Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The cybersecurity industry woke up to yet another supply chain nightmare this week. Cloudflare, one of the world's largest web infrastructure companies, confirmed that attackers accessed 104 of their API tokens through the cascading Salesloft Drift breach. This incident perfectly illustrates why modern organizations need to rethink their approach to third-party vendor security.

Quantum computing is no longer a distant threat on the horizon. It is rapidly materializing into a real, operational risk to the foundations of our cybersecurity ecosystem.

When Kubernetes workloads need to connect to the outside world, whether to access external APIs, integrate with external systems, or connect to partner networks, they often face a unique challenge. The problem? Pod IP addresses inside Kubernetes clusters are dynamic and non-routable. For external systems to recognize and trust this traffic, workloads need a consistent, dependable identity. This means outbound connections require fixed, routable IP addresses that external services can rely on.

Microsoft has also been enhancing cloud security by ensuring that multi-factor authentication (MFA) is enabled for all of its Azure and Microsoft 365 administrative accounts. The rollout will begin with Azure portals in October 2025 and progressively to command-line tools, APIs, and Infrastructure-as-Code (IaC) environments in October of that year. For organizations, it means adapting their authentication workflows to align with Microsoft’s phased enforcement plan or risk disruption.

Overprivileged non-human identities expose enterprises to massive risk. Enforcing least privilege with automation and visibility is critical for security.

At the RSAC Conference this year, it seemed that every cybersecurity company had suddenly become an agentic AI company. According to such vendors, AI agents were the solution to every security problem keeping CISOs up at night. The audience, however, was understandably skeptical. Concerns over vendor promises fell into two camps. The first camp: companies that took whatever AI capabilities they had and slapped the word ‘agentic’ on them (aka ‘agent-washing’). Or even worse.

CrowdStrike has been named a Leader in The Forrester Wave: Managed Detection and Response (MDR) Services in Europe, Q3 2025. In this evaluation, CrowdStrike received the highest possible scores in 16 criteria, including endpoint detection surface, identity detection surface, cloud detection surface, managed response: manual and automated, threat hunting, analyst experience, vision, and innovation.