%term

Has My Secret Leaked (HMSL) with ggshield: check public GitHub exposure safely

Jan 2, 2026 By GitGuardian In GitGuardian

Since 2018, GitGuardian has been scanning for secrets added to GitHub public repositories. When a secret is found, GitGuardian hashes it and stores only a fingerprint of the secret. That fingerprint is what you can search against to verify whether any of your secrets have leaked in public repositories, gists, or issues on GitHub. This service is called Has My Secret Leaked, and in ggshield you’ll see it as the HMSL commands. There’s also a web interface, but in this section we stay in the terminal and use ggshield end to end.

View Video

GitGuardian

Read more about Has My Secret Leaked (HMSL) with ggshield: check public GitHub exposure safely

The CEO's Take: Making Security Work

Jan 2, 2026 By SecurityScorecard In SecurityScorecard

“In 2024, at least 35.5% of all data breaches originated from third-party compromises.” Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Nick Schneider (President & CEO, Arctic Wolf) for this discussion on: SecurityScorecard monitors and scores over 12 million companies worldwide.

View Video

SecurityScorecard

Read more about The CEO's Take: Making Security Work

Leveraging backup-as-a-service (BaaS) for Microsoft 365

Jan 2, 2026 By Acronis In Acronis

Summary Microsoft 365 is the operational backbone for email, collaboration, and business data, but it does not provide true backup — only availability and short-term retention. Once retention windows expire, deleted or compromised data may be unrecoverable, creating significant risk for organizations. Backup-as-a-service (BaaS) for Microsoft 365 closes this protection gap by delivering independent, point-in-time backups, granular recovery, and long-term retention.

Read Post

Acronis

Read more about Leveraging backup-as-a-service (BaaS) for Microsoft 365

Anatomy of an Insider Threat Investigation: From Alert to Remediation

Jan 2, 2026 By John Loya In Cyberhaven

It usually begins with something small. A flagged data transfer, an alert from your insider risk platform, or even a report from IT that a departing employee downloaded a large number of files. The signs can be subtle, often buried in the noise of daily digital activity. But make no mistake – what happens in the next few hours determines whether this becomes a minor blip or a full-blown cybersecurity crisis.

Read Post

Cyberhaven

Read more about Anatomy of an Insider Threat Investigation: From Alert to Remediation

Single-Tenant vs Multi-Tenant FedRAMP Deployments

Jan 2, 2026 By Dan Page In Ignyte

Across the ecosystem of federal contractors, a majority of deployments tend to be relatively standard. 80% of them will be FedRAMP impact level Moderate, for example, and most will have a standard set of considerations and concerns, such that a lot of security controls can be automated. It’s those outliers that make FedRAMP challenging.

Read Post

Ignyte

Read more about Single-Tenant vs Multi-Tenant FedRAMP Deployments

Principles in Practice: Raw credentials should never be shared with LLMs

Jan 2, 2026 By 1Password In 1Password

If you wouldn’t hand your house keys to a delivery driver, why hand your credentials to AI? In this Principles in Practice video, Anand Srinivas, VP of Product & AI at 1Password, explains a critical rule for secure AI use: Raw credentials should never be shared with large language models. Instead of sharing secrets, use them securely: Don’t send raw credentials over the data channel of a protocol like MCP Use proxies and secure autofill instead of sharing secrets Keep credentials out of prompts, embeddings, and fine-tuning data.

View Video

1Password

Read more about Principles in Practice: Raw credentials should never be shared with LLMs

Free ESXi: Restrictions and Limitations

Jan 2, 2026 By NAKIVO Team In NAKIVO

VMware is a market leader in virtualization solutions, and VMware ESXi is a renowned type 1 hypervisor. Increasingly, individual users and organizations are deploying ESXi servers in their environments to run virtual machines. An ESXi hypervisor is provided as part of VMware vSphere, which, in turn, comes with different licensing options for each edition. Each VMware vSphere edition has its own price, but VMware also provides a free version of ESXi.

Read Post

NAKIVO

Read more about Free ESXi: Restrictions and Limitations

IDOR Vulnerabilities Explained: Why They Persist in Modern Applications

Jan 2, 2026 By Sooraj Shah In Aikido

Insecure Direct Object References, commonly referred to as IDORs, remain one of the most common and damaging classes of application vulnerabilities. Despite being well documented and widely understood at a conceptual level, they continue to appear in real production systems, particularly in modern, API-driven applications.

Read Post

Aikido

Read more about IDOR Vulnerabilities Explained: Why They Persist in Modern Applications

How KeeperPAM Integrates With CNAPP

Jan 2, 2026 By Ashley D'Andrea In Keeper

As cloud-native environments become more dynamic, organizations must balance workload security, visibility and control to ensure effective privileged access management. Cloud-Native Application Protection Platforms (CNAPPs) help security teams identify vulnerabilities and misconfigurations across cloud infrastructure, but they typically do not directly enforce privileged access controls at the session or connection level.

Read Post