Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A new activist group is targeting insurance companies. Boycott Bloody Insurance (BBI) aims to raise awareness of the insurance industry’s role in perceived global injustices. Escalatory tactics that disrupt insurers’ day-to-day operations are possible. This may include physical threats against premises and individuals and/or logical threats, such negative social media or cyberattacks.

Security is essential to cloud-based development, but integrating it into dynamic, distributed environments is difficult. Factors like complex architectures and operational constraints often create roadblocks, which makes it harder to enforce security policies and mitigate threats. These challenges are especially apparent within security organizations, where siloes limit their ability to keep pace with the larger organization as it scales.

We’re excited to share that CrowdStrike Falcon Cloud Security now offers enhanced tools to help secure artificial intelligence (AI) development, simplify AI security posture management, and quickly respond to AI threats. These updates have been developed in collaboration with NVIDIA since August 2024.

Responsible disclosure is an often overlooked but critical component of cybersecurity alerting processes. Explore key best practices that can enhance communication and collaboration with researchers, turning potential security threats into opportunities for stronger defense.

Protecting the IT infrastructure from any kind of cyberattack is one of the topmost priorities of companies. Achieving cyber resilience is like building a strong immune system for your cyber environment, but not just about preventing attacks. It also makes an organization be prepared to: Let’s learn more about cyber resilience and how companies can achieve it with an XDR tool.

When people hear “SOAR,” they often think of Security, Orchestration, Automation and Response, a powerful solution for streamlining security operations. But SOAR’s capabilities don’t stop there. By driving efficiency and automation in IT operations, infrastructure management and cloud optimization, SOAR empowers teams across the organization to work smarter and respond faster.

This past month, the Vanta team launched new features to help you: ‍

CVE-2025-22457, a critical vulnerability (CVSS 9.0) affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti ZTA Gateways. The issue stems from a stack-based buffer overflow triggered by sending a specially crafted X-Forwarded-For HTTP header. Successful exploitation enables unauthenticated remote code execution. This vulnerability was originally misidentified as a buffer overflow vulnerability that could not lead to either remote code execution (RCE) or denial of service (DoS).

I’m thrilled to share that Cloudflare has acquired Outerbase. This is such an amazing opportunity for us, and I want to explain how we got here, what we’ve built so far, and why we are so excited about becoming part of the Cloudflare team.