Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

cyberhaven

Is Your Organization DLP-Mature? Here's How to Find Out

Dec 23, 2025 By John Loya In Cyberhaven
Every organization knows that protecting sensitive data is important. But knowing you should protect data and actually having the people, processes, and technology in place to do it well are two very different things. Too often, data protection programs evolve reactively—driven by the latest regulatory deadline or the aftermath of a near-miss incident. The result is a patchwork of policies and tools that create a false sense of security without delivering true resilience.
Read Post

Joomla SAML SSO with Okta | Step-by-Step SAML SP Setup Guide

Dec 23, 2025 By miniOrange In miniOrange
Learn how to configure SAML Single Sign On (SSO) in Joomla using Okta as the Identity Provider. In this step-by-step tutorial, we show how to connect your Joomla site as a SAML Service Provider (SP) with Okta, allowing users to securely log in using their Okta credentials. What you will learn in this video: Creating and configuring a SAML application in Okta Setting up the Joomla SAML SP plugin Exchanging metadata between Joomla and Okta Configuring attribute mapping This configuration is ideal for organizations that want centralized user authentication, stronger security, and seamless access to Joomla using Okta-managed identities.
View Video
keeper

Keeper Security Achieves FedRAMP High Authorization for Privileged Access Management

Dec 23, 2025 By Kim Howard In Keeper
As federal agencies face increasingly sophisticated cyber threats, securing high-impact systems and sensitive unclassified data has become a top priority. To support this need, Keeper Security has achieved FedRAMP Authorization at the High Impact Level for its Keeper Security Government Cloud (KSGC) platform, expanding its ability to protect the U.S. federal government’s most sensitive unclassified workloads.
Read Post
trustcloud

6 Ways to move from security questionnaires to self-serve trust

Dec 23, 2025 By Akshay V In TrustCloud
In this session of the Strategic CISOs webinar series, Sravish Sridhar (CEO, TrustCloud) sat down with Myke Lyons (CISO, Cribl) and Jon Zayicek (Customer Security Assurance Leader, Cribl) to break down how Cribl built a customer trust program that helps buyers self-serve proof, reduces questionnaire drag, and gives security a clear line of sight to pipeline and ARR. Cribl has turned customer assurance into a revenue accelerant, and that posture has produced great results.
Read Post

AI and Data Security: Why Your Data Security Model Is Hurting Innovation

Dec 23, 2025 By Protegrity USA Inc. In Protegrity
Why Your Data Security Model Is Outdated For over 20 years, we’ve focused on the Data Envelope—securing the perimeter, the cloud, and the network. But in a world of AI and rapid data sharing, protecting the envelope is not enough. In this video, James Rice (VP of Product Marketing at Protegrity) explains why traditional security has become the biggest bottleneck for modern innovation. Whether you are a security leader, a data architect, or a business innovator, understanding this paradigm shift is essential for the next decade of growth.
View Video

Razorwire 2025 Cybersecurity Year in Review

Dec 23, 2025 By Razorthorn Security In Razorthorn
The Razorwire Christmas Party 2025 episode looks back over a year of burnout, AI hype, flat security budgets and noisy breaches, and forward to the future of work in cybersecurity. Listeners get a fast survey of social engineering trends, alert fatigue, decision culture, talent pipelines and work life boundaries that shaped 2025 and point to the years ahead.
View Video
tanium

Two is one, one is none: the art of resilient operations

Dec 23, 2025 By Tanium In Tanium
On a cold and windy day in March 1996, a group of 25 Marine Corps second lieutenants, accompanied by their instructors, participated in a communications field exercise at Fort A.P. Hill, Virginia. The objective was to provide training on installing, operating, and maintaining a tactical communications architecture while continuously relocating. The terrain at Fort A.P.
Read Post
apono

When Agentic AI Becomes an Attack Surface: What the Ask Gordon Incident Reveals

Dec 23, 2025 By Gabriel Avner In Apono
Pillar Security’s recent analysis of Docker’s Agentic AI assistant, Ask Gordon, offers an early glimpse into the security challenges organizations will face as AI systems begin operating inside the development stack. Their researchers discovered that a single poisoned line of Docker Hub metadata caused the agent to run privileged tool calls and quietly exfiltrate internal data.
Read Post

Bots vs. Barcodes: The Resource Quota Failure. #ticketmaster #bla #ratelimiting #businesslogic

Dec 23, 2025 By Wallarm In Wallarm
The infamous Ticketmaster case highlights BLA 1: Resource Quota Violation. Attackers used bots for mass purchasing and employed ingenious evasion: they reverse-engineered the barcoding logic to rotate and authenticate tokens, bypassing security controls. The core failure? Flawed rate limiting and business logic expiration. You must protect your inventory and your purchasing flows as if they were financial assets.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.