Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Consider a common scenario: Your organization has allocated millions toward firewalls, endpoint protection, and advanced threat detection systems. Your security operations team maintains continuous monitoring through sophisticated dashboards. Yet, despite these comprehensive defenses, an attacker can gain unauthorized access using nothing more than compromised credentials and a hijacked service account. This is where identity and access management metrics play a key role.

GitGuardian expands NHI Governance with integrations across cloud IAM, secrets managers, and SaaS platforms for complete machine identity control.

In today’s AI rush, I’ve seen even the most disciplined organizations find it almost impossible to apply the hard-won lessons of DevOps and DevSecOps onto AI adoption. These organizations often feel forced to choose between moving fast and staying in control. As a result, they develop a “wait and see” approach to AI usage and implementation, and it’s creating a new, more dangerous form of technical debt. I call it the AI Blind Spot Debt.

Compliance with data sovereignty regulations in New Zealand can be complex to navigate, especially for organisations operating hybrid or cloud deployments. Managed service providers (MSPs) and small and medium enterprises (SMEs) in New Zealand that want to take advantage of the benefits of the cloud must make sure they’re in compliance with regulations.

One of the most insidious security risks isn't a sophisticated attack, it's the endpoint that stops reporting. A sensor that appears enrolled but hasn't sent telemetry in hours or days represents a critical blind spot. Whether due to network issues, system shutdown, agent crash, or intentional tampering, these silent sensors deserve immediate attention.

Kubernetes applications often rely on Persistent Volume Claims (PVCs) to store critical data, from databases to user uploads. Losing this data due to cluster failures or accidents can be catastrophic for DevOps teams. In this post, we’ll walk through how to safeguard your Kubernetes PVCs using CloudCasa, a backup-as-a-service platform.