Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

At Black Hat last year, we sat down with Kevin Mandia to talk about what's coming. His take: offense is going to accelerate with AI. Not slow down. Not plateau. Accelerate. When you've run more red teams than practically anyone on the planet, the pattern is clear. Getting into a victim network is already a race. AI compresses those time frames further. The attack surface isn't changing. Misconfigurations, things that slipped, controls that were on and got turned off. The entry point stays the same. AI just makes the race to exploit it faster.

Zscaler Secure Internet Access (ZIA) provides powerful secure access, inline inspection, decryption, and data loss prevention capabilities. But as your security and IT environments scale, and security controls change, Zscaler ZIA protections can drift away from established baselines, increasing your risk and leaving you open to attack. Reach analyzes your Zscaler ZIA controls to find and fix misconfigured controls, activate unused capabilities, and stop configuration drift. This hardens your defenses and protects you against fast-moving adversaries.

Microsoft Defender for Office 365 is powerful out of the box. The problem? Configurations drift. IT teams make changes the security team doesn't know about. Anti-phishing policies weaken. Safe Links gaps open up. And AI-powered attackers are finding those openings faster than any team can manually catch them. Reach analyzes your Microsoft Defender for Office 365 controls, activates underutilized capabilities, remediates misconfigurations, and keeps your deployment aligned to your security baseline continuously.

Garrett Hamilton recently presented at the North Texas ISSA Lunch & Learn in Plano, TX to talk about what risk reduction actually looks like in practice. Reach shows customers exactly which controls they've deployed, the user impact of those changes, and how much risk has been reduced across IAM, EDR, email, firewall, and SASE. Not feature checklists. Targeted, measurable outcomes tied to the business.

New year, new faces, big goals. To close out 2025 and open 2026, we welcomed 43 new team members across engineering, sales, customer success & solutions, marketing, and operations. Reach was founded to close the gap between knowing where you're exposed and actually fixing it. That mission doesn’t scale without the right people. Growth is exciting, but aligned growth—with the right people, at the right time, for the right mission—is what really matters.

Microsoft Defender for Office 365 protects against phishing, malware, and malicious links across email and collaboration tools. But as environments scale and settings are changed, your Defender security controls can drift away from security baselines and degrade your security posture. Reach continuously analyzes your Defender deployment to find and fix misconfigurations, activate unused capabilities, and stop configuration drift.

Garrett Hamilton, CEO & Co-Founder of Reach, joined Bryce Carter, CISO for the City of Arlington, at the NTX ISSA Lunch & Learn in Plano, TX — a practical, operator-focused discussion with the local security community.

Security tools don’t usually break. They just slowly stop doing what you think they’re doing. Or perhaps were never set up to do what you needed in the first place. Something got deployed. It worked. Then it drifted. No one noticed. And three years later, you’re questioning the renewal because you’re not even sure what it’s protecting anymore. That’s configuration rot. Thanks to Julian Lee at eChannelNews for the fun, thoughtful and much needed conversation on this topic and more.

We really enjoyed our conversation with Ed Amoroso from TAG Infosphere. We didn’t start Reach to chase headlines. We started it because the hard security problems weren’t getting solved. The important ones rarely are. Security only works when incentives are aligned to the customer’s actual outcome. Not noise. Not theater. Not (exclusively) shiny tools. That alignment is what makes the work worth doing.

“IT giveth. Security taketh.” A topic examined in a print interview with Colt Blackmore, co-founder & CTO of Reach Security, written by Dan Raywood at Security Boulevard: ︎ The long-standing friction between IT enablement and security restriction︎ Configuration drift as the quiet divergence between intended and actual state︎ How incremental change accumulates into measurable risk︎ The challenge of maintaining alignment in complex, fast-moving environments︎ Why drift often remains invisible until consequences surface.