Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

At the executive level, vulnerability management stops being a technical exercise and becomes a question of risk ownership, operational tradeoffs, and organizational accountability. When a vulnerability leads to a breach, it has a personal effect on security leaders along with its broader organizational impact. According to Proofpoint’s Voice of the CISO Report, a majority of CISOs claim they are personally blamed ‘always or often’ when a breach occurs, even when defenses were in place.

The CSRB has cleared the House of Commons and Royal Assent is expected before the end of 2026. CYJAX breaks down scope, reporting timelines, penalties, and how threat intelligence underpins compliance.

In Part 1, we covered onboarding Microsoft-native agents and SaaS AI platforms — the paths that need configuration, not code. Now we look at connecting agents that have no native integration — self-built frameworks and agents you build and run yourself. If an agent is missing from the M365 admin center inventory and the import-agents feature doesn’t support it, then the Microsoft Agent 365 SDK may be needed.

An endpoint security strategy is a structured plan that defines how an organization protects, monitors, and manages all devices connecting to its network (including laptops, desktops, servers, mobile devices, cloud workloads, and OT systems) through coordinated policies for access control, threat detection, vulnerability management, and incident response.

Multiple sophisticated phishing kits are now focusing on harvesting device codes to breach accounts without a password, according to researchers at LevelBlue. “Device code phishing exploits a legitimate Microsoft authentication flow to harvest Microsoft 365 access and refresh tokens without ever capturing a password,” the researchers explain. “The core mechanic is straightforward: whoever initiates the authentication request receives the resulting tokens.

A few years ago, the goal was simple: rank on page one of Google. If your website appeared among the first 10 blue links, people would find you. That equation is changing. Search behavior is shifting from keyword lookups to answer-led queries. Instead of scanning a list of results, more people are turning to AI-powered search tools that read across the web, consolidate information, and deliver a direct answer. ChatGPT, Google AI Overviews, Perplexity, and Claude all work this way.

Security operations teams are facing a familiar, but growing, challenge. As threat actors leverage AI and automation to move faster, alerts continue to expand in volume and complexity. Even mature security teams struggle to keep up with investigation timelines, maintain institutional knowledge, and ensure consistent response quality. At the same time, buyers are demanding more from their security platforms. They want solutions that go beyond detection.

Shopping for security testing, you’d have probably noticed that almost every vendor now promises continuous autonomous pentesting. The word sounds reassuring, suggesting round-the-clock surveillance, patching and making sure nothing slips through. But when you ask for what is being surveilled, when, how frequently, your levers in reporting and support, the milk starts to get curdy. This curd is the word “Continuous”.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! LastPass hit again…

Leading Managed Service Provider (MSP) distributors aren’t just adding identity tools to their marketplace. They are redefining the criteria for partnership within their ecosystems. For years, joining a major distributor’s marketplace was primarily a commercial transaction. Submit your business details, pass some basic onboarding checks and sell away. Identity security was an afterthought, a product category rather than a partnership requirement. Those days are gone.