MOST POPULAR
all tags
other
Workload And Agentic Identity at Scale: Insights From CyberArk's Workload Identity Day Zero
On the eve of KubeCon 2025, experts from companies like Uber, AWS, and Block shared how SPIRE and workload identity fabrics reduce risk in complex, cloud-native systems.
Trust Beyond Containers: Identity and Agent Security Lessons from KubeCon 2025
From secure service mesh rollouts to AI cluster hardening, see how KubeCon + CloudNativeCon NA 2025 redefined identity, trust, and governance in Kubernetes environments.
API Key Security: 7 Enterprise-Proven Methods to Prevent Costly Data Breaches
In this blog, we will navigate through a few enterprise-proven methods to make API key more secure. Read on!
Queen City Con 0x3: Hacking And Embracing Resiliency
Queen City Con 2025 highlighted identity, cloud risk, and detection gaps. Learn why defaults and identity sprawl, not zero-days, are still the greatest security threat.
Q3 2025: NHI Security Gets More Real
Unified Non-Human Identity (NHI) security platform now features integrated Public Monitoring, one-click secret revocation for GitHub/GitLab/OpenAI, and enhanced graph intelligence. Close the attack window with automated remediation and expanded visibility.
BSides Chicago 2025: Operationalizing Identity Risk In Cloud-Native Environments
Highlights from BSides Chicago 2025, where we explored cloud-native identity risks, from service principal abuse to Kubernetes misconfigs and control-plane compromise tactics.
Identity Architecture Now Drives Cyber Risk: Techno Security & Digital Forensics Conference West 2025
Identity, classification, and cloud persistence risks took center stage at Techno Security West 2025. Learn what cybersecurity leaders are prioritizing now.
Working Towards Improved PAM: Widening The Scope And Taking Control
Learn how GitGuardian supports expanding privileged access management to include non-human identities and improve secrets management across your infrastructure and vaults.
LASCON XV: From AI Risk To Identity Security In AppSec
From ITDR to MCP, LASCON XV in Austin showed how AppSec must evolve to address identity threats, AI challenges, and the complexity of modern production systems.
Scanning GitHub Gists for Secrets with Bring Your Own Source
Developers treat GitHub Gists as a "paste everything" service, accidentally exposing secrets like API keys and tokens. BYOS lets you scan and monitor these blind spots.
From Path Traversal to Supply Chain Compromise: Breaking MCP Server Hosting
We found a path traversal vulnerability in Smithery.ai that compromised over 3,000 MCP servers and exposed thousands of API keys. Here's how a single Docker build bug nearly triggered one of the largest AI supply chain attacks to date.
