Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Create Highly Specific File Classifiers with Nightfall's Prompt-Based AI. No Regex Required

Dec 17, 2025 By Nightfall AI In Nightfall
Many sensitive documents don’t fit cleanly into standard categories, and traditional approaches like regex or broad classifiers often create noise and false positives. In this video, we walk through how to use Nightfall’s prompt-based file classifiers to detect business-critical documents based on intent, not brittle patterns or custom model tuning.
View Video

Risk Acceptance vs Risk Exposure: Making Smarter Security Investments

Dec 17, 2025 By Reach Security In Reach Security
Before investing in new security tools, it’s critical to understand what your current stack is actually delivering. Barmak Meftah spoke about the importance of baselining existing investments to truly grasp risk acceptance versus real risk exposure. Without that foundation, new acquisitions lack context and are often driven by trends rather than necessity. Smarter decisions come from understanding:︎ What is already deployed︎ How it is configured︎ Where exposure persists.
View Video
one identity

Top Takeaways from the Gartner IAM Summit 2025

Dec 17, 2025 By Bruce Esposito In One Identity
The theme at the Gartner IAM Summit conference this year was clear: identity is no longer adjacent to the business. It is the business. That idea showed up in the opening keynote, analyst sessions, hallway conversations, and especially in the gap between how IAM is supposed to work and how it actually works inside most organizations. After a week of listening closely, a few takeaways rose above the noise. We did not see many buzzwords or grand predictions.
Read Post
inetco

Tales from the fraud frontlines: How to avoid getting bitten by Visa VAMP

Dec 17, 2025 By Joe Kitos In INETCO
The Visa Acquirer Monitoring Program (VAMP) has quickly become one of the most discussed (and feared) compliance frameworks in the payments industry. With stricter enforcement beginning October 1, 2025, merchants and acquirers around the globe are scrambling to understand how to stay within Visa’s tightening thresholds and avoid painful penalties.
Read Post
Tines

The secret to holiday resilience: offload the muckwork with intelligent workflows

Dec 17, 2025 By Hanna Gower In Tines
Security and IT professionals know the pattern all too well: workplace stress peaks in the weeks leading up to major holidays. Teams face pressure to close out projects, meet year-end deadlines, and handle increased workloads with reduced staff. And to top it off, cyber threats don’t take holidays. In fact, attackers often exploit this exact window of vulnerability.
Read Post
sumologic

The SOC Analyst Agent: Bring an Agentic approach to work with your SOC team

Dec 17, 2025 By Oren Shevach In Sumo Logic
For years, security teams have dealt with the challenges of alert fatigue, endless tools and data sources, and constant context switching. But, so far, we haven’t been able to significantly improve it with traditional tools. However, new agentic approaches can start providing improved gains. This begins to change the way SOC teams operate and approach managing their talent.
Read Post
Arctic Wolf

CVE-2025-40602: SonicWall Releases Fix for SMA1000 Privilege Escalation Zero-Day Under Active Attack

Dec 17, 2025 By Andres Ramos In Arctic Wolf
On December 17, 2025, SonicWall released fixes for an actively exploited medium-severity zero-day vulnerability in the SonicWall SMA1000 Appliance Management Console (AMC), tracked as CVE-2025-40602. The vulnerability allows local threat actors to escalate privileges due to insufficient authorization in the SMA1000 AMC and does not affect SSL VPN functionality on SonicWall firewalls.
Read Post
securonix

Intel to Action: How Integrated Threat Intelligence Platforms Transform the Modern SOC

Dec 17, 2025 By Vanessa Sorenson In Securonix
Today’s adversaries are fast, distributed, and increasingly coordinated. Yet many SOCs remain reactively trapped in fragmented tools, endless alert queues, and growing pressure from executives to prove not just security, but resilience. It’s no longer enough to collect threat feeds or stand up a threat intel team. What’s needed is integrated intelligence—curated, contextualized, and operationalized—so your team can detect sooner, respond faster, and adapt continuously.
Read Post

BlackGirlsHack: Building a community and impactful legacy with Rebekah Skeete [277]

Dec 17, 2025 By LimaCharlie In LimaCharlie
On this episode of The Cybersecurity Defenders Podcast we speak with Rebekah Skeete, Executive Director and CEO of BlackGirlsHack Foundation. Rebekah dives into how BGH is helping to increase diversity in cybersecurity by bridging the gap between what is taught in educational institutions and what is necessary for careers in cybersecurity.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.