Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

aikido

Top Automated Pentesting Tools Every DevSecOps Team Should Know

Jun 17, 2025 By Ruben Camerlynck In Aikido
Penetration testing (“pentesting”) has shifted from a once-a-year checkbox to a continuous necessity. In fact, by 2025 the pentesting industry is expected to hit $4.5 billion as companies race to find vulnerabilities before attackers do. Yet 38% of companies only run 1–2 pentests per year – leaving long gaps where new flaws can creep in. That’s a dangerous game when 73% of breaches involve exploiting web app vulnerabilities.
Read Post

The MemcycoFM Show: Episode 4 - How to Prevent Credential Stuffing Attacks

Jun 17, 2025 By Memcyco In Memcyco
Credential stuffing attacks are one of the most persistent and damaging account-based threats facing security teams – and one of the hardest to detect. Most enterprises rely on server-side, post-login detection, which captures only successful login attempts. Failed attempts remain invisible, slowing time-to-detection and increasing the risk of successful account takeovers (ATOs). Why is this such a challenge? The reasons are many, as we’ll explore.
View Video
trustcloud

ISO 27001 beyond IT: Building a culture of security across the enterprise

Jun 17, 2025 By Richa Tiwari In TrustCloud
The digital era has spurred organizations to rethink how they protect sensitive data, necessitating a robust and holistic approach to security. Although ISO 27001 is widely recognized as a framework for managing IT security, forward-thinking leaders are discovering that its principles can be extended far beyond IT departments.
Read Post

SOC 2 Compliance for SaaS Companies

Jun 17, 2025 By VISTA InfoSec In VISTA InfoSec
Is your SaaS company struggling to close those big enterprise deals? Chances are, they're asking for SOC 2 compliance – and for good reason! A staggering 82% of enterprises demand SOC 2 compliance from their SaaS vendors to mitigate data breach risks (Cloud Security Alliance, 2023). Without it, you're missing out on massive opportunities!
View Video

Common pitfalls when evaluating AI agents for the SOC

Jun 17, 2025 By LimaCharlie In LimaCharlie
When evaluating AI agents for your SOC, it's not just about capabilities—it’s about control, oversight, and integration. In this clip, Philippe Tchakovski breaks down the most common mistakes security teams make when adopting AI: from fragile API integrations to missing guardrails and a lack of audit trails. Don’t deploy blindly—understand the risks before automation goes live.
View Video

Security isn't a department.

Jun 17, 2025 By Cloudflare In Cloudflare
Security isn’t a department. It’s a shared responsibility. To move from reactive to preventive, every product team needs embedded cyber expertise. Ange Ferrari, SVP and CISO at Metro AG, explains how decentralizing security enables scale and forces organizations to treat security as everyone's job, not just IT's. If you want to "shift left" for real, this episode is your playbook.
View Video
1Password

All SSO security is not created equally

Jun 17, 2025 By Rachel Sudbeck In 1Password
This blog has been adapted from a section of 1Password’s ebook: Why SSO is not enough for identity security. To read the complete ebook, click here. Single sign-on (SSO) solutions integrate with a company’s identity provider (IdP) to allow users to authenticate to multiple applications via a single log-in. By reducing the number of access points and employee credentials, SSO reduces a company’s attack surface.
Read Post

What is a Web Browser Based Attack?

Jun 17, 2025 By Indusface In Indusface
Did you know 95% of undetectable malware spreads through your browser? From Cross-Site Scripting (XSS) and CSRF to Clickjacking and drive-by downloads—web browser-based attacks are more common and more dangerous than ever. In this video, we break down how these attacks work, what causes them, and what you can do to stay protected—both as a user and a website owner.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.