad guys get in. It's a question of what happens when they do." Jay Wilson, CISO and CIO at Insurity, and Garrett Hamilton, CEO of Reach, joined Shubhangi Dua on The Security Strategist from EM360Tech to talk about why the controls you already own are where exposure quietly builds up. That's Jay's line, and one every security leader has lived. Defense in depth only holds if every inner layer is configured the way you think it is. The outer door gets the attention. The inner doors are where incidents actually get stopped, or don't.

Most organizations have no idea how many MCP servers are running in their environment—and attackers are counting on that. In this clip, Adrian Culley breaks down the exact steps security teams need to take now: run the network scan, apply stringent code review to every MCP server project you find, and mandate authentication. Authorization may be optional in the MCP spec—but it doesn't have to be optional in your deployment.