Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Technology should never be an afterthought. It should accelerate efficiency, productivity, and competitive advantage.

Some insider threats are quiet and compulsive. Others come wrapped in a peanut butter sandwich. In 2021, U.S. Navy engineer Jonathan Toebbe was arrested for attempting to sell classified submarine technology to a foreign government. He wasn’t forced into it. He wasn’t coerced. He initiated the contact himself, asking for hundreds of thousands of dollars in cryptocurrency in exchange for nuclear secrets. This wasn’t a data dump or a careless mistake. It was premeditated.

It seems like Artificial Intelligence (AI) has suddenly appeared in everything, everywhere, all at once. What feels like “five minutes ago”, there was “pre-AI life”, and now we have AI assistants that speak like real people, apps that create images, music, and video from nothing, and AI agents that do work for us.

Your SOC scrambles when alerts flood in: disparate tools, manual triage, and slow follow-through mean attackers move faster than your defenses. That gap from detection to containment stretches dwell time, increases breach impact, and drains your team. Manual tasks consume your most valuable resource—analyst attention—while every second matters in incident response.

Today, at Fal.Con 2025, I am delighted to announce CrowdStrike’s intent to acquire AI security leader Pangea. With this acquisition, CrowdStrike will pioneer the category of AI detection and response (AIDR) as we secure enterprise AI development and use across the data, models, agents, identities, infrastructure, and interactions making up the AI lifecycle.

Security issues in software development often stem not from developers’ lack of concern but from a fundamental disconnect between development and security teams. Each wants to do their job well, but their goals and expectations frequently conflict. This misalignment costs organizations in heightened security risks and tangible operational setbacks. Security issues identified too late in the cycle delay releases and increase project costs.

This is an ongoing incident and updates will be provided as more information is confirmed.

It’s fall, the leaves are starting to turn, school is back in session, but that also means our bi-annual workflow competition You Did WHAT With Tines?! (YDWWT) is here for the Fall 2025 season! This competition challenges our community of builders - from customers to partners - to bring forth their most impressive workflows, in the hopes to be recognized among the best of the best.

The U.S Department of Defense (DoD) has officially published the final CMMC Acquisition Rule, 48 CFR/ DFARS 252.204-7021 in the Federal Register. The rule goes into effect November 10, 2025—just 60 days from publication. July 22, 2025 marked a major milestone when the rule was submitted to OIRA for review. It cleared review in just 24 business days, was available for public inspection on September 9th, and published officially on September 10th.

No organization likes to contemplate being successfully hit with a cyberattack, but turning a blind eye to the possibility is the exact wrong thing to do. Digital Forensics and Incident Response (DFIR) planning and retainers, like car, home, and health insurance, are a necessity in case the unthinkable happens.