Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Sisense powers analytics experiences inside the applications businesses rely on every day. As an API-first platform, securing those connections is critical, especially as AI agents increasingly operate through APIs to access data and trigger workflows. In this conversation, Sangram, CISO and VP of IT at Sisense, and Michael Callahan, CMO at Salt Security, discuss how Sisense approached API security strategically to protect their platform, maintain customer trust, and support innovation in the Agentic AI era.

Organizations put in place firewalls, antivirus, intrusion detection and prevention systems, but the bad guys still get in and wreak havoc – often through the front door. Teams need to put strict controls and governance around all identities with access to resources to defend against insider threats.

What looks like a simple coding task can quickly turn into a real cyberattack. In this demo, we show how a modern malware-free attack works step by step. It starts with something that feels completely normal: a job interview and a small coding assignment. No suspicious files. No obvious malware. But once the script is executed, everything changes. You’ll see how adversaries use trusted tools like Git, Notepad, and Python to gain access, establish command and control, and move inside an environment without being detected at first.

Your CI pipeline enforces tests, security scans, and policy checks before code hits production. But your backups? Still running on a schedule, completely disconnected from your deployments. In this video, I'll walk you through how to use Rubrik's powerful APIs to build what I'm calling "Backup as Code": a GitHub Action that triggers an on-demand Rubrik snapshot of your GitHub repository every time code is merged into the main branch. We'll look at the action code, wire it up to a live repo, and watch the whole thing run end to end.

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

In this episode of the Cyber Resilience Brief, we shift from chaotic cybercriminals to the calculated world of Russian nation-state threat actors—breaking down the three agencies that dominate Russia’s cyber operations: the GRU, SVR, and FSB. What many organizations mistakenly treat as a single “Russian threat” is actually a complex ecosystem of competing intelligence agencies—each with distinct goals, tactics, and operational philosophies.

Training Video Series: Identity Manager 10 LTS Upgrade.

Joseph Hall, Threat Intel Expert, talks with host, Gary Perkins and shares useful tips for companies to avoid being owned.

Learn more: http://splunk.com/top-50-security-threats

In this episode of This Week in NET, host João Tomé is joined by Michelle Chen from Cloudflare’s AI product team to discuss the rise of open models, the launch of Kimi 2.5 on Workers AI, and why enterprises are rethinking the cost of proprietary AI.