Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Episode 9 - Federal Cyber Defense: Legacy Debt, Cloud Shifts, and Network Truth

Feb 26, 2026 By Corelight In Corelight
Richard Bejtlich sits down with Jean Schaffer, Corelight’s Federal CTO, to discuss the unique hurdles facing government agencies in an era of escalating state-sponsored threats. Jean highlights the persistent challenge of legacy IT infrastructure and the "technical debt" that complicates modernization efforts across the Department of Defense, the intelligence community, and the civilian sector. The conversation explores the strategic shift toward cloud adoption as a means to decommission vulnerable on-premise hardware and the evolving "whole of nation" defense strategy that requires deeper public-private partnerships.
View Video
Arctic Wolf

CVE-2026-20127: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

Feb 26, 2026 By Julian Tuin In Arctic Wolf
On February 25, 2026, Cisco released fixes for a maximum severity authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Cisco Catalyst SD-WAN Manager (formerly vManage), tracked as CVE-2026-20127. The flaw arises from a broken peering authentication mechanism in the control-plane authentication workflow. This vulnerability potentially allows a remote, unauthenticated threat actor to bypass authentication and obtain administrative privileges on an affected system.
Read Post
LimaCharlie

Agentic AI Security: MITRE ATT&CK Coverage Analysis in Minutes

Feb 26, 2026 By LimaCharlie In LimaCharlie
LimaCharlie's Agentic SecOps Workspace (ASW) enables true agentic security operations. With us, AI doesn't just advise but actively operates within your security environment. We do this by integrating everything, including AI, on our cloud platform via API. Our approach delivers superior AI security automation capabilities at a fraction of the cost, allowing security teams to scale operations without growing headcount.
Read Post
CrowdStrike

CrowdStrike FalconID Brings Phishing-Resistant MFA to Falcon Next-Gen Identity Security

Feb 26, 2026 By Ryan Terry In CrowdStrike
FalconID is now generally available, bringing phishing-resistant MFA to the CrowdStrike Falcon platform and advancing CrowdStrike’s leadership in identity security. Adversaries continue to use legitimate identities to infiltrate and navigate organizations while evading defenses. As they adopt AI, the scale and impact of social engineering and credential abuse are growing. AI-enhanced phishing, MFA fatigue, and session hijacking enable threat actors to bypass MFA.
Read Post

Leadership Expectations From Cybersecurity Teams Have Fundamentally Changed

Feb 26, 2026 By Indusface In Indusface
In Episode of Guardians of the Enterprise, Ashish Tandon, Founder & CEO, Indusface, spoke with Madhur Joshi, CISO at HDB Financial Services (part of the HDFC Group), about how leadership expectations from cybersecurity are evolving. They discussed how boards today are looking beyond traditional security metrics, with a sharper focus on third-party risk, data governance, and organizational resilience.
View Video
cycognito

Emerging Threat: Cisco Catalyst SD-WAN Authentication Bypass (CVE-2026-20127)

Feb 26, 2026 By Amit Sheps In CyCognito
CVE-2026-20127 is a critical authentication bypass vulnerability affecting Cisco Catalyst SD-WAN Controller (vSmart) and Cisco Catalyst SD-WAN Manager (vManage). The flaw stems from improper validation within the control plane and management plane authentication mechanisms, allowing a remote, unauthenticated attacker to submit crafted requests that bypass standard authentication controls. Successful exploitation results in access to the system as a high-privileged internal user account.
Read Post
levelblue

LevelBlue SpiderLabs: APAC Emerges as Primary Target for Manufacturing Cyberattacks

Feb 26, 2026 By LevelBlue In LevelBlue
The Asia-Pacific region is home to the highest concentration of manufacturing sites on the planet, so it comes as no surprise that manufacturers here absorb more attacks than the rest of the world combined. LevelBlue SpiderLabs compiled the Manufacturing Threat Landscape 2025 report, which noted that 56% of all attacks targeting the manufacturing sector occurred in the APAC region. This is compared to 22% in North America, Europe (16%), and Africa (2%).
Read Post
Zenity

Governing Agentic AI: A Practical Framework for the Enterprise

Feb 26, 2026 By Chris Hughes In Zenity
In my previous piece, "The Agentic AI Governance Blind Spot," I laid out what I believe is one of the most critical gaps in the AI governance landscape today: the three most cited frameworks in AI governance, NIST AI RMF, ISO 42001, and the EU AI Act, don’t contain a single mention of agentic AI. Not one reference to autonomous agents, multi-agent systems, or AI that takes actions with real-world consequences. The response to that piece confirmed what I suspected.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.