Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Running Kubernetes on Amazon EKS? You’re likely already using cert-manager—the open source standard for TLS and mTLS certificate automation in Kubernetes clusters. Today, we’re excited to announce that CyberArk Enterprise Support for cert-manager is now available through AWS Marketplace, giving EKS customers a direct path to operational reliability, compliance, and expert support at scale.

This blog is the second part of a two-part series on post-quantum cryptography (PQC). In Part 1, we explored how the Harvest Now, Decrypt Later (HNDL) strategy has moved from crypto-conspiracy theory to a real threat model. This follow-up dives into how forward-thinking enterprises are already operationalizing PQC in their day-to-day security efforts—and how your team can take practical steps to do the same before quantum risk becomes quantum reality.

This blog is the first part of a two-part series on post-quantum cryptography (PQC). In this piece, we explore why quantum threats are no longer theoretical. In Part 2, we’ll cover practical steps for building post-quantum readiness. Security leaders have become digital-first responders. They perform triage on multiple emergencies every day, except with fewer thanks and more acronyms.

Unless you lived under a rock for the past several months or started a digital detox, you have probably encountered the MCP initials (Model Context Protocol). But what is MCP? Is this just a glorified API call, or is there really something there? This post thoroughly explains what MCP is and why it makes LLMs more powerful. It also provides a comprehensive threat model analysis and reviews the fundamental security vulnerabilities.

In this episode of Security Matters, host David Puner sits down with Marene Allison, former Chief Information Security Officer (CISO) of Johnson & Johnson, for a candid and wide-ranging conversation on trust, identity, and leadership in cybersecurity. From securing global vaccine supply chains during the COVID-19 pandemic to navigating the rise of AI and machine identities, Marene shares hard-earned insights from her decades-long career in national security and the private sector.

If the mere mention of identity governance and administration (IGA) stresses you out, you’re in good company. Managing digital identities and access privileges is a significant challenge that only grows more difficult as cloud adoption accelerates, and environments and threats become increasingly complex. Today, many organizations struggle to support the three key IGA business drivers: compliance, lifecycle management, and security.

The identity is the main attack vector for cybercriminals, with cybercriminals using stolen identity to infiltrate the organization, move laterally and vertically throughout the organization, and extract data, deploy ransomware, establish backdoors, and cause major service disruptions. All with long term impact to organizations.

“The modern ‘software as a service’ (SaaS) delivery model is quietly enabling cyber attackers and—as its adoption grows—is creating a substantial vulnerability that is weakening the global economic system.” These are the words of JPMorgan Chase CISO Patrick Opet in an open letter to third-party suppliers that has gone viral, at least in the cybersecurity world, and sparked a broader conversation about building trust in cyberspace.

The Model Context Protocol (MCP) is an open standard and open-source project from Anthropic that makes it quick and easy for developers to add real-world functionality — like sending emails or querying APIs — directly into large language models (LLMs). Instead of just generating text, LLMs can now interact with tools and services in a seamless, developer-friendly way.

In this episode of Security Matters, host David Puner welcomes Kevin Bocek, CyberArk SVP of Innovation, for an insightful discussion on the critical role of machine identity in modern cybersecurity. As digital environments become increasingly complex, securing machine identities has never been more crucial.