Expert analysis
The SOC is blind to the attackable surface
A security operations center (SOC) is the central nervous system of any advanced cybersecurity program. Yet even the most well-funded, highly organized and properly equipped …
April 2021 Patch Tuesday forecast: Security best practices
March kept us all very busy with the ongoing out-of-band Microsoft updates for Exchange Server and the printing BSODs, which plagued us since last Patch Tuesday. It looks like …
4 things you can do to minimize cyberattacks on supply and value chains
Supply chain attacks target the weakest spot in most every enterprise’s security program: third-party access. The SolarWinds hack was a classic supply chain attack, …
Cloud-native watering hole attack: Simple and potentially devastating
In this era of increasing technological complexity, watering hole attacks build on a model of simplicity. Just like predatory animals that hover near sources of water favored …
SASE or zero trust? Why security teams should be using both
As companies continue to navigate increasingly distributed environments, the question of zero trust is coming up more and more – as is the relationship between this …
Encryption is either secure or it’s not – there is no middle ground
The principle of end-to-end encryption underpins a system of communication where only the communicating users can read the messages. To this end, it exists to prevent any …
We must crush digital misinformation before it destroys society
Digital communication is connecting people around the globe with tremendous benefits, but is also being misused in terrible ways that take advantage of the community. We are …
Death, taxes, and hacks: How to prevent cyberattacks during tax season
Remember how folks did taxes in the olden days? They’d collect large piles of paper documents, fill out endless pages of forms, stuff a bunch of receipts in a shoebox and – …
5 key cybersecurity risks in 2021, and how to address them now
With an unexpected year of massive change behind us, many organizations have now an extensive remote workforce, new technologies in use, and digital transformation under way …
Want to get around a CAPTCHA? That’ll be 0.00094c, please
Shopping or booking an appointment online can seem increasingly like busywork. Please prove that you’re not a bot: select all the photos that show traffic lights. Do some …
The growing threat to CI/CD pipelines
Before the pandemic, most modern organizations had recognized the need to innovate to support developers’ evolving workflows. Today, rapid digitalization has placed a …
3 steps to meeting data privacy regulation compliance through identity programs
Cybersecurity is undeniably a business-critical function. That’s only been reinforced over the past few months by the SolarWinds and Exchange attacks. Consequently, a recent …
Featured news
Resources
Don't miss
- LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)
- The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic
- Treating AI agents like service accounts for federated query security
- Malware ships with bugs that defenders could use against it
- Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)