Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Yes. If your website is accessible in the EU and collects any user data—through forms, cookies, session recordings, pixels, or embedded scripts—then GDPR likely applies. But compliance isn’t as simple as publishing a privacy policy or showing a cookie banner. Modern web apps expose personal data through invisible front-end technologies like third-party JavaScript, ad tags, tag managers, and behavioral trackers.

Spotting threats fast and knowing whether they really matter is the name of the game in cybersecurity. That’s where user and entity behavior analytics (UEBA) comes in, and why Sumo Logic’s latest innovation, historic baselining, is a big deal. With this release, Sumo Logic has turned the old UEBA model on its head, delivering insights that used to take weeks of learning time in just minutes. Here’s how and why that’s a game changer.

Security debt is a pervasive challenge affecting organizations of all sizes, and it’s only growing. According to the 2025 State of Software Security Report (SoSS), 74% of organizations have accrued security debt, with nearly half of this security debt being critical in nature. This accumulation of unresolved flaws, especially severe ones, poses long-term risks to an organization’s resilience and effectiveness.

Netskope Threat Labs is pleased to announce the release of a new open-source tool that detects supply chain attacks. Our new tool, Behavioral Evaluation of Application Metrics (BEAM), requires no endpoint agent deployment and will analyze the network traffic you are already capturing in your organization to determine if your applications are communicating with unusual hosts that could be part of an attack. This tool is the subject of a 2025 Black Hat USA briefing.

Secure Web Gateways (SWGs) have become a cornerstone of enterprise security. They filter web traffic, enforce policies, and block known threats. But as attackers get smarter, many organizations are realizing one hard truth: a Secure Web Gateway alone is not enough.

To keep pace with rapidly evolving threats and the decreasing breakout times of attackers, the LevelBlue security operations team leverages multiple tools and key partnerships to shorten the time between detection and response. Below are some examples of the tools used by our SOC and some of the circumstances in which each tool would be used.

Enterprises deploying AI agents and LLMs often look to prompt scanning as their first line of defense against privacy and security breaches. The idea is simple: analyze the text of the user’s prompt before it reaches the model, detect it for sensitive keywords or patterns, and block the sensitive words that may trigger a security or compliance issue. Enterprises thought this was a safe around, till they walked into unexpected issues.

Artificial intelligence (AI) is not a new concept or technology in the world of cybersecurity. It’s been iterated and utilized by security professionals for decades. But as both cybersecurity technology and cyber threats continue to advance, AI is being adopted by organizations at a rapid pace, all of whom seek to harness AI’s power to automate, advance, and empower their security.

As organizations move to the cloud, ensuring robust data security and privacy controls has become a top priority. Encryption is crucial for any organization’s cloud security and data sovereignty strategy; however, who controls the encryption keys can significantly affect the effectiveness of these measures.

Learn why deterministic security remains essential in an AI-driven world and how GitGuardian combines probability and proof for safe, auditable development.