Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

From Metric to Mandate, How CIOs and CISOs Can Operationalize Microsoft Secure Score

This blog is the third part of our series on Microsoft Secure Score. Please read Part 1 and Part 2. As cyber risk escalates in complexity, the role of CIOs and CISOs has evolved far beyond IT governance. Today's security leaders are expected to deliver tangible risk reduction outcomes, maintain regulatory compliance, and support business continuity, often with constrained resources and growing accountability.

Device security beyond MDM: Why Omdia recommends Extended Access Management

Omdia, a global analyst and advisory leader, recently released a report called “How Extended Access Management (XAM) closes the gaps in security.” The report defines the challenges of modern access management as: These unmanaged forms of access create an Access-Trust Gap: The security risks posed by unfederated identities, unmanaged devices, applications, and AI-powered tools accessing company data without proper governance controls.

Enforce device posture beyond SSO with Extended Device Compliance

At RSAC 2025, we announced Extended Device Compliance, a new capability within 1Password Device Trust that enforces device posture Checks before allowing access to web applications, including those not protected by single sign-on (SSO). Extended Device Compliance redefines industry expectations for device trust solutions, ensuring devices are secure and compliant even when users access apps outside traditional admin control.

REST API Response Best Practices: Building Trust, Security, and Efficiency Into Every Interaction

REST APIs are the arteries of today’s digital ecosystems, silently exchanging data between countless applications, users, and devices. Yet, in the race to protect endpoints, authenticate users, and encrypt payloads, the security nuances of API responses are often overlooked. This oversight leaves a dangerous gap where attackers don’t need to break in; they simply listen, observe, and exploit what’s willingly given away.

Abnormal API Security: Elevating Your Organization's Cybersecurity Posture

In today’s increasingly interconnected digital landscape, APIs have become the invisible backbone of organizational efficiency, enabling data sharing, automation, and business innovation with quiet efficiency. However, as APIs proliferate, so do the vulnerabilities and targeted attacks that threaten to disrupt operations, compromise sensitive information, and damage an organization’s reputation.