Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Most websites host tracking systems that change continuously, tag by tag, pixel by pixel, version to version, often without anyone in privacy touching a line of code. Marketing adds a session replay script through the tag manager. Vendors quietly push updates to the tags. By the time it’s noticed in the next periodic review, the damage is done. Drift in tag behaviour leads to consent violations. And tracking scripts load and process data despite GCP signals.

Picture this: it’s 2am, your pager goes off, and you’re staring at a production database that’s on fire. You know exactly what’s wrong. You know exactly how to fix it. But you can’t touch anything because you’re waiting on someone to approve your access request. Meanwhile, your customers are down, your SLAs are bleeding out, and you’re refreshing Slack, and every minute you spend waiting is another minute of damage you could’ve prevented.

Sr. Technical Content Strategist Hockey has a saying that describes the problem security organizations face when trying to integrate AI:"You have to skate to where the puck is going, not where it has been". Think of the modern security stack. It's a fragmented architecture built layer by layer over decades. Tools are siloed, some overlapping, some operating in black boxes, and others that no one remembers installing.

Teams, friends and family members often need to share access to accounts, but traditional methods like email, text messages or screenshots expose sensitive information and create lasting risk. Keeper’s One-Time Share works by creating a secure, device-bound link that allows temporary access to a record while keeping credentials encrypted and fully protected. This approach enables fast, secure sharing without requiring the recipient to create a Keeper account or gain ongoing access to your vault.

During a recent video interview, we spent time unpacking a deceptively simple question: what actually makes a vulnerability critical? Severity scores, exploitability, and asset importance all factor into the answer. But one layer of context consistently changes the urgency of a finding more than most teams expect: internet exposure. The difference between a vulnerability that exists and one that matters often comes down to whether an attacker can reach it.

Why do most Kubernetes security tools fail teams in practice? Because they treat deployment and security as separate problems. A true Kubernetes security deployment service embeds scanning, policy enforcement, and runtime monitoring directly into the deployment flow — so risky workloads never reach production in the first place. Why isn’t shift-left security enough on its own?

In my experience working inside banks, identity security can be like plumbing: when it’s working, no one wants to talk about it. When there’s an incident, an audit, or a regulator—suddenly everyone wants to understand how it works. Artificial intelligence (AI) brings the same “no one cares until everyone does” energy, but with face-melting velocity. Today, AI is embedded across large parts of the financial services industry, and it has been around for more than 25 years.

Since 1Password began, we have built security into the places where work actually happens. Security is not treated as an overlay or a separate workflow, we build directly into the browser, command lines, developer tools, and IDEs, where decisions are made and actions take place. We believe that if you want to improve security outcomes, you build where the work happens, making the secure path the simplest one.

Wi-Fi doorbells such as Ring and Nest have become a staple in home security. They promise peace of mind, showing you live footage of your doorway to deter thieves. Up until now this has been an effective security method, but doorbell footage has started going missing, and deauth devices are responsible.

I have managed Alliances for more years than I can count on two hands, and the best results I’ve seen come from genuine collaboration. Shared planning and learning, along with honest conversations about what’s working and what needs to improve. When that happens, clients benefit most.