Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Let’s stop pretending AI is going to save security. Sure, it’s going to help — it already is. But the idea that defenders will somehow “keep up” with attackers just because they both have access to generative AI is a fantasy. I come at this from a red-team mindset. I’ve spent years thinking like an attacker. Now I work at a blue-team company trying to defend real systems. And here’s what’s obvious to me: AI is going to let attackers move faster.

Slack has become integral for many organizations, powering everything from internal to external communication and project workflows. But as adoption grows, so does risk. Hackers are increasingly targeting Slack as it often contains intellectual property, credentials, and valuable reconnaissance information. Sumo Logic Cloud SIEM now secures your Slack usage against insider and third-party threats by monitoring audit logs for suspicious activity to keep your company and its data protected.

Security operations and large-scale conferences have more in common than you'd think: too much noise, too many tools, and insufficient clarity. Both can leave you overwhelmed with information as you sort through one acronym or bold claim after another, only to end up with more questions than answers. RSA Conference is no exception. Booths are packed with AI promises and buzzwords, but there’s little visibility into how anything works.

Security measures aren’t keeping pace with the rate at which new technology is going to market. One of the fastest-growing segments of technology, the Internet of Things (IoT) — which includes webcams, smart thermostats, wearable health trackers, and other smart objects — is capturing the industry’s attention and growing rapidly. By 2030, the number of connected IoT devices is expected to grow to 40 billion.

Supply chain attacks, particularly those targeting continuous integration/continuous delivery (CI/CD) pipelines, are on the rise. It’s easy to think of these attacks as something that only happens to others, but the reality is that your organization is part of the supply chain too. Whether your company develops software for internal use, offers it as part of a service to your customers, or sells it as a product, you’re exposed.

In a recent and sophisticated cyberattack, the Akira ransomware group leveraged an unsecured Linux-based webcam to infiltrate a corporate network. By exploiting this overlooked IoT device, the attackers successfully bypassed traditional Endpoint Detection and Response (EDR) solutions, ultimately encrypting network shares and causing widespread damage.

Cybersecurity frameworks often feel as exciting as tax codes and instruction manuals, useful but not exactly captivating. Yet, the MITRE ATT&CK framework has managed to capture the attention of security professionals worldwide by mapping out adversary tactics, techniques, and procedures (TTPs). Many organizations don’t operationalize MITRE ATT&CK’s potential fully, using the framework in predictable ways. But it doesn’t have to be that way.

AI is transforming industries at an unprecedented pace. From generative AI tools revolutionizing creative work to AI assistants reshaping enterprise workflows, one thing is clear: this technology is no longer a nice-to-have; it’s a must-have. But what about DevSecOps - the teams tasked with safeguarding our modern apps and infrastructure and ensuring their reliability?