Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AWS re:Inforce 2025 delivered a flood of security announcements back in June. Simplified AWS WAF consoles. New Shield network posture management. Integrated CloudFront security. The headlines promised that enterprise-grade security finally became accessible to mid-market companies. Six months later, the hype cycle is over.

Hi there, We’ve just dropped a fresh batch of updates to help you cut through the noise, stay in control, and secure your cloud-native environments with more precision. Here’s what’s new in the ARMO Platform this month.

Part of our two-part series on the evolution from EASM to EEM. This post introduces the core shift from visibility to real-world exposure validation and why the legacy approach to external risk is no longer enough. External Attack Surface Management, or EASM, was once revolutionary. It gave organizations their first real visibility into the sprawling digital footprint created by cloud adoption, remote work, and third-party services. But the threat landscape has evolved. And EASM has not kept up.

CMMC compliance is now mandatory for companies handling Controlled Unclassified Information (CUI) or Federal Contract Information (FCI). The new 48 CFR rules require organizations to demonstrate effective data security practices. In air-gapped environments, USB encryption and strict data control are essential to maintaining compliance and protecting CUI.

A successful data security strategy isn’t about one tool, it’s about a sequence of steps. The first is understanding your data. The second is controlling how it moves. Together, classification and DLP create a data security foundation that prevents data leaks and breaches without slowing down the business. Unlike point tools, modern data classification solutions continuously scan repositories in real time, ensuring new files and updates are labeled correctly as your environment changes.

WatchGuard is proud to announce that we have been named a Market Leader in four critical categories by the Top InfoSec Innovators Awards 2025: Cybersecurity Service Provider, Endpoint Security, Managed Detection and Response (MDR), and Zero Trust Platform.

Europe remains a prime target for global adversaries. Financially motivated eCrime groups continue to target the region as espionage and hacktivism escalate amid geopolitical turmoil stemming from ongoing conflicts. The CrowdStrike 2025 European Threat Landscape Report, based on frontline intelligence from CrowdStrike’s elite threat hunters and intelligence analysts, provides a definitive view of adversaries operating within or targeting Europe.

A cyberattack is one of the most devastating experiences a company can go through. Yet for Jaycee Roth and Justin Harvey, being there for organizations when the worst happens is business-as-usual. As part of the Digital Forensics and Incident Response (DFIR) team within Kroll’s Cyber and Data Resilience business, their guidance and support ensures companies can recover fully from the disruption caused by a security incident.

Attackers can more easily introduce malicious data into AI models than previously thought, according to a new study from Antropic. Poisoned AI models can produce malicious outputs, leading to follow-on attacks. For example, attackers can train an AI model to provide links to phishing sites or plant backdoors in AI-generated code.

Historically, agent-based backup systems have been the norm. These systems operate by running software on the production machine, in tandem with the production application. The agent must communicate with its central data protection server for backups to be executed. The agent’s role is to read production data through the OS layer, process it, and transmit backup data to a media or backup server, where it is ultimately stored on a typically proprietary backup storage device.