Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

(CTEM) Continuous Threat Exposure Management—isn't just another framework. It's a philosophy for finally connecting the parts of your security program that aren't talking to each other. SafeBreach Helm makes it actionable for any organization, no matter where you're starting from.

Are you still stuck on the vulnerability hamster wheel? In this episode of the Cyber Resilience Brief, host Tova Dvorin is joined by SafeBreach VP of Product Koby Bar and offensive security expert Adrian Culley to unpack a major shift in how enterprises approach proactive security — and to announce the launch of SafeBreach Helm, the AI validation layer built for Continuous Threat Exposure Management (CTEM).

Your home router isn’t just sitting there. It might already be part of a global cyberattack. In Part 2 of our deep dive into Chinese cyber operations, Tova Dvorin and Adrian Culley unpack the “Typhoon” threat groups—Volt Typhoon, Salt Typhoon, and Flax Typhoon—and how they’re quietly reshaping modern cyber warfare. This isn’t about stealing data. It’s about staying hidden, pre-positioning, and being ready to strike.

China-linked cyber groups have been hijacking everyday home routers—Linksys, Netgear, even small Cisco devices—and turning them into global proxy networks. That means an attacker can: This isn’t theoretical. In 2024–2025, massive botnets made of thousands of home routers were dismantled. The scariest part? Most people had no idea their device was involved.

The EU Cyber Resilience Act (CRA) is set to transform cybersecurity—from a best practice into a legal requirement. But what does that "actually" mean for security teams, product leaders, and CISOs? In this episode, host Tova Dvorin and cybersecurity expert Adrian Culley break down the CRA in plain terms—and explain why the shift to continuous security validation is unavoidable. You’ll learn: With enforcement deadlines approaching and significant penalties on the horizon, the message is clear: If your security testing isn’t continuous, it’s not CRA-ready.

A new 2026 law in China has weaponized the Chinese tech population by requiring the reporting of software vulnerabilities to the Ministry of State Security within 48 hours. This law has significant implications for cybersecurity and global tech security.

What if the next cyberattack doesn’t steal your data…but quietly prepares to break your infrastructure? In this premiere episode of our series on Chinese threat actors, we uncover how China transformed from noisy, smash-and-grab hackers into the world’s most sophisticated cyber power—one focused not just on espionage, but on pre-positioning inside critical infrastructure. Through a chilling real-world scenario, we explore a new kind of threat: digital landmines—subtle, invisible changes inside power grids, telecommunications networks, and industrial systems that can be triggered at any time.