Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

APIs are the Language of AI. Protecting them is Critical.

Dec 4, 2025 By A10 Networks In A10 Networks
APIs are the Language of AI. Protecting them is Critical. In this discussion, A10 Networks security experts Jamison Utter and Carlo Alpuerto explore the emerging impact of Agentic AI on the API security landscape. They delve into how AI agents, as new API consumers, are driving an explosion in endpoints and exacerbating existing security issues, pushing API protection higher up the security practitioners' priority list.
View Video

The Mythical 1+1=3 Model in Cybersecurity

Dec 4, 2025 By Reach Security In Reach Security
The mythical 1+1=3 model in security? It happens when the tools you already own stop working in isolation — and start working as a system. Jay Wilson and Garrett Hamilton dig into why Reach’s platform approach matters: not just enhancing individual controls, but creating compounding value across identity, endpoint, email, and network. When visibility, configuration, and enforcement align, the outcome isn’t incremental — it’s exponential.
View Video

Technology Is Ready, Mindsets Need to Catch Up

Dec 4, 2025 By Razorthorn Security In Razorthorn
Security technology for access control already exists, but success depends on mindset and the willingness to change course when conditions shift. The idea of being audible ready, switching plays at the line based on what appears in front of you, mirrors how security leaders adjust identity strategy and embrace change despite human resistance.
View Video
protecto

Best Practices for Implementing Data Tokenization

Dec 4, 2025 By Protecto In Protecto
Data is no longer confined to a few clean relational systems. It now flows through microservices, data lakes, event streams, vector databases, and LLM pipelines. Sensitive information spreads quickly, and once it reaches ungoverned surfaces—logs, analytics exports, embeddings—it becomes extremely painful to unwind. Tokenization is one of the few controls that can both minimize data exposure and preserve business functionality.
Read Post
sentrium

React and Next.js unauthenticated remote code execution (CVE-2025-55182, CVE-2025-66478)

Dec 4, 2025 By Tom Keech In Sentrium
On 29 November 2025, researcher Lachlan Davidson reported a critical React vulnerability that allows unauthenticated remote code execution via specially crafted React Server Function payloads. This vulnerability was disclosed as CVE-2025-55182 (React) and CVE-2025-66478 (Next.js) and is rated CVSS 10.0. A public proof concept has also been released so patching is of utmost importance.
Read Post
cycognito

Emerging Threat: CVE-2025-55182 (React2Shell) - React Server Components RCE Vulnerability

Dec 4, 2025 By Amit Sheps In CyCognito
On December 3 2025, the React team released patched versions of the affected React Server Components packages. Framework vendors, including Next.js, provided updated builds on the same day. Any environment using React Server Components or frameworks that embed the RSC pipeline should.
Read Post
one identity

AI in IAM: How much value is it really providing?

Dec 4, 2025 By Megan Pennie In One Identity
Let’s face it, AI is everywhere now. It has moved from novelty to necessity, reshaping the way we work, make decisions and secure our organizations. It guides how we plan trips, shop for essentials and discover information – but one of its most profound impacts is happening across enterprise environments.
Read Post
acronis

The complete guide to securing Microsoft 365: Why one platform beats seven tools

Dec 4, 2025 By Lee Pender In Acronis
Microsoft 365 has become the backbone of modern business productivity, with more than 450 million paid seats and over 300 million monthly Teams users. But this widespread adoption comes with a sobering reality: Microsoft 365 is now a prime target for cybercriminals worldwide.
Read Post
astra

EU CRA Explained: Requirements, Timeline & Compliance

Dec 4, 2025 By Keshav Malik In Astra
40 billion, that’s the total number of IoT devices expected to be functional worldwide by 2030; 4.3 billion are estimated to be functional in the EU by the end of December. Add to these, hardware, software, connected devices, embedded components, third-party libraries, and more: all shipped with weak security, inconsistent patching & little (if any) long-term support.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.