Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security teams are frequently asked to provide clear, time-bounded evidence of their organization’s security posture. Whether the request comes from external auditors validating SOC 2, ISO 27001, PCI DSS, or internal governance reviews, they typically require collecting vulnerability data from multiple tools, reconciling resource lists, and manually generating spreadsheets for auditors. This process is slow, error-prone, and difficult to repeat consistently.

The Calico community moves fast. With the releases of Calico 3.30 and 3.31, brings improvements in scalability, network security, and visibility. Now, we want to see what YOU can do with them! We’re excited to officially invite you to the Project Calico 3.30+ Community Hackathon. Whether you’re a seasoned eBPF expert or a newcomer to the Gateway API, we welcome your innovation and your ideas!

Today, Mend.io is proud to announce the launch of AI Agent Configuration Scanning, integrated directly into the Mend AI Scanner. By treating “Agents as Code,” we are bringing security visibility and CI-friendly enforcement to AI configurations before they reach production The rapid adoption of AI agents has transformed the modern developer workflow.

I’ve worked as a threat hunter in several Black Hat Security Conference Network Operations Centers (NOCs) across the globe. So I didn’t expect to be surprised by much when signing on to be a part of the NOC for SCinet—a conference that has the “fastest conference network in the world.” And yet I was surprised by just how diverse the SCinet NOC team was, how collaborative the environment was, and how much we were able to achieve with automation in such a short amount of time.

The promise of AI-driven development is speed. But security teams face a binary choice: slow down the AI train to ensure safety, or let it run wild and accumulate risk. At Snyk, we believe you shouldn't have to choose.

A detailed comparison of CYJAX and SOC Radar, exploring differences in automation, analyst-led investigations, RFIs, and intelligence depth to help security teams choose the right CTI platform. When organisations evaluate cyber threat intelligence platforms, the differences often go far beyond feature lists. They come down to philosophy, depth, and how intelligence is actually used in high-pressure environments.

When we talk about HIPAA compliance for dental offices, we’re not talking about theory or paperwork. We’re talking about patient privacy, regulatory exposure, and whether a practice can keep operating when something goes wrong. HIPAA is no longer a “back-office” concern—it’s a core part of running a modern dental practice.

The rapid adoption of Large Language Models (LLMs) is transforming how SaaS platforms and enterprise applications operate. From embedded copilots and automated support agents to internal knowledge-base search and workflow automation, organisations are increasingly integrating LLM APIs into existing services to deliver faster and more intuitive user experiences.

Cybercriminals are abusing legitimate invoices and dispute notifications from popular services to send scam emails that bypass security filters, according to researchers at Kaseya’s INKY. The attackers have used this technique to impersonate PayPal, Apple, DocuSign, HelloSign, and others. “These platforms often allow users to enter a ‘seller name’ or add a custom note when creating an invoice or notification,” the researchers write.

There's a moment in every security professional's career when they realise the game has fundamentally changed. Mine came last Tuesday at 3:47 PM, watching my colleague Erich argue with an AI agent about expense policy while simultaneously being phished by what I'm 87% certain was another AI agent pretending to be from IT. We’ve spent decades building security models around a simple premise: humans work here, threats exist out there, and our job is to build bigger walls between the two.