Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Salesloft/Salesforce incident revealed the danger of BLA 5: Artifact Lifetime Exploitation. The flaw is simple: the application fails to expire tokens and sessions properly. Stolen OAuth tokens that should have been short-lived were used to steal AWS keys, Snowflake tokens, and passwords. Key Takeaway: If an artifact is meant to be short-lived (a token, a session, a temporary file), it must be retired immediately upon expiration. Rotate your keys aggressively!

Security teams are drowning in alerts, and AI might not be the answer everyone thinks it is. In this episode, Erik Bloch, VP of Security at Illumio, breaks down the math on why AI-powered alert triage may be financially unfeasible for most organizations. With 85 to 90 percent of alerts being non-malicious, security teams are still sorting through massive volumes of noise to find the real threats. Many vendors are betting that AI will solve this problem by triaging alerts at scale. But the reality?

Recent UK breaches highlight how commoditised attacks and dark net markets provide ready stolen credentials for intrusions. Continuous authentication and behavioural analytics shift focus from the initial login to how a user interacts with data and resources, helping detection when attackers try to impersonate genuine behaviour.

From machine to intelligent identity: The AI security challenge.

Welcome to Data Security Decoded. Join host Caleb Tolin in conversation with Morgan Adamski who leads Cyber, Data, and Tech Risk at PwC and is a former US national security leader who spent 16 years tracking nation-state threats inside the US government. Coming out of a career spent inside secure facilities without windows or phones and working to address China’s prepositioning in US critical infrastructure, Morgan shares a direct view of how geopolitics is now shaping cyber risk decisions in boardrooms.