Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Misconfigurations Are Still Owning Security Teams

Dec 16, 2025 By Reach Security In Reach Security
Garrett Hamilton sat down with Todd Graham, Managing Partner at Microsoft’s venture fund, M12, to talk about why M12 invested in Reach and why our mission was a no-brainer for him. Nation-state attacks make the headlines—but most people are getting owned by misconfigured servers, networks, and controls hiding in plain sight. Turns out the problem isn’t what teams don’t own. It’s what they do own that isn’t, in most cases, even turned on.
View Video

Why "We Thought It Was On" Keeps Leading to Breaches

Dec 16, 2025 By Reach Security In Reach Security
At UC Irvine’s Digital Leadership Agenda 2026, moderated by Nicole Perlroth, Garrett Hamilton illustrates what those blind spots can look like: “We believed it was deployed.”“It was turned on.”“It should have stopped this.” Except one exception, one policy gap, one control not applied at scale — and assumptions replace reality. The real problem isn’t visibility. It’s continuously validating intent against execution.
View Video
foresiet

The New Mandate: CISA CPG 2.0 and the Evolution of Critical Infrastructure Security

Dec 16, 2025 By Foresiet In Foresiet
The digital threats facing critical infrastructure—from energy grids and water treatment plants to hospitals and financial systems—are no longer theoretical. Nation-state actors and organized cybercrime are relentlessly targeting these essential services. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has responded with the updated Cybersecurity Performance Goals (CPG) 2.0, moving the industry beyond simple compliance toward verifiable cybersecurity resilience.
Read Post
Tines

5 reasons patch management stalls and what modern IT teams can do to fix it

Dec 16, 2025 By Megan Elsayed In Tines
Patch management is one of those responsibilities everyone agrees is essential, yet very few teams feel confident about. The organizations I speak with every week are not struggling because they lack urgency or awareness. They are struggling because the environment around patching has changed dramatically.
Read Post
sumologic

Platform enhancements strengthening security across every child org

Dec 16, 2025 By Margaret Selid In Sumo Logic
Multi-org environments introduce complexity that most tools simply weren’t built for. Analysts are often forced to jump between different orgs, duplicate configuration work, and maintain parallel dashboards, alerts, and content–inefficiencies that increase risk, overhead, and time-to-response. Every minute spent managing infrastructure is one you’re not spending serving your clients or responding to threats.
Read Post
sumologic

Questions to ask before vetting an AI agent for your SOC

Dec 16, 2025 By Margaret Selid In Sumo Logic
So you’re ready to “hire” an agent or two for security operations. While AI agents won’t replace your human analysts, they are quickly becoming indispensable team members. Choosing the right ones should resemble a typical hiring process: you need to determine if they possess the necessary skills to fill your team’s gaps, work effectively with others, and grow with your organization. Here are five questions worth asking before you bring an AI agent on board in your SOC.
Read Post

Cybersecurity Predictions 2026: What Security Leaders Learned in 2025

Dec 16, 2025 By Cloudflare In Cloudflare
In this special compilation episode of The Connectivity Cloud Podcast with Cloudflare, Lia Kazandzhieva, Marketing Campaign Manager at Cloudflare revisits the most impactful conversations from 2025 with leading CISOs and security experts to distill the lessons that will define 2026 and beyond. What You'll Learn.
View Video

Proactive WAF Vulnerability Protection & Firewall for AI + Multiplayer Chess Demo in ChatGPT

Dec 16, 2025 By Cloudflare In Cloudflare
In this episode of This Week in NET, we talk with Daniele Molteni, Director of Product Management for Cloudflare’s WAF, about how Cloudflare responded within hours to a newly disclosed React Server Components vulnerability — deploying global protection before the public advisory was even released.
View Video

Fireside Chat: LevelBlue + Tenable Partnership - Unlimited Vulnerability Scanning at No Cost

Dec 16, 2025 By LevelBlue In LevelBlue
Discover how LevelBlue and Tenable are transforming cybersecurity in this exclusive fireside chat featuring Michael Vaughn, Director of Product Management at LevelBlue, and Greg Goetz, VP of Global Strategic Partners at Tenable.
View Video

Ep 23: How to bootstrap your AppSec program

Dec 16, 2025 By Sumo Logic, Inc. In Sumo Logic
On this episode of Masters of Data, Adam sits down with Zoe Hawkins and David Girvin to talk AppSec programs that don't suck. David's hot take from his 1Password and Red Canary days? AppSec is a people problem, not a tooling problem—stop being the person devs dodge at standup. We cover the essentials: build relationships first, threat model based on actual business risk (not your anxiety), and ditch the "shift left" obsession with scanning everything. Instead, start with offensive testing that finds vulnerabilities attackers can actually exploit.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.