%term

Has My Secret Leaked (HMSL) with ggshield: check public GitHub exposure safely

Jan 2, 2026 By GitGuardian In GitGuardian

Since 2018, GitGuardian has been scanning for secrets added to GitHub public repositories. When a secret is found, GitGuardian hashes it and stores only a fingerprint of the secret. That fingerprint is what you can search against to verify whether any of your secrets have leaked in public repositories, gists, or issues on GitHub. This service is called Has My Secret Leaked, and in ggshield you’ll see it as the HMSL commands. There’s also a web interface, but in this section we stay in the terminal and use ggshield end to end.

View Video

GitGuardian

Read more about Has My Secret Leaked (HMSL) with ggshield: check public GitHub exposure safely

Free ESXi: Restrictions and Limitations

Jan 2, 2026 By NAKIVO Team In NAKIVO

VMware is a market leader in virtualization solutions, and VMware ESXi is a renowned type 1 hypervisor. Increasingly, individual users and organizations are deploying ESXi servers in their environments to run virtual machines. An ESXi hypervisor is provided as part of VMware vSphere, which, in turn, comes with different licensing options for each edition. Each VMware vSphere edition has its own price, but VMware also provides a free version of ESXi.

Read Post

NAKIVO

Read more about Free ESXi: Restrictions and Limitations

Leveraging backup-as-a-service (BaaS) for Microsoft 365

Jan 2, 2026 By Acronis In Acronis

Summary Microsoft 365 is the operational backbone for email, collaboration, and business data, but it does not provide true backup — only availability and short-term retention. Once retention windows expire, deleted or compromised data may be unrecoverable, creating significant risk for organizations. Backup-as-a-service (BaaS) for Microsoft 365 closes this protection gap by delivering independent, point-in-time backups, granular recovery, and long-term retention.

Read Post

Acronis

Read more about Leveraging backup-as-a-service (BaaS) for Microsoft 365

Principles in Practice: Raw credentials should never be shared with LLMs

Jan 2, 2026 By 1Password In 1Password

If you wouldn’t hand your house keys to a delivery driver, why hand your credentials to AI? In this Principles in Practice video, Anand Srinivas, VP of Product & AI at 1Password, explains a critical rule for secure AI use: Raw credentials should never be shared with large language models. Instead of sharing secrets, use them securely: Don’t send raw credentials over the data channel of a protocol like MCP Use proxies and secure autofill instead of sharing secrets Keep credentials out of prompts, embeddings, and fine-tuning data.

View Video

1Password

Read more about Principles in Practice: Raw credentials should never be shared with LLMs

Single-Tenant vs Multi-Tenant FedRAMP Deployments

Jan 2, 2026 By Dan Page In Ignyte

Across the ecosystem of federal contractors, a majority of deployments tend to be relatively standard. 80% of them will be FedRAMP impact level Moderate, for example, and most will have a standard set of considerations and concerns, such that a lot of security controls can be automated. It’s those outliers that make FedRAMP challenging.

Read Post

Ignyte

Read more about Single-Tenant vs Multi-Tenant FedRAMP Deployments

Why compliance breaks at scale and what modern AppSec looks like

Jan 2, 2026 By Rucha Wele In Appknox

Compliance once lived on a calendar. Teams prepared for it in advance, reviewed it periodically, and treated it as a milestone separate from engineering work. That model no longer holds. Mobile applications now ship continuously. Features move weekly. Fixes land daily. Every change, no matter how small, alters the security and privacy posture of the organization. In this environment, compliance cannot trail development. It has to move with it, embedded into how software is built, tested, and released.

Read Post

Appknox

Read more about Why compliance breaks at scale and what modern AppSec looks like

PunchOut Integration with Shopify: Everything You Need To Know

Jan 2, 2026 By Saloni Walimbe In miniOrange

B2B buyers today expect corporate procurement to feel as seamless as shopping online on any modern ecommerce store, but with the higher control, stronger compliance, and streamlined approval workflows their companies require. They don’t want to toggle between supplier websites, manually handle product details, or deal with pricing inconsistencies.

Read Post

miniOrange

Read more about PunchOut Integration with Shopify: Everything You Need To Know

The CEO's Take: Making Security Work

Jan 2, 2026 By SecurityScorecard In SecurityScorecard

“In 2024, at least 35.5% of all data breaches originated from third-party compromises.” Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Nick Schneider (President & CEO, Arctic Wolf) for this discussion on: SecurityScorecard monitors and scores over 12 million companies worldwide.

View Video

SecurityScorecard

Read more about The CEO's Take: Making Security Work

How Modern AppSec Teams Stay Audit-Ready Without Slowing Delivery

Jan 2, 2026 By Rucha Wele In Appknox

Compliance once followed a schedule. Teams prepared evidence near audit windows, ran tests in batches, and treated documentation as something assembled outside the development lifecycle. That approach no longer holds when releases ship continuously. Every commit, dependency update, and configuration change reshapes exposure and alters what evidence must exist.

Read Post

Appknox

Read more about How Modern AppSec Teams Stay Audit-Ready Without Slowing Delivery

Work Life Boundaries in the 2025 Security Year in Review

Jan 2, 2026 By Razorthorn Security In Razorthorn

The 2025 review closes with a look at boundaries, where work still sits at the centre of life for many in cybersecurity. Flipping that script, so family, health and friends hold the core and work fits around them, offers one of the strongest answers to long term stress and burnout in security.