Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

I’ve worked as a threat hunter in several Black Hat Security Conference Network Operations Centers (NOCs) across the globe. So I didn’t expect to be surprised by much when signing on to be a part of the NOC for SCinet—a conference that has the “fastest conference network in the world.” And yet I was surprised by just how diverse the SCinet NOC team was, how collaborative the environment was, and how much we were able to achieve with automation in such a short amount of time.

Today, Mend.io is proud to announce the launch of AI Agent Configuration Scanning, integrated directly into the Mend AI Scanner. By treating “Agents as Code,” we are bringing security visibility and CI-friendly enforcement to AI configurations before they reach production The rapid adoption of AI agents has transformed the modern developer workflow.

The Calico community moves fast. With the releases of Calico 3.30 and 3.31, brings improvements in scalability, network security, and visibility. Now, we want to see what YOU can do with them! We’re excited to officially invite you to the Project Calico 3.30+ Community Hackathon. Whether you’re a seasoned eBPF expert or a newcomer to the Gateway API, we welcome your innovation and your ideas!

Security teams are frequently asked to provide clear, time-bounded evidence of their organization’s security posture. Whether the request comes from external auditors validating SOC 2, ISO 27001, PCI DSS, or internal governance reviews, they typically require collecting vulnerability data from multiple tools, reconciling resource lists, and manually generating spreadsheets for auditors. This process is slow, error-prone, and difficult to repeat consistently.

The modern cloud security landscape is often fighting a war on two disconnected fronts. On one side, we have Cloud Security Posture Management (CSPM) platforms like Wiz, which act as the cartographers of risk—mapping terrain with high fidelity to identify open ports, unpatched vulnerabilities, and toxic permission combinations. On the other hand, we have Runtime Defense tools (SIEM, EDR, NGFW) that generate massive streams of activity logs.

Given the mountain of applications that we use today, having them together and logging in to each of them can be a hassle. However, a well-designed SSO architecture comes to your rescue increasing productivity and simplifying your daily worklife. This blog aims to unfold the differences in SSO architecture, with a focus on SSO protocols like SAML, OAuth, as well as architecture diagrams, integrations, challenges, and best practices that expert teams are already using.

Enterprise IT relies heavily on Active Directory (AD) for user, access, and authentication management. A compromise can harm systems, data, and accounts. Why Swift Response Matters A fast, effective response can contain an AD incident, while delays can turn it into a major organizational crisis, including: A clear AD response plan is essential to systematically: Long downtime, damage to organization’s reputation, and problems with compliance can result from neglecting proactive AD recovery.

In enterprise Windows environments, BitLocker recovery often depends on storing and retrieving a unique 48-digit recovery password for every device. When these passwords are missing, outdated, or inaccessible, recovery becomes time-consuming and can lead to an irrecoverable data loss event. As device counts grow, this approach creates operational risk that IT teams cannot afford. In today's enterprise environments, encryption is only as strong as your recovery strategy.