Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Hidden risks of standing privileges (and how to eliminate them)

It’s sometimes said that information wants to be free. However, freedom comes with risks. Especially when dealing with data that’s subject to laws around access, that’s property of individuals and entities, or that represents a business’s IP. After all, granting privileges puts information at the fingertips of employees – and potentially threat actors too.

The future of identity security Is AI-driven but human-led

Cyber threats continue to move faster, operate smarter and hit harder than ever before. Against this backdrop, one truth has emerged: identity is the new perimeter – your people’s digital identities are the new front line of defense. And that brings identity into focus for every attacker. To truly protect your business, you need an AI-enabled, dynamic, intelligent, unified Identity Fabric to deliver next generation protection and control without impacting productivity.

First Look, Then Leap: Why Observability is the First Step in Securing your AI Agents

AI Agents aren’t coming - they’re already here! reshaping industries, enhancing productivity, and unlocking new possibilities. Embedded in tools like Microsoft 365 Copilot, Salesforce Einstein, and custom-built assistants, they’re making decisions, automating workflows, and interacting with sensitive business data in real time. This wave of innovation is moving fast, but for once, security doesn’t have to play catch-up.

Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors

Dire Wolf is a newly emerged ransomware group first observed in May 2025 and Trustwave SpiderLabs recently uncovered a Dire Wolf ransomware sample that revealed for the first time key details about how the ransomware operates. Since its discovery, Dire Wolf ransomware group has launched a series of targeted attacks across multiple sectors and regions with an emphasis on manufacturing and technology sectors.

How Does Deep Network Visibility Elevate Your Vulnerability Management?

Every month, thousands of new vulnerabilities flood security feeds, yet many organizations still depend on quarterly scans and static inventories. That means critical flaws on shadow-IT devices or lateral-movement paths go unnoticed until it’s too late. Meanwhile, your team wastes precious cycles chasing low-risk issues while genuine exploits spread unchecked. It doesn’t have to be this way.

CISOs Brace for a Wave of AI-Powered, Domain-Based Cyber Threats

Domain-name system (DNS)- based cyber attacks are becoming increasingly complex, and AI will only make managing them even more challenging. According to a recent report, Chief Information Security Officers (CISOs) anticipate a tumultuous season of cyber threats, with low confidence in their abilities to defend against them effectively.

Defending at Machine Speed: Guiding LLMs with Security Context

Large Language Models (LLMs) provide strong reasoning and data summarization capabilities, making them valuable proxies for a variety of cybersecurity operations tasks. However, their performance can decline when applied to highly specific or enterprise-contextual tasks, particularly if the models rely solely on public internet data.

Now on AWS Marketplace: CyberArk Enterprise Support for cert-manager

Running Kubernetes on Amazon EKS? You’re likely already using cert-manager—the open source standard for TLS and mTLS certificate automation in Kubernetes clusters. Today, we’re excited to announce that CyberArk Enterprise Support for cert-manager is now available through AWS Marketplace, giving EKS customers a direct path to operational reliability, compliance, and expert support at scale.

SOC Burn Out Is Real: Improve Detection Without the Noise

“Too many alerts mean missing the real threats.” Alert fatigue is one of the top threats to a SOC’s performance. When everything looks like a threat, nothing does. The tradeoff is disabling rules, overly tuning rules, or simply ignoring alerts just to stay afloat. The risk? High-value, low-noise threats slip through the cracks.

The privacy illusion: when deleting your data doesn't actually delete your data

Let’s talk about privacy—specifically, the kind you thought you had when you hit “delete.” OpenAI received a court order to retain every single ChatGPT conversation, even the ones you erased. Yep. Even the awkward ones. Even the ones that start with, “Hypothetically, if I were to…” Why? Because The New York Times is suing them over copyright, and now everyone’s deleted chats are potential evidence.