Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This step-by-step video tutorial walks you through the complete configuration of the miniOrange SAML SSO for Confluence plugin using a Custom Identity Provider. Learn how to set up secure Single Sign-On (SSO) for your Confluence users, verify the integration, and experience seamless login using your Custom IdP. Timestamps: With this plugin, you can: Enable secure login to Confluence using your Custom IdP credentials Configure SAML responses and user attributes as per your IdP Map IdP user groups to Confluence roles for access control Improve user experience with seamless authentication.

The GPT 5.1 Codex Max Announcement...

PCI compliance has never been about passing a single audit and forgetting about it until next year. In our recent PCI DSS 4.0 session, author Branden R. Williams explained why point-in-time assessments create a false sense of security. Passing a compliance report doesn't mean you'll still be compliant two days later if something changes. Configuration drift happens. Systems change. Sometimes it's accidental. Other times, organizations deliberately configure things to pass an assessment, then revert to their old ways afterward.

On this episode of The Cybersecurity Defenders Podcast we speak with Erik Bloch, VP of Security at Illumio, about better tools to combat burnout rate and discuss the reality of AI in security. Erik Bloch has 30+ years of information and cyber security experience, both as an IC and as a leader of teams. “People first” has always been his approach. He has led entire security and IT functions at smaller companies, and been the CISOs leading big teams at larger orgs.

Why are scam ads and phishing sites still everywhere? Despite the tech, resources, and talent in cybersecurity, we still find ourselves playing catch-up instead of leading the charge. One of the reasons? The industry's reactive nature and the fragmented state of intelligence sharing. In the latest episode of The Connectivity Cloud Podcast, Vladimir Krupnov and Blake Darché explore how companies like Revolut are pushing for a more proactive, collaborative, and disruptive approach to cyber defence.

Is passwordless authentication finally ready for prime time, or are we just replacing one set of problems with another? Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I’m Jim and in this episode, we’re tackling one of the oldest challenges in information security: identity and access management.

Identity is now a frontline control. Align MFA, governance, and zero trust so daily operations resist account takeover and policy drift.

Moderated by Nicole Perlroth, this session at UC Irvine’s Digital Leadership Agenda 2026 surfaces a foundational reality in cybersecurity: Most organizations lack a clear, empirical understanding of how their security is actually deployed. Our Co-founder & CEO Garrett Hamilton outlines: Why proactive security remains difficult — because accuracy depends on conversations, assumptions, and fragmented knowledge across IT and security teams.

In this Masters of Data episode, we welcome back Zoe Hawkins and Roland Palmer to discuss building better security practices through small, incremental improvements personally and professionally. We emphasize regularly auditing security policies to avoid unnecessary friction that forces workarounds, treating security as sociology rather than just technology. We cover practical approaches like habit-stacking, weekly business reviews, staying informed about threats through intentional news consumption, and developing cognitive humility with security prompts.

For years, security lists focused on technology (Cloud , Mobile , Serverless ). We desperately needed a list that focused on the core problem: flawed application logic, regardless of the stack. The OWASP Top 10 Business Logic Abuse (BLA) list fills that critical, architectural gap. Why? Because exploitation often happens between technologies, not within them. We must be able to categorize and talk about these intricate logic threats in a technology-agnostic way.