Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Most posts about types of endpoint security mention antivirus software, firewalls, or maybe EDR/XDR. And while those security technologies are important, they’re not enough. Cyberattacks have evolved. Today’s cyber threats target laptops, smartphones, and even IoT devices. Ransomware moves laterally. Zero-day exploits bypass signature-based defenses. Phishing attacks hit the end-user, not just the firewall.

Are you confident that your application security testing (AST) efforts are truly protecting your business, or are they just ticking boxes for compliance? These days, simply meeting regulatory requirements isn’t enough. Security teams face mounting pressure from alert overload, fragmented tools, and an ever-growing backlog of vulnerabilities. Meanwhile, executives demand clear evidence that security investments are driving real business value. So how can security leaders bridge this gap?

One of the primary concerns occupying future-gazers within the technology industry is the impact that quantum advances will have upon established encryption methods. Quantum computing is advancing at pace, and alongside the enthusiasm for what that will enable is a practical concern for the way quantum processing might render some of today’s security approaches ineffective.

The 2025 Gartner Security & Risk Management Summit was a wake-up call, and an opportunity, for anyone responsible for securing the future of AI. With over 1,700 AI use cases now reported across federal agencies and enterprise adoption growing at a breakneck pace, the message was clear: AI is no longer on the horizon. It’s here, it’s active, and it needs securing.

The Texas Department of Transportation (TxDOT) is responsible for designing, planning, operating, building, and maintaining the state’s transportation system to deliver a reliable and safe transportation system. It strives to ensure the ease of movement of people and goods through an integrated transportation system, which includes roads, airports, waterways, rail lines, pipelines, and inland and water ports.

Cyber attackers hide in enterprise networks for 277 days on average before anyone spots them. Once organizations catch these intrusions, quick incident response hinges on understanding the full attack story. Retrospective analysis flips this challenge into an advantage by digging through historical data to speed up future incident response and strengthen incident management capabilities.

CVE-2025-32756 is a critical remote code execution (RCE) vulnerability affecting multiple Fortinet products, including FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera. The flaw arises from a stack-based buffer overflow in the handling of the AuthHash cookie’s enc parameter within the /remote/hostcheck_validate HTTP endpoint.