Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SNMP has always been one of the quiet but crucial components of network management. It helps administrators monitor devices, automate configurations, and keep operations running smoothly. On Sept. 24, 2025, Cisco disclosed a high-severity vulnerability, identified as CVE-2025-20352, affecting the SNMP implementation in its IOS and IOS XE software. This issue allows attackers with valid SNMP credentials to cause a denial of service or execute arbitrary code on the affected devices.

In today's complex IT environments, comprehensive log collection is crucial for effective auditing and security monitoring. Without this, endpoints, especially those that are VPN-joined, stay out of your reach while auditing. This was the bottleneck faced by our Log360 customer who recently availed OnboardPro, ManageEngine's professional services. They knew Log360 was capable of collecting logs from all their network devices—but what about the endpoints that were connected remotely via VPN?

In Part 1 of the cloud app control series, we explored how SinaraTech, a mid-sized ecommerce company, implemented access control to help reduce shadow cloud app usage by blocking risky or redundant sites. But the story isn't over yet. The SOC team had more nuanced challenges to be addressed. Let's continue down the road to find answers to those challenges.

We’re proud to announce that ManageEngine has once again been recognized in the 2025 Gartner Magic Quadrant for Security Information and Event Management (SIEM). To us, this marks another significant milestone in our journey to deliver a unified, intelligent, and accessible security analytics platform for organizations worldwide.

When it comes to managing cloud application usage in an organization, the challenges are anything but simple. On one side, users are constantly exposed to malicious links and risky apps. On the other, locking things down too tightly by broadly blocking access to services can cripple employee productivity. Ideally, you'd want a balance between security and productivity.

Healthcare is facing a new urgency curve. Proposed updates to the HIPAA Security Rule for 2025 include a definitive patching clock: Remediate critical vulnerabilities within 15 calendar days of identifying the need—if a patch is available—or within 15 days of a patch becoming available. This means SecOps and ITOps teams managing clinical workstations, back-end servers, and multi-OS estates across hospitals and clinics might need to revise their patching cycles to stay compliant.

What's more convenient than having access to your work apps on your personal device? Especially in healthcare, where physicians can avoid juggling between multiple devices during care delivery and just stick to that one device for all needs—both professional and personal. This convenience is one of the reasons for increased adoption of mobile devices among healthcare organizations.

In the competitive landscape of MSPs, efficiency is the ultimate currency. Juggling multiple platforms for endpoint management, ticketing, and billing creates operational friction, leading to delayed resolutions and increased costs. We are excited to announce a major step toward eliminating this complexity: the integration of HaloPSA with Endpoint Central MSP.

When the Australian Signals Directorate (ASD) reports that a cyberattack hits an Australian organisation every six minutes, it's clear we need more than crossed fingers and hope to protect our digital assets. That's where the Essential Eight comes in—Australia's homegrown cybersecurity framework that's helping organisations across the country build stronger defences against increasingly sophisticated threats.

During routine threat hunting, we, the ManageEngine Malware Analysis Team, came across a cluster of Google Colab notebooks appearing in search results for popular software downloads. On the surface, they looked legitimate, with well written installation guides and download links.