Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Real-world attack surface monitoring at massive scale: how the UK Government protects over half a million public sector domains

Scaling application security and attack surface monitoring inside a single enterprise is a massive headache. In June 2026, the Department for Science, Innovation and Technology (DSIT) of the UK Government joined us on stage at Infosecurity Europe to share the reality of a challenge that puts even the largest corporate hurdles into perspective.

Cookie Consent vs. GDPR Compliance: Why Network Traffic Matters More Than Banners

Cookie consent banners have become the public face of GDPR compliance. Nearly every organization operating in Europe has one, and many privacy teams have invested heavily in Consent Management Platforms (CMPs) to capture user preferences and satisfy regulatory requirements. The problem is that a consent banner only asks a question. It doesn’t prove the website honors the answer.

What You Need to Know about the Novo Nordisk Data Breach

Novo Nordisk is a leading global healthcare company headquartered in Denmark with production facilities in two other countries. Founded in 1923, the company provides access to diabetes and obesity care products alongside treatments for rare blood and endocrine diseases in about 170 countries.

The CISO's Challenge: Mapping Vulnerabilities to Business Risk

At the executive level, vulnerability management stops being a technical exercise and becomes a question of risk ownership, operational tradeoffs, and organizational accountability. When a vulnerability leads to a breach, it has a personal effect on security leaders along with its broader organizational impact. According to Proofpoint’s Voice of the CISO Report, a majority of CISOs claim they are personally blamed ‘always or often’ when a breach occurs, even when defenses were in place.

The Cyber Security and Resilience Bill: What It Means and Why Threat Intelligence Is Now Non-Negotiable

The CSRB has cleared the House of Commons and Royal Assent is expected before the end of 2026. CYJAX breaks down scope, reporting timelines, penalties, and how threat intelligence underpins compliance.

Connecting Custom Agents to Microsoft Agent 365 with the SDK [Part 2]

In Part 1, we covered onboarding Microsoft-native agents and SaaS AI platforms — the paths that need configuration, not code. Now we look at connecting agents that have no native integration — self-built frameworks and agents you build and run yourself. If an agent is missing from the M365 admin center inventory and the import-agents feature doesn’t support it, then the Microsoft Agent 365 SDK may be needed.

Building an effective endpoint security strategy in 2026

An endpoint security strategy is a structured plan that defines how an organization protects, monitors, and manages all devices connecting to its network (including laptops, desktops, servers, mobile devices, cloud workloads, and OT systems) through coordinated policies for access control, threat detection, vulnerability management, and incident response.

Report: Device Code Phishing is Surging

Multiple sophisticated phishing kits are now focusing on harvesting device codes to breach accounts without a password, according to researchers at LevelBlue. “Device code phishing exploits a legitimate Microsoft authentication flow to harvest Microsoft 365 access and refresh tokens without ever capturing a password,” the researchers explain. “The core mechanic is straightforward: whoever initiates the authentication request receives the resulting tokens.

How to Appear in AI Search Results

A few years ago, the goal was simple: rank on page one of Google. If your website appeared among the first 10 blue links, people would find you. That equation is changing. Search behavior is shifting from keyword lookups to answer-led queries. Instead of scanning a list of results, more people are turning to AI-powered search tools that read across the web, consolidate information, and deliver a direct answer. ChatGPT, Google AI Overviews, Perplexity, and Claude all work this way.

Delivering Context and Speed for Security Operations with Aurora Security Assistant

Security operations teams are facing a familiar, but growing, challenge. As threat actors leverage AI and automation to move faster, alerts continue to expand in volume and complexity. Even mature security teams struggle to keep up with investigation timelines, maintain institutional knowledge, and ensure consistent response quality. At the same time, buyers are demanding more from their security platforms. They want solutions that go beyond detection.