Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

How to Adopt DORA's Threat-Led Penetration Testing Requirements

May 8, 2025 By Kroll In Kroll
The new Digital Operational Resilience Act (DORA) requires significant financial entities in the EU to carry out Threat-Led Penetration Testing (TLPTs) on a regular basis. However, the skills required along with the planning for these types of exercises can prove difficult and time consuming. During this session, Kroll brings together our red teaming, threat intelligence and DORA regulatory compliance experts to provide practical guidance on how security, risk and resiliency leaders can adopt a sustainable threat-led penetration testing (TLPT) program as required by DORA.
View Video

Teleport to Protect AI and Grant AI Access

May 8, 2025 By Teleport In Teleport
How teams are securing AI systems and providing protected access to sensitive resources. Learn about self-hosted AI solutions, database integrations with full audit capabilities, and centralized MCP server deployment. Discover how Teleport enables secure AI integration with your infrastructure while maintaining comprehensive visibility and control. Perfect for teams looking to balance innovation with security compliance.
View Video
outpost 24

Introducing Social Media and Data Leakage to Outpost24's EASM platform

May 8, 2025 By Victor Acin In Outpost 24
Digital Risk Protection (DRP) lets organizations proactively identify and mitigate external threats that emerge from their digital footprints. This can span public sources as well as deep and dark web channels. DRP is a key element of Outpost24’s external attack surface management (EASM) platform, so we’re pleased to announce two new integrations have been added: Social Media and Data Leakage. These new DRP modules will help cybersecurity teams to.
Read Post
seemplicity

The Cost of Manual Remediation Processes in a Regulated World

May 8, 2025 By Kevin Swan In Seemplicity
Security teams don’t need more alerts, they need fewer bottlenecks. In most organizations, remediation still runs on manual effort: ticket chasing, asset tagging, SLA tracking, endless email threads. It’s slow, fragmented, and risky for each organization. According to Seemplicity’s 2025 Remediation Operations Report, 91% of organizations face remediation delays, with the top two most common causes being collaboration and communication challenges (31%) and manual processes (19%).
Read Post
ionix

Exploited! SysAid On-Prem XML External Entity Vulnerability (CVE-2025-2775)

May 8, 2025 By Amit Sheps In IONIX
SysAid has patched a critical XML External Entity (XXE) flaw that lets unauthenticated attackers turn a routine /mdm check-in request into full administrator compromise—and, when chained with a newly disclosed command-injection bug, into remote code execution (RCE). The vulnerability, tracked as CVE-2025-2775, affects all SysAid On-Prem deployments up to 23.3.40 and is now fixed in 24.4.60.
Read Post
cyberint

Top Attack Surface Management (ASM) Software Solutions to Watch in 2025

May 8, 2025 By Gemma Goldstein In Cyberint
Organizations are increasingly recognizing that threats can emerge from various external-facing assets, including web applications, cloud infrastructure, APIs, and even shadow IT. This necessitates a robust Attack Surface Management (ASM) strategy, supported by specialized software solutions.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.