Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On July 23rd, the White House released America’s AI Action Plan, a sweeping federal strategy to drive U.S. leadership in artificial intelligence. The message was loud and clear: AI is a national imperative. The plan calls for removing regulatory barriers, investing in infrastructure, and accelerating AI adoption across commercial and government sectors. For data security leaders, this signals a pivotal shift.

Managed Detection and Response (MDR) solutions have been available for more than 20 years, but despite this level of longevity, there remains confusion about what programs qualify as true MDR. Despite having a long track record of widespread use and success, there is still a great deal of confusion among current and potential MDR clients about what an MDR provider should deliver to keep an MDR client secure.

Cybersecurity is no longer just a tech issue—it's a priority that sits right at the boardroom table. With escalating cyberattacks that are becoming both more frequent and complex, the pressure is on for CIOs and CISOs. The implications of not having clear visibility into our networks can be dire. According to Cybersecurity Ventures, the financial toll of cybercrime could reach a staggering $9.5 trillion by 2024—almost three times what it was in 2015.

Every update to One Identity Active Roles is made in response to feedback from our customers. From adapting to improve usability or streamlining administration processes, our product development is always centered around solving the nuanced problems IT teams face every day. We’re excited to share the five recent updates we’ve made to Active Roles, including.

Kubernetes has transformed how we deploy and manage applications. It gives us the ability to spin up a virtual data center in minutes, scaling infrastructure with ease. But with great power comes great complexities, and in the case of Kubernetes, that complexity is security. By default, Kubernetes permits all traffic between workloads in a cluster. This “allow by default” stance is convenient during development, and testing but it’s dangerous in production.

On July 23, 2025, Mitel released fixes for a critical authentication bypass vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE, a communication platform used for enterprise voice and collaboration services. The vulnerability allows unauthenticated remote threat actors to gain unauthorized access to publicly exposed Mitel voice systems and access user or administrator accounts due to improper access controls.