Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
What To Look for in a Password Manager
Thinking about using a password manager? Good move. But not all password managers are created equal. In this video, we break down the key features you actually need to protect your online accounts, from strong encryption and passkey support to secure sharing and built-in 2FA code storage. Plus, we’ll walk you through what setup looks like and why the best password management tools make it easy from the start.
Is It Safe To Send Tax Documents via Email?
Watch this short video to learn why emailing sensitive financial information is risky, and how hackers can use your tax documents for identity theft and fraud. Discover safe ways to send your documents, like by using zero-knowledge encryption and Keeper.
Three ways to mature your legacy GRC program in a highly regulated environment
What does a modern, well-functioning GRC program look like today? Join us for an on-demand webinar with Dragos and Regscale, where we’ll explore exactly that. Learn the biggest sources of friction to maturing a GRC program, how to evaluate what’s worth automating or standardizing in your GRC workflows, and what the path forward looks like for proactively managing risk and compliance in high-regulation environments.
How Synthesia Became One of Europe's Fastest-growing AI Companies | Frameworks for Growth
In this episode of Frameworks for Growth, Vanta CEO Christina Cacioppo sits down with Steffen Tjerrild, co-founder and COO/CFO of Synthesia, to talk about what it takes to scale one of the UK’s fastest-growing AI companies. They explore the future of AI-generated video, how Synthesia built category-defining technology, and why European values may shape the next chapter of AI development. Topics covered.
4 ways to scale compliance with AI
You got compliant—congrats! That’s a big milestone. It tells customers, investors, and the world that you take security seriously. But compliance doesn’t stop at your first audit. As your company grows, so do the requirements. You’ll have to manage new frameworks, more policies, faster timelines, more scrutiny, and more complexity. Modern GRC teams need to do more with less.
Maximizing Your Security Investment with the Microsoft Azure Consumption Commitment (MACC)
If your organization has a Microsoft Azure Consumption Commitment (MACC), you’re already on the path to optimizing cloud spend. But are you making the most of it? MACC isn’t just a budgeting tool, it’s a strategic advantage. By transacting eligible solutions through the Azure Marketplace, you can decrement your commitment while accelerating your cloud security and operations. That’s where BlueVoyant comes in.
How to Operationalize Enterprise Security Content Update (ESCU) Content
The Splunk Enterprise Security Content Update (ESCU) app is a powerful resource developed by the Splunk Threat Research Team. It provides out-of-the-box detection analytics mapped to the MITRE ATT&CK framework and tailored to various platforms such as Windows, Linux, and cloud environments. While installing ESCU is straightforward, operationalizing the content - meaning tuning, enabling, and maintaining it for real-world use - requires a few deliberate steps.
Salesloft Drift incident overview and CyberArk's response
It was recently reported that Salesloft’s Drift application was breached, allowing unauthorized access to its customers’ Salesforce data and affecting hundreds of organizations, including CyberArk. Upon learning of this incident, we quickly deployed threat containment measures, including terminating our Salesforce–Drift connection; disabling the Drift application and revoking all related user credentials; and rotating all Salesforce integration credentials.
Why Detection? Why Now? Key Takeaways from the NIST NCCoE Public COI Working Session
In April, I had the amazing opportunity to participate in a unique AI security event put on by the National Cybersecurity Center of Excellence (NCCoE). The April event was all about getting the community together to discuss what a Cyber AI Profile should look like as an overlay to the NIST Cybersecurity Framework (CSF) 2.0.
The xAI Wake-Up Call: A CISO's Guide to Preventing Data Exfiltration
The recent lawsuit filed by xAI against former engineer Xuechen Li should serve as a critical wake-up call for every CISO. When a trusted engineer can allegedly download proprietary Grok IP, and jump to a competitor, it exposes fundamental gaps in how we protect our most valuable digital assets. This isn't just about one rogue employee. It's about the reality that your company's most sensitive data is at the risk of exfiltration every day—in laptops, SaaS and AI apps, endpoints and browsers.