759 articles · page 6 of 16
Security Boulevard, Thursday, February 19th, 2026
Insider threats rarely start with a dramatic breach. Instead, they begin quietly. A shift in behavior. A suspicious or unauthorized external contact. An unexplained access request. A resume that looks polished, maybe too polished. A resignation that feels sudden.
more →
Security Boulevard, Thursday, February 19th, 2026
The Tidal Cyber 2025 Threat-Led Defense Report represents a groundbreaking shift in cybersecurity analysis by placing real adversary behavior at the forefront of defense strategies. Read the Full Report, or an overview of our findings below.
more → Security Boulevard, Wednesday, February 18th, 2026
Several weeks ago, I had a chance to sit down with John Kindervag and discuss FireMon's new partnership with Illumio. During that conversation, John shared a story about the origins of the phrase 'Zero Trust' that I had never heard before, and it completely changed my perception of the phrase.
more → SecurityWeek, Tuesday, February 17th, 2026
As nation-state actors, ransomware groups, and aging infrastructure collide, organizations must rethink how they defend critical operations through resilience, visibility, and modern security strategies.
more →
Security Boulevard, Tuesday, February 17th, 2026
Let's cut the fluff and get straight to the point: "SSO Code" isn't a real technical term. It's a ghost. It's a catch-all phrase that confused users type into Google when a login screen stops them dead in their tracks.
more → Security Boulevard, Tuesday, February 17th, 2026
Understanding User Managed Access (UMA): The Future of Granular Sharing and AI Authorization
more → Security Boulevard, Tuesday, February 17th, 2026
The 2026 Identity Breach Report marks a definitive shift in the cyber threat landscape, transitioning from simple data collection to what can only be described as the Industrialization of Identity. As adversaries adopt machine-scale automation, they are no longer just 'leaking' data-they are running high-velocity pipelines designed to weaponize human identities at an unprecedented scale.
more → Security Boulevard, Tuesday, February 17th, 2026
SecOps automation enables security teams to scale operations by automating threat detection, response, and investigation across complex environments.
more → Security Boulevard, Tuesday, February 17th, 2026
For years, organizations have framed breach risk as something finite. A breach occurs, notifications are sent, passwords are reset, and the incident is eventually considered closed.
more → Security Boulevard, Tuesday, February 17th, 2026
API security has been a growing concern for years. However, while it was always seen as important, it often came second to application security or hardening infrastructure.
more → Security Boulevard, Tuesday, February 17th, 2026
Most enterprise software is built for office workers. Employees who sit at a desk, use a personal laptop, and have a company email address. But a large portion of the global workforce does not fit that model.
more → Security Boulevard, Tuesday, February 17th, 2026
Red Teaming (also called adversary simulation) is a way to test how strong an organization's security really is. In this, trained and authorized security experts act like real hackers and try to break into systems, just like attackers would in the real world.
more → Security Boulevard, Tuesday, February 17th, 2026
How Can Automated Secrets Rotation Empower DevOps Teams?
more → Security Boulevard, Tuesday, February 17th, 2026
From hiring and onboarding fraud to service desk social engineering, attackers increasingly exploit identity workflows with stolen identities, forged documents, and deepfake-enabled impersonation. Gartner warns that 'by 2028, one in four candidate profiles will be fake.'
more → Security Boulevard, Tuesday, February 17th, 2026
Let's be honest: the password is a relic. It's a digital fossil that refuses to stay buried, dragging down productivity and opening the floodgates to data breaches.
more → Security Boulevard, Saturday, February 14th, 2026
Identity risk scoring has become a critical input for fraud prevention, security operations, and trust decisions. Organizations increasingly rely on risk scores to decide when to step up authentication, block access, or flag activity for investigation.
more → Security Boulevard, Friday, February 13th, 2026
I was fascinated by the recent stories about the sudden ascension of Clawdbot, aka Moltbot, aka OpenClaw, driven by its capabilities and social media attention, marketed as 'the AI that actually does things,' amid growing interest in AI agents that can autonomously complete tasks, make decisions, and take actions on behalf of users without constant human guidance.
more → Security Boulevard, Friday, February 13th, 2026
Traditional penetration testing has long been a cornerstone of cyber assurance. For many organisations, structured annual or biannual tests have provided an effective way to validate security controls, support compliance requirements, and identify material weaknesses across infrastructure, applications, and external attack surfaces.
more → Security Boulevard, Friday, February 13th, 2026
Most enterprises still run identity and access on spreadsheets, tickets, and organizational knowledge-until a breach or audit exposes a harder truth: no one can clearly explain who can do what in their most critical systems, or why. If you still treat Identity and Access Management (IAM) as IT plumbing rather than your primary control surface, you are accepting invisible financial and regulatory risk you cannotreally quantify.
more → Security Boulevard, Friday, February 13th, 2026
Privileged Access Management (PAM) is widely recognized as a foundational security control for Zero Trust, ransomware prevention, and compliance with frameworks such as NIST, ISO 27001, and SOC 2.
more → Security Boulevard, Thursday, February 12th, 2026
SSL certificates are now expiring faster than avocados. Yes... avocados. You buy them green, blink twice, and suddenly they're brown and useless. That's exactly what's happening to SSL/TLS certificates.
more → Security Boulevard, Thursday, February 12th, 2026
In today's rapidly evolving threat landscape, organizations must maintain continuous visibility, strong detection mechanisms, and rapid response capabilities to defend against increasingly sophisticated cyber adversaries.
more → Security Boulevard, Thursday, February 12th, 2026
Ever feel like we're finally getting the hang of ai orchestration, only to realize the locks on the doors are basically made of cardboard? It's a bit of a gut punch, but with quantum computers looming, our current security is a "kick me" sign for hackers.
more → Security Boulevard, Thursday, February 12th, 2026
Cybercriminals no longer need design or coding skills to create a convincing fake brand site. All they need is a domain name and an AI website builder. In minutes, they can clone a site's look and feel, plug in payment or credential-stealing flows, and start luring victims through search, social media, and spam.
more → Security Boulevard, Thursday, February 12th, 2026
Ever feel like your Monday morning is just one long login screen? You sit down with your coffee and before you even hit "unread" in your inbox, you've already typed five different passwords for the crm, email, and some random analytics tool.
more → Security Boulevard, Thursday, February 12th, 2026
Ever tried building a custom auth flow and realized key management is a total nightmare? RFC 4058 basically lays out the ground rules so we don't break things.
more → Security Boulevard, Thursday, February 12th, 2026
Ever wonder why we're still stuck typing "P@ssword123" in 2025 like it's still 1999? Honestly, it's kind of wild that the very thing meant to protect us is usually the biggest hole in our security.
more → Security Boulevard, Thursday, February 12th, 2026
Ever wonder why some of the biggest banks and hospitals still rely on tech that feels like it belongs in 2005? It's not just laziness-it is because WS-Trust is the glue holding their massive, complex security architectures together.
more → Security Boulevard, Wednesday, February 11th, 2026
Cloud adoption didn't just change where workloads run. It fundamentally changed how security and compliance must be managed.
more → Security Boulevard, Wednesday, February 11th, 2026
Cybersecurity Awareness plays a critical role in today's highly interconnected digital environment. Organizations allocate significant resources to advanced security technologies such as firewalls, endpoint detection solutions, cloud security frameworks, and AI-powered threat monitoring systems. However, despite these sophisticated defenses, attackers continue to breach organizations-frequently by targeting the weakest point in the security architecture:
more → Security Boulevard, Wednesday, February 11th, 2026
Ever tried explaining XML signatures to a junior dev? I have, and honestly, the blank stare you get back is a pretty good indicator of why saml is losing ground. It's not that it doesn't work-it's just a massive, heavy beast that feels out of place in a world of mobile apps and sleek apis.
more → Security Boulevard, Wednesday, February 11th, 2026
How are professionals adapting to safeguard machine identities effectively? The advent of smart algorithms is transforming how organizations manage Secrets Rotation, a fundamental aspect of cybersecurity that encompasses the management of Non-Human Identities (NHIs) and their associated secrets.
more → Security Boulevard, Wednesday, February 11th, 2026
Ever had a meeting where someone used "SSO" and "SAML" like they're the same thing? It happens all the time, even among senior devs, but it's technically a bit off.
more → Security Boulevard, Wednesday, February 11th, 2026
Ever tried updating a login API and accidentally locked out half your users? (Domain user constantly getting locked out of their account temporarily) Yeah, it's a total nightmare. Handling identity for regular folks is messy because they expect things to just work, even when you're patching a nasty zero-day bug.
more → Security Boulevard, Friday, February 6th, 2026
Let me tell you about a call I got last month. A finance director panicked, explaining how someone had been inside his company's systems for three weeks. No alarms. No malware detected. Nothing.
more → Security Boulevard, Friday, February 6th, 2026
Humans remain the most vulnerable component of security, despite the rapid advancements in cyber defenses. The majority of breaches are still caused by human behavior, as per recent studies and professional predictions. According to Gartner, human error and social engineering will account for 85% of data breaches by 2026.
more → Security Boulevard, Wednesday, February 4th, 2026
Email attachments remain one of the most trusted entry points into enterprise environments. Despite years of awareness training and secure email gateways, attackers continue to rely on documents because they blend seamlessly into everyday workflows.
more → Security Boulevard, Wednesday, February 4th, 2026
There's an old joke in enterprise tech: IT giveth, and security taketh away. At its best, IT exists to empower people - to give employees faster, better, smarter tools to do their jobs.
more → Security Boulevard, Wednesday, February 4th, 2026
As financial institutions accelerate their cloud transformations, one truth has become clear: the traditional perimeter-based security can no longer defend against the distributed nature of modern financial ecosystems. In a world of open APIs, multi-cloud ecosystems, and AI-driven customer channels, the strongest defense isn't a higher wall - it's a smarter, continuously validated network of trust.
more → Security Boulevard, Wednesday, February 4th, 2026
The chatbot era has ended. For two years, we've interacted with digital assistants that summarize emails and suggest recipes, but the National Institute of Standards and Technology (NIST) now draws a definitive line between machines that talk and machines that act. Their newly released Request for Information (RFI) signals a fundamental paradigm shift in how we must approach AI risk.
more → Security Boulevard, Wednesday, February 4th, 2026
The 'alert fatigue' crisis plaguing Security Operations Centers (SOCs) isn't really about volume. It's about fighting adversarial systems with tools designed for a non-adversarial world.
more → Security Boulevard, Tuesday, February 3rd, 2026
In 2026, identity has firmly established itself as the new security perimeter. As enterprises accelerate cloud adoption, enable remote workforces, and integrate SaaS and third-party ecosystems, attackers are no longer trying to 'break in'; they are simply logging in.
more → Security Boulevard, Tuesday, February 3rd, 2026
Security teams face constant pressure from an overload of alerts and findings. Every new scanner or assessment adds to the pile, making it hard to focus on what matters. Instead of streamlining efforts, these tools often create more confusion by repeating the same issues across reports.
more → Security Boulevard, Tuesday, February 3rd, 2026
Ever wonder why, in 2025, we're still wrestling with getting a "simple" login button to work for enterprise customers? Honestly, it feels like we should have solved this by now, but sso is still the bane of most dev teams' existence.
more → Security Boulevard, Tuesday, February 3rd, 2026
I have been talking to a few AI SOC and new SIEM market entrants over the past few weeks. I have voiced some opinions in previous posts but have now started to capture a list of features that I believe represent the openings existing SIEM players have created in the market for these new vendors to emerge.
more → Security Boulevard, Tuesday, February 3rd, 2026
Compromised user credentials are a major security threat for organizations, as the 2025 Verizon DBIR reported that credential abuse was the leading initial access vector for data breaches. Recent data from Enzoic's Active Directory Lite (AD Lite) tool indicates that the risk of compromised credentials is growing.
more → Security Boulevard, Tuesday, February 3rd, 2026
Non-production environments are an often-overlooked entry point for data breaches. These systems-dev, test, staging, QA-often contain copies of production databases or subsets of real customer records, yet they rarely receive the same security scrutiny.
more → Security Boulevard, Monday, February 2nd, 2026
Ever tried to share a private medical record with a specialist or give a budget app access to your bank history without actually being there to click "Allow" every single time? It's a massive pain because standard oauth 2.0 usually expects you to be sitting right there in the browser redirect loop.
more → Security Boulevard, Monday, February 2nd, 2026
As companies look to modernize, building your own data center feels more like an unnecessary headache than a strategic move. Colocation has stepped in as the smart middle ground where you keep your hardware but skip the massive overhead of managing power and cooling. However, for most CIOs and CISOs, it always comes down to trust.
more → Security Boulevard, Saturday, January 31st, 2026
Have you ever pondered the repercussions of over-privileged access in cloud environments? With the rapid adoption of cloud technologies, the concept of least privilege has emerged when a cornerstone for secure cloud operations. This principle, while seemingly simple, significantly influences various sectors, enhancing security and operational efficiency.
more →