Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Called it (mostly): Checking in on 2026 predictions so far

On this episode of Masters of Data, we revisit the predictions Adam White, Zoe Hawkins, and David Girvin made at the end of last year, checking our own scorecard halfway through 2026. The hits: agents running amok and deleting databases, MCP becoming the backbone for tracking what agents actually do, growing security gaps around personal data, and a collective rejection of low-quality AI content. The misses: we underestimated how fast companies would cut staff for AI, then quietly start rehiring once the agents couldn't cover the work, and we're still arguing about whether token burn is a cost problem or a coming attack vector.

IT Audit: What It Is and How to Prepare for One

Cramming for an exam in school often meant late nights, large quantities of caffeine, and anxiety about potential final grades. Whether studying alone or as part of a group, you probably tried to pull together all your notes and review sheets, so you had the right information at your fingertips during the test. In some cases, these exams could determine whether you passed or failed a course.

Preparing for OMB M-26-14: How Datadog supports federal logging maturity

Memorandum M-26-14 from the Office of Management and Budget (OMB) marks a significant evolution in federal cybersecurity guidance, establishing a new risk-based framework for logging and network visibility across the United States federal government. The memo replaces the prescriptive requirements of Memorandum M-21-31 with an approach that emphasizes continuous monitoring, threat detection, investigation, and forensic readiness.

VPC Flow Logs: A Practical Guide for Security & Compliance

A lot of teams only realize they need VPC Flow Logs after an incident has already gone sideways. A workload starts behaving oddly. An analyst sees suspicious outbound connections. Someone asks the most basic question in cloud incident response: what else did this instance talk to, when, and was that traffic allowed or blocked? If you don't have a network record already flowing into your monitoring stack, you're left reconstructing events from fragments.

Microsoft WinRM Data in Graylog

If you’re running Windows in your environment, WinRM is one of the most valuable, and most abused channels in your infrastructure. Graylog provides a purpose-built way to make those logs immediately actionable. The Microsoft WinRM Content Pack, available with an Illuminate license and Graylog Enterprise or Graylog Security, delivers ready-to-use parsing rules, streams, GIM categorization, and a dashboard so you can turn raw WinRM operational events into structured, searchable security intelligence.

The Definitive SOC 2 Compliance Guide

Every day, service organizations handle sensitive customer information covered by data protection laws and subject to security compliance requirements. In the business-to-business world, customers require that their vendors provide validation and assurance over their privacy and security controls, typically asking for independent third-party attestations and reports.

The World Cup Creates the World's Largest Attack Surface

When 48 teams, 104 matches, 16 host cities, and a broadcast audience approaching half the planet converge across six weeks, something else converges at the same time: opportunity for the people trying to exploit it. The 2026 FIFA World Cup is the most complex digital event in history, and the security challenge it creates is not limited to the tournament organizers.

What Singapore's CCoP 2.0 Requires of Critical Infrastructure Owners

Picture Singapore’s largest telecommunications network. It carries the financial transactions, emergency communications, and government data of a city-state of nearly six million people. Now picture that infrastructure silently infiltrated for months by a state-linked espionage group, undetected until the telcos’ own security teams found it.