Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This release raises the bar for enterprise-grade vulnerability and exposure management. We’re delivering on the promise of smarter, faster risk reduction powered by automation, enriched data, and operational depth. From fix-level SLA tracking to scalable API workflows and stakeholder-ready reporting, every enhancement is designed to help teams do more with less, and prove it. Here’s a breakdown of some of the major product updates from Q2 2025.

2025 has been a summer of high-profile breaches. This post will focus on four notable and high-profile victims: Chanel, Google, Air France, and KLM. Although the companies and exact data sets differ, these breaches share a clear pattern: attackers compromised third-party CRM / customer-service platforms as part of a wider Salesforce-focused vishing/social-engineering campaign. From there, they exfiltrated customer-care records such as contact details, loyalty IDs, and customer-service email content.

This research explores an unconventional malware delivery vector, demonstrating how trusted creative software tools can be repurposed to deliver payloads in ways that bypass common defences, user expectations, and AI-based analysis. The work concludes with the creation of a successful Proof-of-Concept (PoC) for code execution and AV/EDR evasion using the open-source 3D software suite Blender.

Just do it. Think different. The happiest place on earth. Nike, Apple, Disney are three iconic brands that have forever cemented themselves in our consciousness. How did they get there? A catchy slogan? A flashy logo? Sure, while slogans and logos change over time, they still make an impact. But what truly secures a brand’s reputation is trust. And trust is built over years, even decades, through consistency, authenticity, and relentless effort.

‍ ‍Cyber risk quantification (CRQ) is the process of attributing numerical values to a cyber event's impact on an organization. When defined in financial terms, these values enable enterprises to assess and manage their cyber risks at the operational level.

‍Cyber risk quantification (CRQ) is the process of translating cyber intelligence, both organization-specific and external, into measurable business terms. Typical high-level outputs include Average Annual Loss (AAL), or a business's expected financial loss from cyber events, and the Annual Events Likelihood. With CRQ, cyber governance, risk, and compliance (GRC) leaders can also drill down into more granular metrics for additional, scenario-specific context.