Security Boulevard, Monday, April 20th, 2026
Continuous Compliance: How To Kill The Annual Audit Scramble For Good
Continuous compliance keeps audit readiness as an ongoing state instead of an annual emergency scramble.
more →
783 articles · page 4 of 16
Security Boulevard, Monday, April 20th, 2026
Continuous compliance keeps audit readiness as an ongoing state instead of an annual emergency scramble.
more →
Security Boulevard, Saturday, April 18th, 2026
Browser extensions seem harmless-just tools to block ads, clean up formatting, summarize, or translate web pages. But in reality, they are cloud-connected mini applications with access to everything users do in SaaS. Most people don't think twice about installing a browser extension. In fact, nearly every enterprise user runs at least one, and the vast majority have ten or more installed across their devices.
more →
Security Boulevard, Friday, April 17th, 2026
For years, organizations have approached cybersecurity with a simple mindset-add more tools to strengthen defenses. Firewalls, endpoint solutions, intrusion detection systems, and monitoring platforms have all been layered together to create what appears to be a comprehensive security posture.
more →
Security Boulevard, Friday, April 17th, 2026
Imagine a retail company whose checkout service needs to ask its inventory service whether an item is in stock. How does the inventory service know the request is genuinely coming from checkout, and not from something pretending to be checkout? The traditional answers are simple: an IP allowlist, a shared API key, a certificate issued manually. Each one works reasonably well in a stable environment where services sit on known machines and rarely change.
more →
Security Boulevard, Friday, April 17th, 2026
With Anthropic's Mythos Preview announcement, the race to patch all vulnerabilities is over. As defenders, we must move on.
more →
Security Boulevard, Thursday, April 16th, 2026
Traditional application security focuses on finding vulnerabilities before code ships. However, pre-production scanning identifies theoretical risks while production reveals what is actually reachable, exploitable, and under active attack. Production-first security leverages runtime intelligence to prioritize remediation, giving teams visibility into real-world attack patterns rather than hypothetical weaknesses.
more →
Security Boulevard, Thursday, April 16th, 2026
You've spent countless hours creating content, engaging with comments, and building a genuine presence on social media. Your follower count is climbing, your community is thriving, and the momentum feels real.
more →
Security Boulevard, Thursday, April 16th, 2026
I've spent the past two years talking to AppSec engineers about their DAST tools experience. Some conversations lasted five minutes. Others turned into hour-long sessions on the podcast or elsewhere about false positives and broken authentication flows.
more →
Security Boulevard, Thursday, April 16th, 2026
In late 2019, something unusual happened on Robinhood. Users discovered what the internet quickly labeled the 'infinite money glitch'. It wasn't a zero-day exploit. There was no malware involved. No one bypassed authentication or cracked encryption.
more →
Security Boulevard, Thursday, April 16th, 2026
AI governance has quickly become one of the most crowded and misunderstood categories in security. For a deeper breakdown of how the category is evolving, see our AI governance guide.
more →
Security Boulevard, Thursday, April 16th, 2026
AI risk is already inside your SaaS environment. It enters through user behavior, OAuth connections, browser sessions, and non-human identities interacting with AI tools. The model is only one part of the equation. The real risk comes from how AI is accessed, what it connects to, and what it can reach.
more →
Security Boulevard, Wednesday, April 15th, 2026
Passkey security sidesteps many of the end-user and cybersecurity issues that plague traditional passwords. Learn how to successfully deploy passkeys in your organization.
more →
Security Boulevard, Wednesday, April 15th, 2026
The recent leak and confirmation of Anthropic Claude Mythos sent a ripple of anxiety through the cybersecurity community. In my recent conversations with security practitioners and leaders, there is a real concern that we are facing a brand-new, unsolvable category of AI risk.
more →
Security Boulevard, Wednesday, April 15th, 2026
Most companies think authentication is simple. They assume that adding a login system is enough. They assume that one security layer protects their users. And they assume that granting access eliminates the risk.
more →
Security Boulevard, Tuesday, April 14th, 2026
For the last few weeks, the cybersecurity world has been arguing about what Anthropic's Mythos and projects like Glasswing actually mean. Some people hear the alarms and think we are watching the beginning of the end. Others think we are finally seeing the breakthrough the industry has been chasing for decades.
more →
Security Boulevard, Monday, April 13th, 2026
Have you ever wondered how the management of non-human identities (NHIs) impacts the efficacy of Security Operations Centers (SOC)? With cybersecurity professionals strive to maintain a robust defense, effectively managing NHIs becomes a central concern. Let's explore how this concept can revolutionize SOC operations by ensuring holistic security.
more →
Security Boulevard, Monday, April 13th, 2026
For years, organizations have relied on monitoring tools to detect compromised credentials and exposed data. But as identity has become the primary attack surface, those tools are no longer enough.
more →
Security Boulevard, Monday, April 13th, 2026
The dark web is often misunderstood, but it plays an important role in both privacy technology and cybercrime activity.
more →
Security Boulevard, Monday, April 13th, 2026
A survey of 614 cybersecurity and IT leaders finds 89% of the applications deployed are not centrally managed via a multifactor authentication (MFA) platform.
more →
Security Boulevard, Monday, April 13th, 2026
Every growing business has at least one lingering privilege management issue. It's not because your team is lazy. It's because organizations grow, restructure and hire far faster than manual access processes can keep up.
more →
Security Boulevard, Friday, April 10th, 2026
Authentication is not an afterthought. With traditional password-based systems failing to keep pace, businesses need to adopt a strategic approach to enhance security and the user experience. Cyberattacks grew by 30% year-over-year in the second quarter of 2024, while the average cost of a data breach reached a record high of $4.45 million.
more →
Security Boulevard, Thursday, April 9th, 2026
A Strategic Approach to Modern Security Operations -- The Growing Complexity of Security Decisions
more →
Security Boulevard, Thursday, April 9th, 2026
The cybersecurity landscape of 2026 is defined by a staggering paradox: while organizations are investing more than ever in defense, the 'readiness gap' continues to widen.
more →
Security Boulevard, Thursday, April 9th, 2026
Anthropic's new AI model, Mythos, is being framed as a 'cybersecurity reckoning.' And yes, it's probably impressive. (We'll have to wait and see once it's broadly available.) But it's also missing the point.
more →
IT Security Guru, Wednesday, April 8th, 2026
The latest State of AI and API Security Report Finds Almost Half of Organisations Have Delayed AI Deployments Due to API Security Concerns
more →
Security Boulevard, Wednesday, April 8th, 2026
Top VPN Services in 2026: A Complete Guide to Choosing the Best VPN with High Speed, Security, and Privacy
more →
Security Boulevard, Wednesday, April 8th, 2026
Keeping customer data safe is crucial In ecommerce,. Weak login systems can lead to security problems like data breaches and fraud, which can harm your business and lose customer trust.
more →
Security Boulevard, Wednesday, April 8th, 2026
For most security teams, detection feels like a treadmill. The alerts keep coming, rules keep breaking, and platform costs keep rising. Everyone's tired, but no one's moving forward.
more →
Security Boulevard, Tuesday, April 7th, 2026
WhatsApp's new 'Private Inference' feature represents one of the most ambitious attempts to combine end-to-end encryption with AI-powered capabilities, such as message summarization.
more →
Security Boulevard, Tuesday, April 7th, 2026
Privileged access abuse is behind most major cloud breaches. And it's not always a sophisticated attacker - sometimes it's a misconfigured service account that nobody reviewed in two years, or an IAM role inherited from an acquisition that was never cleaned up. The access was sitting there ungoverned and waiting.
more →
Security Boulevard, Tuesday, April 7th, 2026
Most banks struggle to adopt new digital solutions because of their legacy infrastructure. As cybercriminals follow the money, financial institutions have become prime targets. Another major incentive for attackers is the vast amount of data banks store.
more →
Security Boulevard, Tuesday, April 7th, 2026
For decades, cybersecurity strategies have focused on protecting infrastructure: Firewalls, Endpoints, Networks
more →
Security Boulevard, Tuesday, April 7th, 2026
AI agents are already mediating the relationship between brands and shoppers-and most businesses aren't prepared for what agentic commerce means for their visibility, their data, or their security.
more →
Security Boulevard, Monday, April 6th, 2026
Identity security begins when a person's identity is first created and enrolled in your systems. This early moment shapes every authentication decision that follows and plays a central role in workforce impersonation risk. Increasingly, it's also where attackers focus.
more →
Security Boulevard, Monday, April 6th, 2026
In regulatory compliance, a single source of truth brings together the regulatory requirement and your processes and evidence of the requirement. The point is to maintain one governed record the team can use with confidence. The evidence layer is so important as it's becoming more common to be required to show how the rule was translated into action.
more →
Security Boulevard, Monday, April 6th, 2026
This week's Attack of the Day posts revealed a clear pattern: attackers are deliberately routing attacks through legitimate security and platform infrastructure so the tools themselves become trust signals. TitanHQ and Cisco URL wrappers hid a malware payload.
more →
Security Boulevard, Sunday, April 5th, 2026
Companies invest heavily in DDoS mitigation, yet outages still happen-often at the worst possible moment. The problem is rarely the protection technology, but the unseen gaps between deployment and a real attack, where misconfigurations, false assumptions, and untested scenarios quietly accumulate.
more →
Security Boulevard, Sunday, April 5th, 2026
An internet-connected coffee machine reportedly led to a significant corporate data breach after attackers used the device as an entry point into a secure network. A digital forensics investigator identified only as TR examined the incident after a client suspected a rival had infiltrated its systems.
more →
Security Boulevard, Thursday, April 2nd, 2026
Advanced persistent threats don't discriminate by organization size - they discriminate by defense capability. Nation-state actors and their proxies invest months conducting reconnaissance, moving laterally through networks with surgical patience, and exfiltrating data long before any alert fires.
more →
Security Boulevard, Wednesday, April 1st, 2026
Modern SaaS teams need layered security covering enterprise SSO provisioning, API runtime protection, AI agent security, and passwordless authentication.
more →
Security Boulevard, Wednesday, April 1st, 2026
For every human identity your IAM program governs, there are roughly 82 machine identities operating outside it. Most of them authenticate with static credentials that were provisioned once and never reviewed.
more →
Security Boulevard, Tuesday, March 31st, 2026
Most organizations start their nonhuman identity security program with a secrets manager. It's a sensible first step: centralize your API keys, database passwords and tokens in an encrypted vault instead of scattering them across config files and environment variables.
more →
Security Boulevard, Tuesday, March 31st, 2026
Identity attacks succeed because the credentials are already compromised.
more →
Security Boulevard, Monday, March 30th, 2026
Key insights from Forrester's External Threat Intelligence Service Providers Landscape, Q1 2026 and what they mean for security teams.
more →
Security Boulevard, Monday, March 30th, 2026
How secure is your organization when it comes to managing Non-Human Identities (NHIs)? With the increasing prevalence of cyber threats, optimizing NHI performance has become a cornerstone of effective cybersecurity strategies.
more →
Security Boulevard, Friday, March 27th, 2026
Facts are intriguing, aren't they? But, they also reflect a lot that give us a direction to our security strategy that needs to be solid to avoid the consequences of a zero-day attack. Even though it's sound as a hypothesis, predicting a zero-day attack, however, there are proactive ways to prevent it, if not predict!
more →
Security Boulevard, Friday, March 27th, 2026
At RSAC 2026, Nametag CEO Aaron Painter sat down with Security Weekly to discuss a growing problem in enterprise security: organizations can no longer be certain who is actually behind a human or AI identity.
more →
Security Boulevard, Thursday, March 26th, 2026
Engineering teams lose thousands of hours annually building infrastructure that already exists as battle-tested platforms.
more →
Security Boulevard, Wednesday, March 25th, 2026
Gartner predicts that by 2028, cloud computing will be a core business necessity, with global spending expected to surpass $1 trillion. As organizations continue to adopt cloud-native development to build and deliver innovative solutions, the demand for stronger application security (AppSec) practices is also on the rise.
more →
Security Boulevard, Wednesday, March 25th, 2026
Choosing a passwordless authentication platform is not a single decision - it is a portfolio of decisions about security standards, user experience, regulatory compliance, integration complexity, and cost.
more →