Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We’re thrilled to announce that Vanta has signed a strategic collaboration agreement (SCA) with Amazon Web Services (AWS) to make it even easier for businesses to scale securely in the cloud. We’re expanding the reach of our compliance automation and trust management platform, enabling organizations to build stronger security programs, accelerate audit readiness, and demonstrate compliance more efficiently—all while scaling on AWS. ‍

Now introducing task management for Cases!

GitHub is hardening npm publishing rules but the underlying lessons can be applied by all developers: WebAuthn for writes, OIDC, and short-lived least-privilege credentials.

Securing your applications couldn’t be more important in today’s fast-moving world of software development. Organizations face mounting pressure to deliver innovative software at an accelerated pace, yet this speed must never compromise security. This is where DevSecOps becomes crucial. With threats constantly getting smarter, developers need effective tools to write secure code right from the start.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Ouch. Really ouch. Just a hop and a skip away: I suppose it is fair to point out that you need physical access to perform this. Hard, but not impossible: A win is a win.

PCI DSS 4.0.1 became mandatory on March 31, 2025, bringing in 47 new requirements that fundamentally changed how compliance works. Organizations that treated PCI as an annual audit exercise now face a standard that expects real-time visibility into payment pages. Requirements 6.4.3 and 11.6.1 are the most impactful additions, which require real-time visibility into scripts and payment page changes. A spreadsheet updated quarterly can’t deliver that.

A single negligent click, command, or keystroke by a privileged user can let cybercriminals enter your network. This is where privileged session management (PSM) comes in. PSM enables you to monitor high-risk sessions and detect suspicious activity in real time, preventing insider and external threats from going unnoticed. In this article, we explain why PSM is critical in cybersecurity and how it can protect your sensitive data from threats.

Comcast is a global powerhouse as one of the foremost telecommunications and media conglomerates. It was established in 1963 as a small cable operator in Mississippi. Comcast’s mission focuses on connection through broadband television and film. Besides being the largest home internet service in the United States, it owns large media platforms like NBC-Universal and Universal Pictures.

CloudCasa by Catalogic and SUSE have partnered to deliver a new disaster recovery solution for Kubernetes and SUSE Virtualization environments. This joint approach combines CloudCasa’s Kubernetes-native backup and recovery platform with SUSE Storage (a.k.a. Longhorn) and its Disaster Recovery Volumes feature. This provides a resilient, storage-driven DR strategy that reduces cost, complexity, and recovery times.

In today’s cybersecurity landscape, one thing remains constant: humans are both our greatest asset and our biggest risk. Despite increasingly sophisticated technology, human risk, insider threats, and social engineering attacks like phishing,continue to lead the charge when it comes to successful breaches.