Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cybersecurity never stands still. Every login, session, and connection shifts the balance between freedom and control. Effective access management today isn’t about restriction—it’s about enabling trust at the speed of innovation. Modern enterprises achieve this by evolving their controls to be seamless, adaptive, and invisible to the user.

This blog post provides a dive into HTTP/3’s evolution for security engineers, an overview of our research journey, and what led us to develop the open-source tool QuicDraw, which can be used for fuzzing and racing HTTP/3 applications. QuicDraw implements “Quic-Fin-Sync” our implementation of the last-byte-sync with the single packet attack on HTTP/3. We conclude by evaluating QuicDraw’s performance against a real-world target and comparing its results to other tools.

Phishing continues to be the most common way attackers gain initial access. If you want to prevent phishing in your organisation, it starts with understanding how these campaigns suceed and why they continue to bypass traditional controls. Drawing on insights from our recent webinar Red Team Insights: What We’ve Learned from Breaching the Best, this article explores the tactics attackers rely on and the steps security teams can take to strengthen their defences.

We’re thrilled to announce that WatchGuard Technologies has earned the prestigious 2026 TrustRadius Buyer’s Choice Award ‒ for each of our major solution areas: Network Security, Endpoint Security, and AuthPoint. This achievement highlights the exceptional value our customers and partners place on our capabilities, pricing, and ongoing relationships.

Building trust is critical for today’s most ambitious businesses. Why? Because companies viewed as trustworthy grow up to four times faster. Yet earning and proving trust remains harder than ever. ‍ As organizations scale, their attack surfaces grow—and so do their tech stacks. Every new tool meant to increase security often fragments it, leaving teams buried in overhead and blind spots.

The EU’s Digital Operational Resilience Act (DORA) has just turned a year old. This regulation represented a fundamental shift in how the financial sector manages ICT risk, moving beyond traditional compliance to demand continuous, demonstrable digital operational resilience. A year on, the focus has changed. Organizations can no longer just avoid cyber incidents. They need to prove they can withstand, respond to, and recover from disruptions quickly and effectively.

AI coding assistants are evolving quickly. But are the latest models any better at writing secure code? Our October 2025 analysis brings fresh data on how newer large language models (LLMs) stack up against their predecessors, and the results reveal both progress and persistent gaps. This update builds on our July 2025 GenAI Code Security Report, which tested over 100 LLMs across four major programming languages.

As enterprises scale their infrastructure across on-premises, hybrid and cloud environments, traditional Identity and Access Management (IAM) tools are struggling to keep up. Legacy Privileged Access Management (PAM) platforms were built to support static infrastructures and were not designed for today’s multi-cloud environments. They have been shown to increase complexity, create gaps in security coverage and cause significant budget strain.