Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Top tips is a weekly column where we highlight what’s trending in the tech world and share ways to stay ahead. This week, we’re uncovering the truth about app deletion, why removing an app from your phone doesn’t always mean your data is gone, and how to make sure your personal information doesn’t keep following you long after you’ve tapped uninstall. I recently found myself staring at my phone’s home screen. It felt cluttered.

Looking to understand the difference between a Secure Web Gateway (SWG) and a Cloud Access Security Broker (CASB) so you can make the right security investment? This blog breaks down how each technology works, its key business benefits, and provides a clear decision framework.

Unrestricted Resource Consumption (API4:2023) is the only threat category in the OWASP API Security Top 10 explicitly dedicated to Denial of Service (DoS) and resource abuse. But despite being just one category, attackers can exploit it in many different ways; from large file uploads and expensive GraphQL queries to abuse of metered third-party services like SMS gateways or AI/LLM APIs.

Arctic Wolf recently introduced its AI Security Assistant, a cutting-edge generative AI security assistant designed to enhance security operations within the Aurora Platform. This innovative tool is now in beta and promises to deliver deeper security expertise instantly to users.

Learn to create custom detection rules in Elastic Security following real detection use cases. This blog will guide you through creating custom detection rules in Elastic Security, equipping you with best practices for using Elasticsearch Query Language (ES|QL) and Elastic AI Assistant to refine threat detection logic and add crucial context for analysts. You’ll learn how to effectively preview, test, and enhance your rules, ultimately strengthening your security operations.

On July 31, 2025, just as Portugal entered the peak of another intense wildfire season, João Pina, also known as Tomahock, received an automated alert from Cloudflare. His volunteer-run project, fogos.pt, now a trusted source of real-time wildfire information for millions across Portugal, was under attack. One of the several alerts fogos.pt received related to the DDoS attack.

Most businesses do not set out wanting to change MSPs. They make the choice once, sign the contract, and hope they never have to think about it again. The whole point is to make IT easier, to have someone else deal with the problems so the business can get on with its job.

Active Directory synchronization aligns on-prem and cloud identities, supporting secure access, policy consistency, and operational efficiency in hybrid environments. It enables unified authentication, automates provisioning, and enforces governance across platforms. Netwrix Directory Management enhances this with end-to-end synchronization, real-time updates, access reviews, and password policy enforcement—without third-party connectors.

Identity Lifecycle Management governs digital identities across their full lifecycle, automating provisioning, access changes, and deprovisioning. It enforces least privilege, synchronizes identity data, and integrates with HR, IAM, and SIEM systems. Role-based controls, audit trails, and policy-driven workflows ensure secure, compliant access across hybrid environments and machine identities.

If you regularly work across IDEs, you’ve probably noticed how security tools often behave inconsistently. One plugin might work well in VS Code but feel clunky in PyCharm or Visual Studio. We set out to change that. The Veracode Scan plugin delivers a consistent, reliable experience across VS Code, JetBrains IDEs, Eclipse, and Visual Studio — helping developers focus on writing secure code, not troubleshooting plugins.