Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

One unmanaged machine identity—whether a TLS certificate, SSH key, code signing certificate, or API secret—that’s all it takes to crash your website, halt transactions, and leave customers complaining about you in the comments. No one is immune. In fact, 83 percent of organizations have experienced a certificate-related outage in the past 24 months. Even tech giants recently made headlines after expired renewals triggered hours of downtime and millions in lost revenue.

Modern digital supply chains are increasingly complex and vulnerable. In this episode of Security Matters, host David Puner is joined by Retsef Levi, professor of operations management at the MIT Sloan School of Management, to explore how organizations can “sense the signals” of hidden risks lurking within their software supply chains, from open source dependencies to third-party integrations and AI-driven automation.

CyberArk Privilege Cloud version 14.7 improves user experience and operational efficiencies in the CyberArk Identity Security Platform. This release introduces significant updates and improvements, including Secure Access space and the new Identity Protection space, which features Threat Detection and Response (TDR), Risk Management, and more.

Do you know why Shai-Hulud should raise your hackles? Unless you’ve spent time on Arrakis in Frank Herbert’s Dune or the npm ecosystem this month, the name Shai-Hulud might not ring a bell. In Herbert’s world, Shai-Hulud is the colossal sandworm of Arrakis—feared, powerful, and destructive. In our world, I guess you could say the same thing. Shai-Hulud surfaced as a malware worm that tore through the npm software registry on Sept. 16–17, 2025.

We’ve spent decades treating persuasion like an art—something you could master if you had charisma, practice, or luck. Lawyers use it to hone arguments. Marketers use it to craft taglines. On the flip side, phishers use persuasive tactics to sharpen lures to razor points. But looking at it as an art form, while intuitive for some, can be messy. Hit-or-miss. Especially when you consider that today’s means of persuasion can run like code: systematic, reproducible, and scalable.

Across financial services operations, machine identities play critical roles, but in many organizations, these cryptographic keys, API tokens, certificates, and service accounts remain chronically under-governed. What’s more, machine identities outnumber human identities by staggering margins, creating a massive, often unseen, unsecured attack surface—one that’s only further compounded by the rise of artificial intelligence (AI).

Financial cybersecurity has never been a static discipline. Over two decades in this industry, I’ve seen it transform from a compliance checkbox to a cornerstone of business resilience—usually after a painful lesson. Today, we’re heading into the most significant paradigm shift for financial security since online banking: the convergence of artificial intelligence and machine identity governance.

In the world of identity security, organizations evaluating solutions want to understand why CyberArk stands out as the top choice. Leaders aren’t just looking for a rundown of capabilities – they want to understand what peers across industries are choosing and why.

When new security research hits the headlines, it often sparks a predictable wave of worry: should we turn off features we rely on? Should we rethink basic workflows? That’s exactly the case with recent findings that highlight how clickjacking techniques can exploit password manager autofill behavior.

In this episode of Security Matters, host David Puner speaks with Andy Parsons, CyberArk’s Director of EMEA Financial Services and Insurance, whose career spans from the British Army to CISO and CTO roles in global financial institutions. Andy shares hard-earned lessons on leadership, risk management, and the evolving cybersecurity landscape in banking—from insider threats to machine identity governance and the rise of agentic AI.

Picture this: You’re having your morning coffee when your phone buzzes with the kind of alert that makes security professionals break into a cold sweat. A single API key, leaked on GitHub months ago, has just given attackers a VIP pass to your entire infrastructure. Sound familiar? It should. The 2024 U.S. Treasury breach started exactly this way. One compromised machine identity opened the floodgates.

Not too long ago I read an interesting blogpost by SpecterOps about Microsoft EPM that got my attention as I was not aware of this Microsoft product/feature. It was interesting to learn that Microsoft expanded into the realm of Endpoint Privilege Management and since this means that there must be some service/driver running with high privileges that elevates low-privileged processes, I thought there could be potential vulnerabilities and bugs.

A sprawling cyber campaign is turning gamers’ hunger to gain an edge into a massive payday for threat actors who are leveraging over 250 malware samples to steal credentials and cryptocurrencies. The operation has already netted wallets containing more than US$135,000. In this blog post, we will delve into a specific infection instance, explore its mechanisms. and share indicators of compromise (IoCs).

It was recently reported that Salesloft’s Drift application was breached, allowing unauthorized access to its customers’ Salesforce data and affecting hundreds of organizations, including CyberArk. Upon learning of this incident, we quickly deployed threat containment measures, including terminating our Salesforce–Drift connection; disabling the Drift application and revoking all related user credentials; and rotating all Salesforce integration credentials.

Fast-moving cloud environments demand speed, but without the right access controls they invite risk. Resources such as virtual machines, containers, and services are created, modified, and terminated at a rapid pace. At the same time, workloads are becoming increasingly distributed, with data and applications spanning multiple regions, accounts, and even across different cloud service providers (CSPs).