Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Welcome to the 2025 Identity Security Landscape rollout—and to the “it’s complicated” phase of our relationship with AI. Each year, CyberArk surveys security leaders across the globe to understand their top identity security concerns. This year, AI delivered the trifecta: attack weapon, defense tool and risk multiplier.

When I read Eyal’s blog, Why FWaaS is the Only Way Out of Endless Appliance Patching, I imagined a time in the immediate now (oxymoron intended); a time where the word “patching” is as quaint as rotary phones. In my mind, I was Marty McFly, jumping out of the DeLorean, shocked to discover that in the year 2025, we’re still patching appliance boxes. But here’s the kicker: everything has changed. Except the way we think about patching.

Erlang/OTP ships with an SSH daemon that many telecom, IoT, Elixir/Phoenix, RabbitMQ and CouchDB deployments leave running for convenience. A flaw in how that daemon parses pre-authentication SSH protocol messages enables an attacker to break out of the key-exchange state machine and open an arbitrary channel before credentials are verified.

At first, hearing this common refrain from security leaders comes as a shock. But if you know about the limitations of legacy data loss prevention (DLP) solutions, this statement makes perfect sense. Legacy DLP can leave security teams with the assumption that they have full control over their data risk profile and vectors. In reality, blind spots can occur in any security configuration.

Last week, one of the biggest concerns in the cybersecurity industry created a crisis that was avoided at the last minute. On April 16th, 2025, the MITRE Corporation announced: “The current contracting pathway for MITRE to develop, operate, and modernize CVE and several other related programs, such as CWE, will expire.” Official letter from MITRE Corp announcing the implications and expiration of the CVE Program.