Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Investigate Amazon EKS Audit Logs with Teleport Identity Security

In Teleport 18, we’ve added official support to import Amazon EKS Audit Logs into Teleport Identity Security. This capability allows teams to have visibility into actions performed on Amazon EKS clusters when those actions were not executed via Teleport. Amazon EKS Audit Logs in Teleport Identity Security will be generally available in Teleport 18.3, coming November 2025. Your browser does not support the video tag.

How Physical Asset Security Strategies from Cybersecurity Apply to Gold Bullion Storage

The parallels between protecting digital assets and physical gold bullion reveal a fundamental truth about modern security architecture: threats evolve, but the principles of defense remain constant. Organizations safeguarding high-value physical assets can extract substantial operational advantage by adopting frameworks originally designed for cyber defense. This convergence of physical and digital security thinking represents a strategic shift in how enterprises approach asset protection.

The Compliance Gap: How Untracked User Lifecycle Changes Create SOC 2 Audit Failures

Forty-seven ghost accounts cost one SaaS company a $2M deal. Their SOC 2 auditor flagged a critical issue: former employees still had active system access, even those terminated six months earlier. The security team invested heavily in firewalls, encryption, and penetration tests. They failed on something more urgent: proving immediate access removal when people left.

Why auditor choice matters more than you think | Heard in the founder chat

Some things in startup life are just for show—job titles, swag drops, maybe even your first “launch.” Your auditor? Not one of them. In this episode of Heard in the Founder Group Chat, Jadee Hanson, Vanta’s CISO, breaks down why your auditor is more than a checkbox — they’re your external seal of trust.

10 Common Vulnerabilities Found During Software Audits - and How to Fix Them

A software audit is not a checklist but a thorough examination into the internal workings of your system that lurking vulnerabilities are usually hiding. Thousands of breaches every year are due to organizations not paying early attention to software audit vulnerabilities that might have been noticed and eliminated at an early stage. This article exposes the top ten vulnerabilities that are oftentimes encountered during software audits, why they occur, and offers some remediation measures that can be taken.

ISO 27001 Audit Record Retention Requirements

As one of the most common information security frameworks in the world, ISO 27001 is used by tens of thousands of organizations worldwide. That means it has to fit a lot of different groups with a lot of different needs. It also means that there’s a lot of information pertaining to ISO 27001 within each of those companies. Data like the logs of access control systems, the chain of custody for sensitive information, and the results of audits are all stored somewhere.

Monitor OCI Audit Logs with Datadog Cloud SIEM

Oracle Cloud Infrastructure (OCI) provides compute, storage, networking, and database services for running enterprise applications and workloads in Oracle. OCI supports both traditional and cloud-native applications, offering scalable, secure, and high-performance infrastructure for hybrid and multi-cloud environments. Securing workloads in OCI can be complex for organizations managing a mix of on-prem, hybrid, and cloud environments.

How a Global Bank Nearly Eliminated Audit Response Time

Across the financial sector, compliance teams face rising expectations from regulators and customers alike. Agencies such as the SEC, OCC, FDIC, CFPB, and the European Banking Authority now demand proof of continuous compliance—not point-in-time reports. Yet most financial institutions still depend on spreadsheets, manual command-line checks, and tribal knowledge to validate security controls.

How to choose compliance audit software: A buyer's guide

With regulatory complexity rising across all industries, managing multiple frameworks and amended regulations simultaneously has become the new security standard. Regular audits and continuous improvement have also become essential, both to ensure ongoing compliance and to strengthen customer trust. ‍ However, manual compliance audits are time- and resource-intensive. Their complexity grows with each new framework, significantly raising the risk of human error and compliance fatigue.

Why PCI Audits Fail: CISO Guide to PCI DSS 6.4.3 and 11.6.1 Compliance

PCI audits are not designed to protect your organization. They are designed to protect the payment card industry. This misalignment exists because card brands bear the burden of fraud-related costs, so the framework is built to minimize their exposure rather than address the unique risks merchants face. For example, PCI DSS focuses heavily on infrastructure and network security, reflecting a time when payment processing happened in secure, on-premise environments.