Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DPDP Rules, 2025: A Guide to Digital Personal Data Protection

The notification of the Digital Personal Data Protection (DPDP) Rules, 2025, marks a major turning point in how businesses in India collect, use, and safeguard personal data in the digital ecosystem. Together with the Digital Personal Data Protection (DPDP) Act, 2023, these Rules create a rights-based, consent-driven framework that places citizens at the centre of data processing while still enabling responsible innovation and growth in the digital economy.

Blocking USB Devices and Whitelisting Authorized Peripherals with DLP

Data Loss Prevention (DLP) is all about keeping your business data safe from getting leaked, lost, or accessed without admin permission. It protects, identifies, analyzes, and blocks unauthorized data transfers within the network and through connected devices and outbound emails. DLP enforces company policies, preventing users from sharing confidential information. It further allows organizations to set USB restrictions to protect sensitive information at every stage of operations.

Top Software Supply Chain Security Best Practices for Enterprises

If an attacker compromised a dependency buried three levels deep in your build pipeline tonight, how long would it take you to find out? Open source libraries, third-party frameworks, transitive dependencies, build tooling, and now AI-generated code that developers may not have reviewed line by line: each of these components flows into your application, whether your team explicitly chose it or not. Each component is a potential entry point.

The post-quantum EO is an important milestone. Now it's time to get to work

On June 22, 2026, President Trump signed Executive Order 14409, "Securing the Nation Against Advanced Cryptographic Attacks." The order sets a December 31, 2030, deadline for federal agencies to transition their most sensitive systems to post-quantum encryption, and a December 31, 2031, deadline for post-quantum authentication. The EO also directs federal contractors to comply with post-quantum Federal Information Processing Standards (FIPS) by the end of 2030.

Monitoring Agents and SaaS AI Platforms with Microsoft Agent 365 [Part 1]

Agent usage is exploding and in Microsoft 365, agents aren’t monitored by default. Even though it’s early days for tools that can monitor agents, Microsoft’s newly released Agent 365 evolves this new category with some powerful capabilities. Here are some tips for using Microsoft Agent 365 and related tools to monitor agents. Solutions discussed in this post: This is part 1 of a two-part series.

Continuous vulnerability management: Is your program actually continuous?

Continuous vulnerability management (CVM) is an ongoing, automated approach to discovering, analyzing, prioritizing, and remediating security weaknesses across an organization's IT environment. It replaces periodic scans with real-time visibility that shrinks attacker opportunity windows.

Inside FortiBleed: Reverse Engineering the CyberStrike Harvester Behind a Global FortiGate Credential Factory

FortiBleed is a large-scale credential compromise campaign that targets internet-facing Fortinet FortiGate firewalls and SSL VPN gateways. The campaign does not depend on a malware payload; instead, it uses a credential pipeline that utilizes credential stuffing, password spraying, configuration harvesting, offline cracking, and post-authentication capture processing.

5 lessons MSPs should take away from Pax8 Beyond 2026

Pax8 Beyond 2026 made one thing clear: the managed services industry has entered a new phase. For years, managed service providers (MSPs) drove growth by adding more tools, more technicians and more services. Today, that model is cracking. AI, automation and rising customer expectations are reshaping how MSPs operate and how they create value. Technology alone is no longer the differentiator.

Introducing AI-assisted query creation in 1Password Device Trust

Today we're shipping a new capability directly into 1Password Device Trust that lets admins query their fleets faster, without needing to be SQL experts. Now you can describe what you want to investigate in plain English, and Device Trust generates a ready-to-run SQL query you can execute across your devices in a single click.