Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In Episode of Guardians of the Enterprise, Dr. Pawan Chawla (CISO and DPPO, Tata AIA Life Insurance) joins Ashish Tandon (Founder and CEO, Indusface) to discuss the emerging cyber challenges facing the insurance industry. He highlights how cybercrime marketplaces are lowering barriers for attackers, the rise in third-party and internal risks, and other evolving threats shaping security priorities for insurers.

In this episode, Dr. Pawan Jawla, Chief Mission Security Officer at Tata AIA, shares what truly keeps security leaders awake at night while protecting mission-critical insurance systems. From the rise of low-cost ransomware and evolving fraud techniques, to meeting Government of India, DCI, and insurance-specific compliance standards. We also explore why security audits should be treated as gap-finding, not fault-finding, the persistent confusion around data ownership inside enterprises, and why, despite massive investment, 95% of organizations still struggle to see ROI from AI.

A critical XXE vulnerability, CVE-2025-66516, has been discovered in Apache Tika, putting any workflow that processes PDFs at serious risk. A malicious PDF can trigger the exploit through any Tika workflow, silently giving attackers access to sensitive files, internal URLs, cloud metadata, and your internal network. AppTrana blocks these malicious PDFs at the edge, keeping your data and internal systems secure.

New XSS vulnerability in Apache SkyWalking! CVE-2025-54057 enables stored script injections that steal sessions and manipulate dashboards. Fix + protection steps inside.

With over 32,000 security incidents reported by U.S. federal agencies in the past year, cyber risks are growing in scale and complexity. NIST SP 800-53 r5 provides a comprehensive framework of security and privacy controls to help organizations manage risk, protect critical systems, and maintain regulatory compliance.

Achieving FedRAMP compliance is complex, but AppTrana WAAP simplifies it. This video explains how AppTrana delivers continuous vulnerability scanning, attack prevention, SIEM-friendly audit logs, real-time incident response, and automated remediation through SwyftComply. Perfect for CISOs, compliance teams, and cloud security leaders preparing for FedRAMP audits.

CVE-2025-55752 exposes a dangerous path traversal flaw in Apache Tomcat caused by a rewrite and decoding regression. This video breaks down how the bug works, why it becomes severe when combined with HTTP PUT, which versions are affected, and what teams must do to patch or mitigate it. We also show how WAAP protection blocks exploitation attempts even before servers are updated.

Discover what it takes to secure Aadhaar, the world’s largest digital identity system. This teaser dives into the massive responsibility behind protecting over a billion citizens’ data powered by strict privacy guardrails, zero-trust principles, encryption, biometric template protection, and privileged access management at national scale. In this clip from Guardians of the Enterprise, Nishith Kumar Datta (Head of Cybersecurity & InfoSec, Titan) shares his insights on the challenges and discipline required to secure such a critical national platform.

The Django Software Foundation has released critical security fixes for CVE-2025-64459 (SQL Injection) and CVE-2025-64458 (Denial of Service) vulnerabilities. These vulnerabilities affect query construction and redirect handling in Django, putting applications and data at risk. See how AI-powered AppTrana stops these attacks from Day 0.

SessionReaper (CVE-2025-54236) is one of the most dangerous vulnerabilities discovered in Adobe Commerce and Magento Open Source. This pre-authentication flaw enables attackers to hijack customer sessions and, in many real-world setups, escalate to remote code execution (RCE), allowing them to drop persistent PHP web shells on your servers.