Halo Security Achieves SOC 2 Type II Compliance, Demonstrating Sustained Security Excellence Over Time

Halo Security, a leading provider of external attack surface management and penetration testing services, today announced it has successfully achieved SOC 2 Type II compliance following an extensive multi-month audit by Insight Assurance. This certification validates that Halo Security's security controls are not only properly designed but also operate effectively and consistently over time.
Featured Post

The new-age SOC analyst in 2026: tier 1.5

The role of the tier 1 SOC analyst has always been critical. It's the function responsible for holding the line day-to-day and responding when incidents happen. It's also the training ground for analysts, training them in a wide range of basics to prepare them to advance to tier 2. It's a role that has never been static but with the pace of change noticeably faster than ever before, the role of the tier 1 SOC analyst is evolving once again.

Seemplicity Year in Review: Turning a Year of Security Data in Actionable Risk Insight

Seemplicity’s Year in Review is a product feature that provides each customer with a year-end view of how risk and exposure moved through their own environment. This post walks through the metrics included in the latest experience and what they help teams reflect on as they refine their exposure management processes.

Inside the Rise of Clone Phishing and CAPTCHA-Based Social Engineering

In our previous two posts, The ABC’s of Ishing and From Lure to Breach, we broke down the foundational tactics used by cybercriminals to deceive users and gain unauthorized access. This follow-up report expands on that foundation by exploring three evolving phishing threats that go beyond traditional email lures: clone phishing, deepfake phishing, and Captcha phishing.

Daily Zero-Day Exposure Check + Top 10 High-Risk Repositories (Agent Gallery Walkthrough)

In this walkthrough, you’ll see two Agent Gallery workflows in action. The Daily Zero-Day Analyst pulls newly published CVEs from the last 24 hours, classifies them (CVSS, CWE, attack vector), and checks your environment for exposure using SBOM/package data—then can send daily updates to Slack. The Top 10 High-Risk Repositories agent scans your codebase, consolidates findings per repository, and ranks the repos with the most critical risk so you can prioritize remediation. You’ll also see how to review and edit the prompt, set schedules, enable notifications, and browse the Agent Gallery to add more agents.

Complete Microsoft 365 Resilience Guide: The MSP's Guide to Identity, Data Governance, and Recovery

Walk into any business today and you’ll find Microsoft 365 quietly running everything that matters. It’s the unseen infrastructure behind emails, meetings, documents, and decisions. From a five-person consultancy to...

Service Advisory: What Recent Remote Access Disruptions Remind Us About Security Evolution

Security incidents and service disruptions are never simple. They are rarely the result of a single mistake, and they don’t only happen to organizations that “did something wrong.” In reality, many of the most capable, well-resourced companies experience them precisely because they operate at scale, under constant pressure, and within complex, interconnected environments.

VMware License Cost Changes: What You Need to Know

Broadcom’s VMware acquisition brought massive pricing changes that caught most IT departments off guard. The company eliminated perpetual licenses, forcing everyone into subscription models while implementing steep VMware license cost increases and new minimum core requirements. These aren’t minor adjustments: Broadcom restructured the entire VMware license pricing model.