%term

An Introduction to the NIST Risk Management Framework (RMF)

Apr 24, 2026 By Jeff Darrington In Graylog

While inherently critical to today’s businesses that run on data, implementing and enforcing data security and privacy has never been straightforward. Between collecting different types of sensitive data and deploying unique architectures, organizations cannot adopt a one-size-fits-all solution, meaning that every security architecture is unique.

Read Post

Graylog

Read more about An Introduction to the NIST Risk Management Framework (RMF)

How to Use the MITRE ATT&CK Framework as a Shared Language for SOC, CTI, GRC, and Leadership

Apr 22, 2026 By Emma Stevens In BitSight

Picture the first meeting after a serious security event. The Security Operations team is talking about alerts, detections, and lateral movement. Threat Intelligence is talking about adversary tradecraft and known campaigns. Governance and Risk is talking about control gaps, exposure, and business risk. And leadership? They only care about how bad this event is, and what the team is doing about it. Security teams often agree on the mission: deter and stop threat actors at all costs.

Read Post

BitSight

Read more about How to Use the MITRE ATT&CK Framework as a Shared Language for SOC, CTI, GRC, and Leadership

Obrela's 2025 Digital Universe Report highlights shift to stealthy, identity-driven cyberattacks

Apr 21, 2026 By Obrela In Obrela

London, 21st April - Obrela has released its Digital Universe Report 2025, revealing a significant shift in the global cyber threat landscape as attackers move away from high-volume attacks toward more targeted, stealth-driven techniques focused on identity, access and persistence.

Read Post

Obrela

Read more about Obrela's 2025 Digital Universe Report highlights shift to stealthy, identity-driven cyberattacks

What Keeps CISOs Up at Night: Cybersecurity Risks in 2026

Apr 21, 2026 By Gary Perkins In CISO Global

“ From AI-driven threats to identity-based attacks, CISOs are facing increasing pressure to manage risk while enabling business growth.“

Read Post

CISO Global

Read more about What Keeps CISOs Up at Night: Cybersecurity Risks in 2026

How Third-Party Development Partners Become Your Biggest Security Liability

Apr 21, 2026 By SecuritySenses In SecuritySenses

Third-party development partners offer real advantages: faster delivery, specialised expertise, and lower costs than building an in-house team. They also expand your attack surface in ways most organisations never fully account for. When an external team builds or modifies your systems, they bring with them their own tools, practices, access levels, and vulnerabilities. The question is not whether that creates risk. It is whether your organisation is managing it deliberately or leaving it to chance.

Read Post

SecuritySenses

Read more about How Third-Party Development Partners Become Your Biggest Security Liability

Penetration Testing as a Tool That Reveals the Real State of Cybersecurity

Apr 20, 2026 By SecuritySenses In SecuritySenses

Most security measures are built on the assumption that if something is configured correctly, it is secure. But there is a big difference between "configured" and "able to withstand an attack" - a gap that cannot be seen without practical testing. Penetration testing is not just another item on a compliance checklist; it is a way to get an honest and realistic answer to the question that truly matters to a business: can an attacker reach what is most important to us?

Read Post

SecuritySenses

Read more about Penetration Testing as a Tool That Reveals the Real State of Cybersecurity

Navigating the Post-Mythos Landscape with Bitsight

Apr 17, 2026 By Greg Keshian In BitSight

The rise of AI-driven vulnerability discovery using Anthropic's Claude Mythos, as well as similar tools from Google and OpenAI, is completely changing the calculus of cyber risk. The number of vulnerabilities is exploding. The time it takes for exploits to appear is shrinking. The patching cadences and scan intervals, assessments and risk registers that many organizations still rely on are rapidly becoming ineffective.

Read Post

BitSight

Read more about Navigating the Post-Mythos Landscape with Bitsight

Why we can't have nice things! ...Or can we?

Apr 16, 2026 By CultureAI Team In CultureAI

On 7th April 2026, Anthropic published a system card for an AI model we may never be allowed to use: Claude Mythos. This preview demonstrated a significant leap in capability over Anthropic’s previous Claude Model (Opus 4.6), and their Responsible Scaling Policy (RSP) v3.1 led to them making the decision to withhold it from general availability, serving as a "defensive only" asset.

Read Post

CultureAI

Read more about Why we can't have nice things! ...Or can we?

Analyzing the RondoDox Botnet: A DDoS and Mining Threat

Apr 16, 2026 By João Godinho In BitSight

A few weeks ago we published the first part of this series where we described the infrastructure used by the RondoDox threat actors to scan and exploit vulnerable systems. In this second post we’ll take a deep dive into the malware that is deployed into vulnerable systems. Specifically, we’ll look at the initial implant used to fetch the RondoDox binary and the binary itself, detailing its behaviour, how it communicates with the Command and Control (C2), and its malicious capabilities.

Read Post

BitSight

Read more about Analyzing the RondoDox Botnet: A DDoS and Mining Threat

The Transformation of Third-Party Risk Management from SecurityScorecard

Apr 16, 2026 By SecurityScorecard In SecurityScorecard

Ready for the future of Third-Party Risk Management (TPRM)? The supply chain is a growing target, but you can fight back. That world is here with the transformative, threat-informed SecurityScorecard TITAN AI Platform. Imagine a world where you go beyond checking compliance boxes by actively mitigating and eliminating risk with continuous, AI-accelerated, and predictive TPRM that allows you to gain visibility and prioritize threats more effectively. Learn more about the TITAN transformation.

View Video