Collaborate Disseminate
In this Help Net Security video, Ido Livneh, CEO of Jazz, explains why security analysts burn out and what leaders can do about it. The cause, he argues, is not long hours but meaningless work. Analysts spend their days closing repetitive tickets while… Continue reading The alert economy is driving security analyst burnout
Why are machine identities becoming the majority of “things with access”? Every automation, integration, and workload needs a way to authenticate and the right permissions to act. That quiet requirement has created a massive population of machine ident… Continue reading Manage machine identities: The hidden privileged access layer you need to manage
This is my favourite time of the year, not just because spring is here and the promise of summer is on the way. But also, because one of my must reads each year gets published. There are a few must read reports that I have on my reading list for each y… Continue reading Lessons for organizations from the Verizon 2026 Data Breach Investigations Report
In this Help Net Security video, Ziv Levi, SVP of Technology at CYE, explains why translating cyber risk into dollars is one of the most pressing tasks for security leaders. Boards and executives want cyber exposure described in business terms, not tec… Continue reading Boards want cyber risk in dollars, not CVE counts
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension Following TeamPCP’s claim that they’ve breached GitHub’s own private code repos… Continue reading Week in review: GitHub breached via poisoned VS Code extension, critical NGINX flaw exploited
Keepnet, an Extended Human Risk Management (xHRM) platform, today announced that its voice and SMS phishing simulation data contributed to the 2026 Verizon Data Breach Investigations Report (DBIR). The 2026 edition is the first to include voice and SMS… Continue reading Keepnet contributes voice and SMS phishing data to the 2026 Verizon DBIR
In 2025, trusted Git hosting platforms became a playground for cyber criminals. This is the main conclusion from the latest “DevOps Threat Unwrapped Report 2026” by GitProtect. If you want to effectively counter attacks targeted at your code (and busin… Continue reading 7 hard truths security pros should know: 2026 DevOps Threats Report
In this Help Net Security video, Colin Constable, CTO at Atsign, explains why your identity provider (IdP) has become the kill chain in cyberattacks. Attackers steal session cookies, tokens, or consent grants you’ve already issued and walk in beh… Continue reading What happens when your identity provider becomes the kill chain
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: Foundations of Cybersecurity, 2nd edition Jason Andress has refreshed his introductory security text for No Starch Press. He writes in the introdu… Continue reading Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploited
In this Help Net Security video, Jeffrey Wheatman, SVP and Cyber Strategist at Black Kite, discusses how organizations can identify and manage third-party cyber exposures before attackers exploit them. He argues that businesses should move beyond a dat… Continue reading Spotting third-party cyber risk before attackers do