Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The CEO's Take: Making Security Work

Jan 2, 2026 By SecurityScorecard In SecurityScorecard
“In 2024, at least 35.5% of all data breaches originated from third-party compromises.” Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Nick Schneider (President & CEO, Arctic Wolf) for this discussion on: SecurityScorecard monitors and scores over 12 million companies worldwide.
View Video
acronis

Leveraging backup-as-a-service (BaaS) for Microsoft 365

Jan 2, 2026 By Acronis In Acronis
Summary Microsoft 365 is the operational backbone for email, collaboration, and business data, but it does not provide true backup — only availability and short-term retention. Once retention windows expire, deleted or compromised data may be unrecoverable, creating significant risk for organizations. Backup-as-a-service (BaaS) for Microsoft 365 closes this protection gap by delivering independent, point-in-time backups, granular recovery, and long-term retention.
Read Post
cyberhaven

Anatomy of an Insider Threat Investigation: From Alert to Remediation

Jan 2, 2026 By John Loya In Cyberhaven
It usually begins with something small. A flagged data transfer, an alert from your insider risk platform, or even a report from IT that a departing employee downloaded a large number of files. The signs can be subtle, often buried in the noise of daily digital activity. But make no mistake – what happens in the next few hours determines whether this becomes a minor blip or a full-blown cybersecurity crisis.
Read Post
ignyte Team

Single-Tenant vs Multi-Tenant FedRAMP Deployments

Jan 2, 2026 By Dan Page In Ignyte
Across the ecosystem of federal contractors, a majority of deployments tend to be relatively standard. 80% of them will be FedRAMP impact level Moderate, for example, and most will have a standard set of considerations and concerns, such that a lot of security controls can be automated. It’s those outliers that make FedRAMP challenging.
Read Post

Principles in Practice: Raw credentials should never be shared with LLMs

Jan 2, 2026 By 1Password In 1Password
If you wouldn’t hand your house keys to a delivery driver, why hand your credentials to AI? In this Principles in Practice video, Anand Srinivas, VP of Product & AI at 1Password, explains a critical rule for secure AI use: Raw credentials should never be shared with large language models. Instead of sharing secrets, use them securely: Don’t send raw credentials over the data channel of a protocol like MCP Use proxies and secure autofill instead of sharing secrets Keep credentials out of prompts, embeddings, and fine-tuning data.
View Video
nakivo

Free ESXi: Restrictions and Limitations

Jan 2, 2026 By NAKIVO Team In NAKIVO
VMware is a market leader in virtualization solutions, and VMware ESXi is a renowned type 1 hypervisor. Increasingly, individual users and organizations are deploying ESXi servers in their environments to run virtual machines. An ESXi hypervisor is provided as part of VMware vSphere, which, in turn, comes with different licensing options for each edition. Each VMware vSphere edition has its own price, but VMware also provides a free version of ESXi.
Read Post
aikido

IDOR Vulnerabilities Explained: Why They Persist in Modern Applications

Jan 2, 2026 By Sooraj Shah In Aikido
Insecure Direct Object References, commonly referred to as IDORs, remain one of the most common and damaging classes of application vulnerabilities. Despite being well documented and widely understood at a conceptual level, they continue to appear in real production systems, particularly in modern, API-driven applications.
Read Post
keeper

How KeeperPAM Integrates With CNAPP

Jan 2, 2026 By Ashley D'Andrea In Keeper
As cloud-native environments become more dynamic, organizations must balance workload security, visibility and control to ensure effective privileged access management. Cloud-Native Application Protection Platforms (CNAPPs) help security teams identify vulnerabilities and misconfigurations across cloud infrastructure, but they typically do not directly enforce privileged access controls at the session or connection level.
Read Post
the cyber helpline

How Organisations Can Support Victims of Cybercrime

Jan 2, 2026 By The Cyber Helpline In The Cyber Helpline
When someone experiences cybercrime, the impact extends far beyond the initial incident. Victims face a complex uphill battle emotionally, physically, and financially - and more often than not, they have to navigate this alone. For organisations supporting these individuals, understanding the human impact is crucial, alongside providing emotional support, education, and actionable guidance.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.