Help Net Security

Kanister: Open-source data protection workflow management tool
Kanister is an open-source tool that lets domain experts define how to manage application data using blueprints that are easy to share and update. It handles the complex parts …

Most AI and SaaS apps are outside IT’s control
60% of enterprise SaaS and AI applications operate outside IT’s visibility, according to CloudEagle.ai. This surge in invisible IT is fueling a crisis in AI identity …

Why the SOC needs its “Moneyball” moment
In the classic book and later Brad Pitt movie Moneyball, the Oakland A’s didn’t beat baseball’s giants by spending more – they won by thinking differently, scouting …

Companies negotiate their way to lower ransom payments
Nearly 50% of companies paid the ransom to recover their data, the second-highest rate in six years, according to Sophos. How actual payments stack up with the initial demand …

Users lack control as major AI platforms share personal info with third parties
Some of the most popular generative AI and large language model (LLM) platforms, from companies like Meta, Google, and Microsoft, are collecting sensitive data and sharing it …

Reconmap: Open-source vulnerability assessment, pentesting management platform
Reconmap is an open source tool for vulnerability assessments and penetration testing. It helps security teams plan, carry out, and report on security tests from start to …

The real story behind cloud repatriation in 2025
In this Help Net Security video, Mark Wilson, Technology and Innovation Director at Node4, shares key insights from the company’s 2025 mid-market report. He explores the …

Medical device cyberattacks push hospitals into crisis mode
22% of healthcare organizations have experienced cyberattacks that directly impacted medical devices, according to RunSafe Security. Three-quarters of these incidents …

Week in review: Keyloggers found on Outlook login pages, police shut down dark web drug market
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Researchers unearth keyloggers on Outlook login pages Unknown threat actors …

Amazon Linux 2023 achieves FIPS 140-3 validation
Amazon Linux 2023 (AL2023) has earned FIPS 140-3 Level 1 validation for several of its cryptographic modules. This means it’s now approved for use in systems that need …

CISOs flag gaps in GenAI strategy, skills, and infrastructure
95% of C-suite leaders say that GenAI is driving a new level of innovation in their organizations, according to NTT DATA. While CEOs and business leaders are committed to …

Who’s guarding the AI? Even security teams are bypassing oversight
Even security teams, the ones responsible for protecting the business, are adding to AI-related risk. A new survey by AI security company Mindgard, based on responses from …
Featured news
Resources
Don't miss
- Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms
- New framework aims to outsmart malware evasion tricks
- Finding connection and resilience as a CISO
- AI isn’t taking over the world, but here’s what you should worry about
- Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations