Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Application security scanners generate endless alerts, but most don’t translate into real risk. Meet Sera, Jit’s AI-powered Security Evaluation and Remediation Agent. Sera automatically connects scanner findings, uncovers toxic combinations, and explains exploitable attack paths—saving AppSec teams hours of manual investigation. See how AI Agents eliminate noise, automate investigations, and deliver clarity so your team can focus on what matters.

Security researcher and analyst Jon Oltsik examines how some companies go too far with automation and capabilities, stressing the need for alignment between security and IT operations.

PSA: AI is NOT your safe space. That “quick question” you typed into an AI chatbot? It could be stored, reviewed, or used for training. Oversharing puts your data at risk. Protect yourself by keeping personal, financial, and work info out of chat prompts. Think before you prompt!

An overview of Role-Based Access Control (RBAC) in Sophos Central. Learn about the predefined roles for admins, how to manage role members, and the steps to create a custom role. Ask questions and get expert answers in the Sophos Community.

The 2025 review closes with a look at boundaries, where work still sits at the centre of life for many in cybersecurity. Flipping that script, so family, health and friends hold the core and work fits around them, offers one of the strongest answers to long term stress and burnout in security.

Since 2018, GitGuardian has been scanning for secrets added to GitHub public repositories. When a secret is found, GitGuardian hashes it and stores only a fingerprint of the secret. That fingerprint is what you can search against to verify whether any of your secrets have leaked in public repositories, gists, or issues on GitHub. This service is called Has My Secret Leaked, and in ggshield you’ll see it as the HMSL commands. There’s also a web interface, but in this section we stay in the terminal and use ggshield end to end.

“In 2024, at least 35.5% of all data breaches originated from third-party compromises.” Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Nick Schneider (President & CEO, Arctic Wolf) for this discussion on: SecurityScorecard monitors and scores over 12 million companies worldwide.

If you wouldn’t hand your house keys to a delivery driver, why hand your credentials to AI? In this Principles in Practice video, Anand Srinivas, VP of Product & AI at 1Password, explains a critical rule for secure AI use: Raw credentials should never be shared with large language models. Instead of sharing secrets, use them securely: Don’t send raw credentials over the data channel of a protocol like MCP Use proxies and secure autofill instead of sharing secrets Keep credentials out of prompts, embeddings, and fine-tuning data.