Mirko Zorz

Kanvas: Open-source incident response case management tool
Kanvas is an open-source incident response case management tool with a simple desktop interface, built in Python. It gives investigators a place to work with SOD (Spreadsheet …

Exposure management is the answer to: “Am I working on the right things?”
In this Help Net Security interview, Dan DeCloss, Founder and CTO at PlexTrac, discusses the role of exposure management in cybersecurity and how it helps organizations gain …

CISOs urged to fix API risk before regulation forces their hand
Most organizations are exposing sensitive data through APIs without security controls in place, and they may not even realize it, according to Raidiam. Their report draws on a …

AI built it, but can you trust it?
In this Help Net Security interview, John Morello, CTO at Minimus, discusses the security risks in AI-driven development, where many dependencies are pulled in quickly. He …

Review: Attack Surface Management
Attack Surface Management (ASM) has become one of those buzzwords that gets used a lot but rarely explained in detail. The authors of this book offer a practical guide that …

Healthcare CISOs must secure more than what’s regulated
In this Help Net Security interview, Henry Jiang, CISO at Ensora Health, discusses what it really takes to make DevSecOps work in healthcare. He explains how balancing speed …

Cybersecurity essentials for the future: From hype to what works
Cybersecurity never stands still. One week it’s AI-powered attacks, the next it’s a new data breach, regulation, or budget cut. With all that noise, it’s easy to get …

How FinTechs are turning GRC into a strategic enabler
In this Help Net Security interview, Alexander Clemm, Corp GRC Lead, Group CISO, and BCO at Riverty, shares how the GRC landscape for FinTechs has matured in response to …

Secretless Broker: Open-source tool connects apps securely without passwords or keys
Secretless Broker is an open-source connection broker that eliminates the need for client applications to manage secrets when accessing target services like databases, web …

Federal Reserve System CISO on aligning cyber risk management with transparency, trust
In this Help Net Security interview, Tammy Hornsby-Fink, CISO at Federal Reserve System, shares how the Fed approaches cyber risk with a scenario-based, intelligence-driven …

How cybercriminals are weaponizing AI and what CISOs should do about it
In a recent case tracked by Flashpoint, a finance worker at a global firm joined a video call that seemed normal. By the end of it, $25 million was gone. Everyone on the call …

RIFT: New open-source tool from Microsoft helps analyze Rust malware
Microsoft’s Threat Intelligence Center has released a new tool called RIFT to help malware analysts identify malicious code hidden in Rust binaries. While Rust is becoming …
Featured news
Resources
Don't miss
- NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775)
- Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384)
- Protecting farms from hackers: A Q&A with John Deere’s Deputy CISO
- LLMs at the edge: Rethinking how IoT devices talk and act
- How to build a secure AI culture without shutting people down