Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Organizations have long focused on securing human users – employees, partners and customers. But what about the identities that aren’t tied to a person? Non-human identities (NHIs), including service accounts, bots, APIs, machine identities and more, now outnumber human identities 20:1 in most organizations! Yet, they often lack proper oversight, making them a growing security risk.

99% of phishing emails that reached inboxes last year did not contain malware, according to a new report from Fortra. Attackers were much more successful using malicious links or purely response-based social engineering. Fortra explains, “Anti-malware scanning, sandboxing, and other pre-delivery security processes are increasingly common and make it more difficult for emails containing malware payloads to reach user inboxes.

As of January 17, 2025, the Digital Operational Resilience Act (DORA) came into force across all European Union member states, with the crucial aim of strengthening the IT security of financial entities such as banks, insurance companies and investment firms. To do this, the regulation looks to standardize how financial entities report cybersecurity incidents, test their operational resilience, and manage third-party risk.

The Network and Information Systems Directive 2022 (NIS2) was designed to strengthen the cybersecurity resilience of critical infrastructure across the European Union. However, while member states were required to transpose NIS2 into national law by October of 2024, many fell short of this deadline. As a result, on November 28, 2024, the European Commission launched infringement procedures against 23 member states for failing to meet their obligations.

Today, I'm absolutely thrilled to announce our newest innovation in the security space: our new CLI tool, Greybeard. After years of giving polite, professional security advice, we've realized what developers really need is an ornery virtual security expert who tells it like it is.

Some people might call bossware employee-sponsored spyware. Check out this article to learn more about employee monitoring software. The internet is a great place — until someone tries to steal your login credentials, credit card details, or even your entire identity. Enter phishing: the cybercriminal’s favorite way to trick you into handing over personal information. If you think you’d never fall for a scam, think again.

Imagine a world where medications are not tested properly, medical devices malfunction frequently, or sensitive healthcare data is handled recklessly. Scary, right? That’s exactly why regulations like FDA 21 CFR Part 11 exist. The Food and Drug Administration (FDA) is an American federal agency that is responsible for protecting the public health by ensuring the safety of food, drugs, cosmetics, and medical devices.

In today's digital landscape, APIs (Application Programming Interfaces) have become integral to business operations, enabling seamless integration and innovation. However, this increased reliance on APIs has also introduced significant security challenges. Salt Security offers a comprehensive solution to these challenges, providing organizations with the tools they need to protect their digital assets effectively.

The compliance deadline (March 31, 2025) for PCI DSS v4.0.1 is over. This date was a big change for global information security rules. It’s now April 1, 2025, and companies need to ask: “What’s next?” Some organizations haven’t finished requirement 6.4.3 (script integrity verification) or requirement 11.6.1 (browser protection controls). They must act fast to avoid non-compliance consequences.

Quantum computing isn’t just coming—it’s barreling toward us, flipping the rules of cybersecurity like a table in a bad action movie fight scene. And it begs the question every CISO and IT security professional should be asking right now: Are we ready for the quantum leap? While this groundbreaking technology promises extraordinary advancements, from AI breakthroughs to disease modeling, a darker shadow lurks beneath its potential.