Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A developer-first guide to implementing HMAC signatures correctly.

On January 13, 2025, Fortinet released fixes for a critical-severity FortiSIEM vulnerability (CVE-2025-64155) that stems from improper neutralization of special elements used in OS commands within the phMonitor service (TCP/7900). An unauthenticated, remote threat actor can exploit this vulnerability via crafted TCP requests to execute unauthorized code or commands on affected systems.

At Tines, we understand different systems and environments require different deployment options. Some organizations require extra guardrails to access and manage their systems and data. Those operating in regulated industries or the government sector often require self-hosted or on-prem solutions to ensure their networks are secure and compliant. Tines is unique in many ways, but one of our biggest differentiators is that our intelligent workflow platform can be deployed in the cloud or self-hosted.

AI is everywhere, but without a consistent and secure way to connect it to real systems, it remains fragmented, difficult to govern, and hard to scale. Today, we’re introducing your AI interaction layer. Tines unifies AI agents, copilots, and Model Context Protocol (MCP) servers and clients in a single, secure environment. It gives teams a practical way to connect AI to systems and put it to work seamlessly across operations.

If your organization uses a private large language model (LLM), then it’s time to start thinking about countermeasures for jailbreaking. A jailbroken LLM can lead to leaked information, compromised devices, or even a large-scale data breach. Even more troubling: Jailbreaking LLMs is often as simple as feeding them a series of clever prompts. If your customers can access your LLM, your potential risk is even higher.

I spend most of my time thinking like a criminal. Not because I’m edgy, but because that’s literally the job. And lately, everywhere I look, I see the same thing: People are exposing MCP endpoints like they’re REST APIs, and forgetting they’re actually money execution engines. So let’s talk about Token Torching. Yes, I invented another name. This isn’t data theft. It’s not taking your service down.

Cato Networks’ SASE certification portfolio has taken a major step forward with Cato’s official recognition as an ISC2 Continuing Professional Education (CPE) Partner. ISC2 is one of the most trusted names in cybersecurity, representing more than 500,000 members worldwide. Their certifications are widely regarded as the benchmark for professional excellence in security.

The best security combines configuration controls (TLS, headers, network policies, pod security) with runtime behavioral monitoring that detects anomalies your configuration can’t see. Configuration creates the baseline—it defines what should happen. Runtime protection catches what gets through—it shows what is happening. You need both, but most teams only have the first.

What is a cloud workload protection platform (CWPP)? Security for the workloads actually running in your cloud—VMs, containers, and serverless functions doing real work. Unlike posture management (CSPM) that checks configurations, CWPPs monitor processes, network connections, and application behavior to catch threats as they happen. What’s the difference between CSPM, CWPP, CNAPP, and CADR? CSPM scans cloud settings for misconfigurations. CWPP protects running workloads.

What is ADR (Application Detection & Response)? A security tool that monitors application-layer behavior—API calls, function execution, code paths—to detect and respond to threats in real-time. Different from EDR (endpoint-focused) or CDR (cloud infrastructure-focused), ADR sees what’s happening inside your applications. Why do most ADR solutions fail? They only see one layer.