Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The OWASP Top 10 is usually presented as a list of technical failures. Broken access control. Injection. Insecure design. Misconfiguration. Each category points to something that went wrong in the application. What it doesn’t say explicitly is what was actually at risk when it went wrong. In most real incidents, the answer is not “the application.” It’s the data inside it. Sensitive data is the reason attackers care about OWASP failures in the first place. Credentials.

I’m delighted to announce CrowdStrike’s intent to acquire Seraphic, the leader in browser runtime security. With this acquisition, we will extend the power of the CrowdStrike Falcon platform into the browser to enforce security within sessions across any browser, on any device. The browser is already the operating system of the enterprise workforce, connecting apps, data, and identity.

Automotive engineering teams are being asked to deliver faster, with less tolerance for failure. Software-defined vehicle programmes, secure OTA rollouts, zonal and service-oriented architectures, and continuous feature delivery are now baseline expectations. In parallel, regulatory pressure is increasing — from WP.29 (R155/R156), ISO/SAE 21434, and the forthcoming EU Cyber Resilience Act — tightening requirements around software integrity, traceability, and lifecycle governance.

Acronis is introducing Acronis Archival Storage, a new S3-compatible cloud storage tier built specifically for long-term data retention, compliance and cost optimization. This addition strengthens the Acronis Cyber Protect Cloud platform by giving MSPs a complete, integrated solution that spans the entire data lifecycle from active protection on PCs and disaster recovery to long-term, compliant data archiving.

Do you know what it takes to launch a retail website that neatly organizes products and enables customers to add items to their carts with a single click? Do you know what powers the booking system your clients rely on? What is the hidden engine that manages your clients’ logistics, controls their supply chain, processes invoices and stores data for analytics and compliance? These are the systems MSPs are trusted to keep running every day. Critical servers.

Endpoint threats are evolving faster than ever - more automated, more precise, and harder to stop with detection alone. Today’s security teams need more than alerts; they need clarity, context, and the ability to respond in real time without adding complexity or operational strain. On January 29, 2026, at 8am PST (4pm GMT), join WatchGuard and GigaOm for an educational webinar that cuts through the noise around endpoint security.

On January 13, 2026, Fortinet released an advisory describing a high-severity remote code execution vulnerability affecting its FortiOS and FortiSwitchManager products. According to Fortinet, the vulnerability stems from a flaw in the CAPWAP Wireless Aggregate Controller Daemon and could allow an unauthenticated, remote threat actor to execute arbitrary code or commands. The vulnerability was discovered internally by Fortinet’s Product Security Team.

In AI-powered security, advantage comes not from automation alone, but from clear insight into how decisions are made. At Arctic Wolf, home to one of the world’s largest commercial security operations centers (SOC), we process over 10 trillion security events weekly. Rather than chasing automation for its own sake, we build AI that scales human expertise – preserving judgment where it matters most. But what is the optimal combination of humans and machines for security operations?

Gartner frames the AI SOC landscape as a dichotomy: providers pursuing full SOC replacement versus those building AI products to augment existing staff. Of these two approaches, only augmentation aligns with real-world security operations. It helps analysts triage alerts, investigate faster, enrich context, and summarize incidents with better consistency, all while keeping humans in the loop, even if their day-to-day efforts change.

Security teams can now eliminate container vulnerabilities at the source without developer effort or version upgrades. At Seal Security, we believe vulnerability management should start with secure foundations.That’s why we’re excited to share that Seal’s pre-patched packages to harden base and secure images are now officially integrated in Wiz. This partnership brings together Wiz’s best-in-class cloud visibility with Seal’s remediation-first approach to container security.