Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In 2026, you’re not just managing clusters and pipelines; you are managing the risk associated with the data flowing through them. As environments become decentralized and agentic, traditional, static data governance policies have morphed from inefficient to a security liability. The financial stakes of data governance failures have reached an all-time high. The average cost of a data breach in the United States has reached $10.22 million.

As organizations increasingly leverage Kubernetes for modern, cloud-native applications, the challenge of managing these environments securely and at scale grows. A centralized platform is needed to simplify Kubernetes operations, enabling deployment, management, and security across cloud, on-prem, and edge locations. Crucially, access to these Kubernetes environments, particularly production clusters, demands stringent control.

Today we’re introducing Extending Access Duration, a new capability designed to solve a problem we kept hearing about from customers who rely on short-lived, approved access to sensitive systems. Just-in-Time access is the right model for protecting critical resources. But real work does not always fit neatly into the time window defined when an access flow was created.

The world of identity and access management (IAM) is no longer a place for security gaps from unintegrated solutions. An identity fabric is the answer – multiple solutions that cover privileged access, identity governance and more to give your organization the strongest level of defense possible. Looking to fight identity sprawl from siloed solutions and orphaned accounts to streamline efficiency, productivity and visibility?

Getting ready for a SOC 2 audit can feel like an endless checklist. You already have tools collecting logs, provisioning users, and pulling reports from your systems, yet proving compliance still feels harder than it should be. The biggest pain in SOC 2 is not collecting data. It is managing access in a way that continuously aligns with your own policies.

An engineer gets a notification at 2 a.m. because something in production is broken. They need database access right away. For many teams, that access is already sitting there. Standing permissions granted for a past need that no longer exists. Credential abuse is still the most common way for a breach to start. It accounts for roughly 22% of initial attack paths, which is actually ahead of vulnerability exploitation at 20%. In many cases, attackers are not breaking in or exploiting a flaw.

When data programs fail, they usually fail in two very different ways. Weak data governance shows up as overexposed databases, long-lived credentials, and access that quietly expands far beyond intent, often until it’s exploited. Weak data management really breaks trust from the inside out with stale or inconsistent data, pipelines that stall under their own complexity, and bottlenecks that slow decision-making.