Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

For fraud fighters, link analysis tools like Persona’s Graph are becoming essential for stopping account sharing, deepfakes, identity mules, and other forms of sophisticated or scaling fraud attacks. Since we launched Graph in early 2023, we’ve spent countless hours gathering feedback from customers, investigating the latest fraud vectors, and testing new technology. Graph is a better product as a result, and we want to share six improvements that are helping fraud fighters today.

In conversations about AI, there’s a tendency to treat the future like a horizon we’re walking toward, always somewhere ahead, always a question of when. But if we look closely, the forces reshaping work, identity, and security beneath the surface are far more consequential than most people realize. More importantly, that reshaping is already happening.

We just published the CertKit roadmap.

Jan 13, 2026 Vibe Coding and GenAI Security: Balancing Speed with Risk Read More Natalie Tischler Jan 8, 2026 Top 10 Challenges in DevSecOps Adoption Read More Natalie Tischler Jan 6, 2026 Looking Ahead at 2026 with Gartner: How Smarter Teams and Tools Are Making Application Security a Breeze Read More Joe Ariganello.

See how Torq harnesses AI in your SOC to detect, prioritize, and respond to threats faster. Request a Demo Your SOC received 10,000 alerts yesterday. How many were real threats? Most SOC teams operate in a constant state of triage. Alerts pour in from dozens of tools, each one demanding attention, each one potentially critical. The reality? Your analysts are making high-stakes decisions about which alerts to investigate based on gut instinct and whatever time they have left in their shift.

The Digital Operational Resilience Act (DORA) introduces a unified framework for managing ICT risk across the European financial sector, with key requirements, including penetration testing, coming into force in 2026. Its aim is to ensure that regulated organisations, and the critical third-party providers they rely on, can withstand, respond to and recover from operational disruptions. Within this context, operational resilience and robust ICT risk management become central to regulatory expectations.

As 2026 unfolds, insider risk is being redefined by AI, behavioral analytics, and cross-functional accountability. The ability to predict risk based on behavior and intent, rather than react to outcomes, is reshaping how organizations defend against internal threats. Meanwhile, persistent factors like hybrid work continue to complicate visibility and oversight, amplifying risk across modern environments.

We are often obsessed with who can see our data(Confidentiality) and how that data is protected from tampering (Integrity). While these are vital, there is a third pillar of the CIA triad that is currently under constant pressure: Availability. A recent Forrester survey revealed a startling reality: 76% of data breaches now affect availability, while only 42% impact confidentiality and 27% affect integrity.

2025 was a defining year for CYJAX. With a bold rebrand, product innovation, and growing industry recognition, we strengthened our mission to empower organisations with analyst-enriched threat intelligence. This blog takes a retrospective look at CYJAX in 2025, a year that shaped our growth and direction.

Even with modern security tools, many organizations detect threats far too late. Attackers often operate quietly for extended periods because early warning signs go unnoticed. Exposed assets, forgotten services, misconfigured cloud resources, and unmanaged SaaS integrations rarely trigger immediate alerts. This delay increase means time to detect because security teams typically respond only after suspicious behavior reaches internal systems.