Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

The Fragmented State of Modern Enterprise Identity Enterprise IAM is approaching a breaking point. As organizations scale, identity becomes increasingly fragmented across thousands of applications, decentralized teams, machine identities, and autonomous systems. The result is Identity Dark Matter...

Wiz Code Week Recap: Securing AI Native Development

Providing Application Security teams with visibility and guardrails to secure agentic software development and the modern software supply chain...

6 Lessons Security Leaders Must Learn About AI and APIs

Most organizations treating AI security as a model problem are defending the wrong layer. Security teams filter prompts, patch jailbreaks, and tune model behavior, which is all necessary work, while the actual attack surface sits largely unexamined underneath. That surface is the API layer: the...

Why PoP Count Isn’t the Real Measure of Application Security Performance

When evaluating cloud security platforms, one question comes up again and again: “How many Points of Presence do you have?” At first glance, the logic seems sound. More locations should mean lower latency, faster response times, and better protection. The assumption is simple: if security is...

What Is CAASM? Cyber Asset Attack Surface Management Explained

Your security team runs scans from five different tools. Each one gives you a different number of assets, a different count of vulnerabilities, and a different view of your risk. Meanwhile, your CMDB is outdated, shadow IT keeps expanding, and nobody can confidently answer a basic question: "What...

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

While much of the discussion on AI security centers around protecting ‘shadow’ AI and GenAI consumption, there's a wide-open window nobody's guarding: AI browser extensions. A new report from LayerX exposes just how deep this blind spot goes, and why AI extensions may be the most dangerous AI...

Bringing Security Visibility to Vercel with Wiz

Giving developers and security teams a shared view of application risk as it evolves...

AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds

A majority of security leaders are struggling to defend AI systems with tools and skills that are not fit for the challenge, according to the AI and Adversarial Testing Benchmark Report 2026 from Pentera. The report, based on a survey of 300 US CISOs and senior security leaders, examines how...

7 Steps to Improve Cyber Exposure Visibility

Attackers don’t look for the strongest part of your defense; they look for the one you forgot about. An unmanaged server, a misconfigured cloud service, or an employee’s unsecured home device can become their front door. Poor cyber exposure visibility creates these hidden entry points. The best w...

The Buyer’s Guide to AI Usage Control

Today’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS platforms, browsers, copilots, extensions, and a rapidly expanding universe of shadow tools that appear faster than security teams can track. Yet most organizations still rely on legacy contro...

The Privacy Gap in API Security: Why Protecting APIs Shouldn’t Put Your Data at Risk

The more critical APIs become, the more sensitive data they carry identities, payment details, health records, customer preferences, tokens, keys, and more. And this is where organizations face a painful, often invisible problem: To protect APIs, many organizations end up exposing the very data...

The Persistence Problem: Why Exposed Credentials Remain Unfixed—and How to Change That

Detecting leaked credentials is only half the battle. The real challenge—and often the neglected half of the equation—is what happens after detection. New research from GitGuardian's State of Secrets Sprawl 2025 report reveals a disturbing trend: the vast majority of exposed company secrets...

Gain Deeper Visibility into Risks to Meet Security Compliance Demands

...

From Inventory to Influence: How CAASM Shifts Security’s Leverage

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Click right here to hear it all on CAASM & CDMB Inefficiencies! Most security teams already know...

CVE-2025-28138

creationtimestamp| type| source ---|---|--- 2025-03-28 19:48:23+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114241785248469459 2025-03-28 19:48:23+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114241785248469459 2025-03-29 00:02:46+00:00| seen|...

CVE-2025-26572

creationtimestamp| type| source ---|---|--- 2025-02-13 14:17:26+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li2uvukdmg2a 2025-02-13 14:56:02+00:00| seen| https://infosec.exchange/users/cve/statuses/113997156303605348 2025-02-13 15:10:32+00:00| seen|...

HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects

Imagine receiving a penetration test report that leaves you with more questions than answers. Questions like, "Were all functionalities of the web app tested?" or " Were there any security issues that could have been identified during testing?" often go unresolved, raising concerns about the...

CVE-2025-22724

creationtimestamp| type| source ---|---|--- 2025-01-15 15:39:58+00:00| seen| https://infosec.exchange/users/cve/statuses/113833122085217384 2025-01-15 16:16:13+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfs5zjmdyw2s...

CVE-2024-57617

creationtimestamp| type| source ---|---|--- 2025-01-14 00:31:25+00:00| seen| https://infosec.exchange/users/cve/statuses/113823887173240908 2025-01-14 01:15:55+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfo3arkhcn2n 2025-01-17 17:57:11+00:00|...

CVE-2024-53239

creationtimestamp| type| source ---|---|--- 2024-12-27 14:14:05+00:00| seen| https://infosec.exchange/users/vuldb/statuses/113725200476661070 2024-12-27 14:18:49+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lec6m55od422 2024-12-27 16:00:42+00:00| seen|...