Some attacks are easy to spot. Others aren’t. In many cases, nothing obviously breaks or crashes, and no malware ever shows up. Nothing looks wrong at first. Access appears normal, and systems continue to run as usual. Modern attacks are challenging to detect because attackers often use the same tools and access paths as legitimate users. In addition, attackers remain low-key and use access that appears normal.

Security teams require continuous innovation to defend against sophisticated attackers and support modern infrastructure. The January 2026 LogRhythm SIEM release delivers critical updates to your security operations, improving everything from detection and investigation to core platform stability.

Globally, 88% of companies regularly use AI in at least one business function—a 10% increase from the previous year. But as organizations race to adopt new capabilities, we’ve found that the rigor and maturity of AI governance vary widely by region. ‍ The third edition of our State of Trust report reveals how leading AI adopters outside the U.S.—from the UK to Germany, France, and Australia—are approaching AI security and governance in distinct ways.

With my youthful good looks, it’s hard to believe that I’ve been in cybersecurity for almost two decades. : ) I’ve seen the industry go through some massive transformations. Each change brought its own set of challenges, failures (I’m looking at you XDR) and, more importantly, opportunities. As I am now entrenched in application security, I’m learning that we’re in the middle of another one of those moments, and it’s just as exciting.

DevOps has become an important practice for companies looking to efficiently meet customers’ expectations, accelerate software delivery, and optimize resources. Companies that embrace the DevOps culture can smoothly merge their development and operations teams, resulting in faster releases and better development.

Encrypting internal traffic and enforcing mutual (mTLS), a form of TLS in which both the client and server authenticate each other using X.509 certificates., has transitioned from a “nice-to-have” to a hard requirement, especially in Kubernetes environments where everything can talk to everything else by default.

In my house, we consume a lot of AI research. We also watch a lot—probably too much—TV. Late in 2025, those worlds collided when the AI giant Anthropic was featured on “60 Minutes.” My husband tried to scroll past it, but I snatched the controller away, unable to resist a headline calling out the first widely acknowledged case of an “agentic AI cyberattack.” The framing itself was irresistible, a milestone moment in the rapid acceleration of AI.

Early in the year, we introduced multiple drafts for Change Control. This feature enables builders to work on the same project simultaneously, each within their own draft environment. The upside? Agents were the talk of the town in 2025. Tines CEO Eoin Hinchy shared his thoughts on how they could help end muckwork, and shortly after, we launched the AI Agent action.

Security Operations Centers (SOCs) are overwhelmed by alerts, often reacting to threats as they appear rather than anticipating them. Bitsight Threat Intelligence (TI) transforms SOC operations by providing external visibility, context, and correlation with real adversary behavior. By mapping incidents to MITRE ATT&CK techniques and monitoring the deep and dark web for emerging risks, Bitsight TI enables SOC and CTI teams to detect, understand, and prevent threats before they cause impact.