Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The rise of generative AI has fundamentally changed how we work, create, and collaborate. But as organizations rush to integrate AI tools into their workflows, they're inadvertently creating entirely new categories of data risk that traditional security measures weren't designed to handle.

Today at re:Inforce Amazon Web Services (AWS), unveiled an enhanced version of AWS Security Hub which will enable organizations to surface and prioritize active risks in their cloud environment. Security Hub transforms security signals into actionable insights and offers intuitive visualizations and natural language summaries. Tines will offer workflow orchestration and automation for this enhanced version of Security Hub.

Technology plays a vital role in supplier networks and digital ecosystems today. While supply chains used to be primarily physical, digitalization has improved efficiency but also introduced new cybersecurity risks that are often overlooked. As software and digital service providers are often integrated into organizations’ environments, they have become prime targets for cybercriminals looking to scale their attacks.

In enterprise IT, there’s a familiar story: moving applications to the cloud is easy—but securely connecting cloud workloads isn’t. Cloud migration is no longer a question of if, but how fast enterprises can make the shift. As of 2025, an estimated 67% of enterprise infrastructure runs in the cloud, highlighting the widespread adoption of cloud hosting and infrastructure services worldwide.

This past month, the Vanta team launched new features to help you: ‍

Penetration testing (“pentesting”) has shifted from a once-a-year checkbox to a continuous necessity. In fact, by 2025 the pentesting industry is expected to hit $4.5 billion as companies race to find vulnerabilities before attackers do. Yet 38% of companies only run 1–2 pentests per year – leaving long gaps where new flaws can creep in. That’s a dangerous game when 73% of breaches involve exploiting web app vulnerabilities.

The digital era has spurred organizations to rethink how they protect sensitive data, necessitating a robust and holistic approach to security. Although ISO 27001 is widely recognized as a framework for managing IT security, forward-thinking leaders are discovering that its principles can be extended far beyond IT departments.

This blog has been adapted from a section of 1Password’s ebook: Why SSO is not enough for identity security. To read the complete ebook, click here. Single sign-on (SSO) solutions integrate with a company’s identity provider (IdP) to allow users to authenticate to multiple applications via a single log-in. By reducing the number of access points and employee credentials, SSO reduces a company’s attack surface.