How Leading Organizations Are Turning EDR Into Operational Resilience

Most organizations now recognize that endpoint protection alone is no longer sufficient. That's why adoption of endpoint detection and response EDR has accelerated rapidly in recent years. Organizations understand that modern attacks move faster, evade traditional prevention controls, and require...

Why Agentic AI Is Security's Next Blind Spot

Agentic AI is already running in production environments across many organizations today. It is executing tasks, consuming data, and taking actions — most likely without meaningful involvement from the security team. The industry conversation has largely framed this as a question of policy: allow...

Project Glasswing and the Next Challenge for Defenders: Turning Faster Discovery into Faster Action

Anthropic’s Project Glasswing has sparked plenty of discussion about what AI might soon do for vulnerability discovery, but the more useful question for most security teams is how to prepare for, and more importantly seize the opportunity of, what comes next. As we wrote in our earlier blog, What...

Bringing Security Visibility to Vercel with Wiz

Giving developers and security teams a shared view of application risk as it evolves...

The Top 10 Threats Related to Agent Skills

Read about the top 10 critical threats related to Agent Skills that security teams should consider while building and evaluating agents...

OWASP Smart Contract Top 10

The OWASP Smart Contract Top 10: 2026 is a standard awareness document that aims to provide Web3 developers and security teams with insights into the top 10 vulnerabilities found in smart contracts. It is a sub‑project of the broader OWASP Smart Contract Security OWASP SCS initiative. It serves a...

How Cybercrime Markets Launder Breach Proceeds and What Security Teams Miss

Explore how cybercrime markets turn stolen data into laundered funds using dollar‑pegged assets, mixers and exchanges-and why tracking BTC USDT price and stablecoin flows now matters for security, fraud and AML teams...

Expanding the Zero Critical Club to set a new standard for AppSec and SecOps teams

We are introducing Zero Code Criticals and Zero Time to Respond clubs to give every team a clear north star for secure development and rapid response...

Get Executives on board with managing Cyber Risk

Learn how the 2025 Trend Micro Defenders Survey Report helps paint a clear picture of how security teams are looking to work with executive leaders to manage cyber risk...

Top AWS re:Invent Announcements for Security Teams in 2025

The re:Invent announcements that are most impactful to security teams...

Webinar: The "Agentic" Trojan Horse: Why the New AI Browsers War is a Nightmare for Security Teams

The AI browser wars are coming to a desktop near you, and you need to start worrying about their security challenges. For the last two decades, whether you used Chrome, Edge, or Firefox, the fundamental paradigm remained the same: a passive window through which a human user viewed and interacted...

Bringing Visibility to Kubernetes: Unified Inventory and Network Insight

Bridge the gap between Platform and Security teams with unified inventory and network visibility across Kubernetes clusters...

Harden your identity defense with improved protection, deeper correlation, and richer context

In today’s digital-first enterprise, identities have become the new corporate security perimeter. Hybrid work and cloud-first strategies have dissolved traditional network boundaries and dramatically increased the complexity of identity fabrics. Security teams are left managing a constellation of...

The Foundation Modern AppSec Is Still Missing: Code to Cloud, Rebuilt the Right Way

See every risk, from the first line of code to what’s running in production. No resource tagging. No CI/CD hacks. Just automatic, reliable traceability both developers and security teams can act on...

AI Security 101: Mapping the AI Attack Surface

A practical guide to the risks, blind spots, and protections every security team needs to know...

Debunking API Security Myths

I recently sat down with Tejpal Garwhal, Application Security and DevSecOps Leader, for a conversation debunking some of the most common API security myths. From zombie endpoints to the limits of WAFS and gateways, we covered what’s really happening on the ground; and what security teams need to ...

Microsoft at Black Hat USA 2025: A unified approach to modern cyber defense

Microsoft will be at Black Hat USA 2025, August 5–7 in Las Vegas, and we’re bringing you a unified, practitioner-driven experience built around real-world insights, threat intelligence, incident response, and hands-on AI expertise. We believe security teams are strongest when intelligence, tools,...

The State of Cyber Risk 2025: Business Context Needed

The cyber risk conversation is changing. Momentum is growing for formal cyber risk programs. However, despite rising investments, evolving frameworks, and more vocal boardroom interest, new data reveals that most organizations remain immature in their risk management programs, and cyber risk is...

Cloud Attacks Retrospective: Evolving Tactics, Familiar Entry Points

Let's break down eight attack patterns security teams should be watching in 2025...

AI Is Everywhere—But Security Teams Are Still Catching Up

Insights from 96 organizations on the state of AI security in the cloud...