Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

LLMs leave statistical fingerprints in the passwords they generate. We built a 100-year-old model to find them and detected 28,000 in the wild.

In today’s threat landscape, cybersecurity is no longer defined by the ability to detect and respond to isolated incidents. It is defined by how organizations perform under pressure, when faced with coordinated, AI-enabled, multi-vector attacks that test not only technology, but leadership, governance, and trust. Recently, Obrela had the opportunity to support a national-level cyber security drill in Qatar, working alongside our partner ecosystem.

Accelerating security solutions for small businesses‍ Tagore offers strategic services to small businesses. A partnership that can scale‍ Tagore prioritized finding a managed compliance partner with an established product, dedicated support team, and rapid release rate. Standing out from competitors‍ Tagore's partnership with Vanta enhances its strategic focus and deepens client value, creating differentiation in a competitive market. Vanta is now FedRAMP 20x Moderate authorized. ‍

When Broadcom completed its $69 billion acquisition of VMware in November 2023, most customers assumed the initial disruption would settle. Licensing models would stabilise. Partner programmes would find a new equilibrium. Pricing would normalise. Two years in, it’s clear that didn’t happen.

LevelBlue is proud to be named at the Intelligent Insurer Cyber Insurance Awards US 2026, earning Cyber Security Consulting Services Provider of the Year and being recognized as Highly Commended for the Cyber Security Solution Provider of the Year. These recognitions reflect the continued evolution of the cybersecurity landscape and the growing importance of strong collaboration between insurers, enterprises, and security providers.

Banks, payment processors and fintechs have long relied on Know Your Customer (KYC) processes to verify identity and assess the risk of doing business with the customer during onboarding, and on Know Your Business (KYB) processes to validate business legitimacy. But today, that’s no longer enough.

In the first quarter of 2026, government-directed shutdowns figured prominently, with prolonged Internet blackouts in both Uganda and Iran, a stark contrast to the lack of observed government-directed shutdowns in the same quarter a year prior. This quarter, we also observed a number of Internet disruptions caused by power outages, including three separate collapses of Cuba's national electrical grid.

Your security team sees an MCP tool server throw an error. Your APM dashboard shows a latency spike. Your logs capture the JSON-RPC request with its method name and parameters. But none of that tells you whether the tool just read a harmless config file or dumped credentials to an external IP. Traditional observability tools—the APM platforms, the OpenTelemetry traces, the centralized logging pipelines—track performance across your Model Context Protocol deployments.

In August 2025, a vulnerability chain in NVIDIA Triton Inference Server was found that allowed an unauthenticated remote attacker to send a single crafted inference request, leak the name of an internal shared memory region, register that region for subsequent requests, gain read-write primitives into the Triton Python backend’s private memory, and achieve full remote code execution. The exploit chain ran entirely through Triton’s standard inference API. No anomalous traffic volume.

A platform team at a mid-size SaaS company runs three LangChain agents and one AutoGPT-derived planner on EKS. LangSmith is wired in. OpenTelemetry traces flow into their observability stack. Falco runs on every node. The setup is what most security teams would consider thorough. A pip dependency in one of the agents’ tool packages ships a malicious update.