Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Most large organizations rely on multiple vulnerability and exposure scanning tools out of necessity. Infrastructure scanners, cloud security platforms, application security testing tools, container scanners, and attack surface management solutions all play a role. Each one is designed to answer a specific question. But when it comes to understanding the risk of the vulnerabilities and exposures they detect, each tool has its own approach to quantifying it.

A strong DevSecOps framework integrates security into every stage of the software development lifecycle (SDLC). But as development accelerates, reliance on third-party and open-source code grows, introducing significant risks from the software supply chain. Aligning your DevSecOps framework to address these specific threats is no longer optional. It’s essential for building resilient and secure applications.

Change is coming Some people don’t like change. Change is inevitable. And sometimes, change can be a good thing too. A while back we took our old phpBB2 forum offline (Find out why – here). As expected, that decision prompted a range of reactions and some understandable concerns from members of the community. The reasons behind that choice, including why we knew it would not work for everyone, are set out in the original post and remain unchanged.

It’s been a big month at ARMO – we shipped several powerful new capabilities to help you get more visibility, move faster, and stay ahead of real threats. Here’s what’s new.

At Tines, we recently faced a significant engineering challenge: our output_payloads table in PostgreSQL was rapidly approaching 17TB on our largest cloud cluster, with no signs of slowing down. Once a table reaches PostgreSQL’s 32TB table size limit, it will stop accepting writes. This table holds event data, in the form of arbitrary JSON, which is critical to powering Tines workflows. Given the criticality of the data, we couldn’t risk any disruptions to it.

With hyper-distributed workloads and machine-speed threats, the traditional strategy of "securing the perimeter" as a tactic for server and virtual machine (VM) has become obsolete. Today, security must be integrated directly into the workload itself.

The global economy is shifting toward total automation. Almost every industry is moving from manual work to automatic or semi-automatic workflows that act proactively or respond on their own, deliver results faster and operate with minimal human intervention. MSPs should be at the center of this transformation. This is the beginning of the autonomous MSP era – service providers that deliver reliable, scalable operations with minimal manual work, very high productivity and consistent quality.

In cybersecurity, an inaccessible tool isn’t just a nuisance: it’s a vulnerability. With the European Accessibility Act tightening regulations across Sweden and the EU, “good enough” design is now a legal and security risk. At Detectify, we’re rebuilding our front-end from the ground up to eliminate any “usability tax” that could lead to missed alerts.

Scammers stole an estimated $17 billion worth of cryptocurrency in 2025, according to a new report from Chainalysis. Notably, the report found that AI-assisted scams stole 4.5 times more money than scams that didn’t leverage AI. “Our analysis reveals that, on average, scams with on-chain links to AI vendors extract $3.2 million per operation compared to $719,000 for those without an on-chain link — 4.5 times more revenue per scam,” the researchers write.

When it comes to disaster recovery and backup plans, understanding the RPO and RTO is crucial as these two critical metrics help signal the level of your overall data security. In short, Recovery Time Objective (RTO) and Recovery Point Objective (RPO) play a critical role in determining how quickly and effectively an organization can bounce back from an IT disaster, safeguarding business continuity, and minimizing potential data and financial losses.