Vulnerability management has been losing ground for years, and AI is about to widen the gap on both sides of the equation. Attackers are using AI tools to discover and weaponize flaws ...

Only 57% of enterprise applications actually report into a central identity provider, 67% of non-human identities authenticate locally outside any IdP, 40% of accounts are orphaned, and 70% of apps carry excessive ...

The traditional cadence of red teaming — bring in expensive consultants once or twice a year, get a thick PDF, scramble to triage findings — was built for environments that changed slowly ...

The volume of CVEs landing against widely used open source libraries has jumped sharply in the last several months, and the cause isn’t a sudden drop in code quality — it’s that ...

The gap between how secure organizations think their unstructured data is and how secure it actually is keeps getting wider. A new joint survey from the Cloud Security Alliance and Thales pegs ...

Zero-trust and micro-segmentation have become the default direction for enterprise network security, and for good reason. But the shift has introduced an operational problem that few organizations were ready for: an explosion ...

The RSAC Innovation Sandbox has long been one of the most watched competitions in cybersecurity, and this year’s winner caught much of the industry off guard. Alan Shimel sits down with Henry ...

The cybersecurity industry has long grappled with a significant representation gap, but a new documentary that premiered at RSAC 2026 is working to change the conversation. In this interview from Broadcast Alley, ...

Alan sits down with longtime friend and cybersecurity veteran Rich Mogull to discuss his new role as chief analyst at the Cloud Security Alliance. They cover everythng from the rapid rise of ...

As enterprises race to embed AI agents into everyday workflows, a new and still poorly understood threat is moving from research papers into production risk: indirect prompt injection. In this conversation, Amit ...