Collaborate Disseminate
In this Help Net Security video, Andrew Williams, Senior Product Manager at Mimecast, walks through the company’s API-based email security protection for Microsoft 365 and Google Workspace environments. The video covers a core problem: AI-generat… Continue reading How Mimecast brings enterprise-grade email protection to API deployment
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Financial groups lay out a plan to fight AI identity attacks Generative AI tools have brought the cost of deepfake production low enough that criminals an… Continue reading Week in review: Axios npm supply chain compromise, critical FortiClient EMS bugs exploited
In this Help Net Security video, Lenny Gusel, Head of Fraud Solutions in North America at Feedzai, explains how customer identity and access management has converged with digital fraud detection, and why treating them as separate systems creates real r… Continue reading Your customer passed authentication. So why are they sending money to a scammer?
New research from the 2026 SANS Identity Threats & Defenses Survey shows that 55% of organizations experienced an identity-related compromise last year, while 26% reported MFA fatigue as a factor in identity attacks. Download the report to learn: … Continue reading Download: 2026 SANS Identity Threats & Defenses Survey
Cybersecurity has long suffered from a people problem, but not in the way we often hear about. As industry that is based on enabling communication across the globe via the internet and many types of devices, many of us practitioners are very bad at com… Continue reading Why I’m done calling humans the weakest link
In this Help Net Security video, Jay Miller, CISO at Paessler, explains how security leaders can communicate technical risk to executives and board members in terms they understand. The focus is on business impact: financial loss, compliance fines, rep… Continue reading The art of making technical risk make sense to executives
RSAC 2026 Conference marked a return to form, more vibrant and better attended than any show I can recall over the past decade. The audience was distinctly international, with strong representation from North America, Europe and Latin America, and it w… Continue reading RSAC 2026 is back, and the certificate automation gap is impossible to ignore
I have been in security rooms for years, from military operations centers to corporate boardrooms. In all those years I can tell you that the hardest mission that most security leaders will face is not identifying a threat, but getting someone to act o… Continue reading Why risk alone doesn’t get you to yes
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: NIST updates its DNS security guidance for the first time in over a decade DNS infrastructure underpins nearly every network connection an organization ma… Continue reading Week in review: NIST updates DNS security guidance, compromised LiteLLM PyPI packages
There’s a debate making the rounds in security circles that sounds reasonable on the surface but falls apart under operational scrutiny: Which is better, breach and attack simulation (BAS) or automated penetration testing (APT)? Security vendors have s… Continue reading You don’t have to choose between BAS or automated pentesting, you shouldn’t