Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SQL Server is more than just a database—it's a powerful platform that can be leveraged by attackers for system access, persistence, and code execution. While organizations focus on protecting their valuable data, they often overlook the inherent capabilities within SQL Server that make it an attractive target for adversaries looking to establish footholds in Microsoft environments.

Over the past few years, cyberattacks have escalated to unprecedented heights. Just last year, in 2024, 94% of organizations reported being the victims of phishing attacks. And in the first five weeks of 2025, ransomware attacks increased by 149% in the first 5 weeks of 2025. Organizations and users need help understanding and navigating these changing risks to fight against the rising tide of cybercrimes. Thankfully, that is exactly what The OWASP Foundation aims to do.

Success in threat hunting is vastly different from incident response. Incident responders can measure success in criteria like ticket volume, mean time to close, or escalations. For threat hunting, the number of hunts vs. incidents is not comparable because hunts take longer, and the average time to complete a hunt can vary wildly. More importantly, most hunts will not result in incidents. We can’t use the same metrics! Our critical metrics of success are our outputs/deliverables and documentation.

Estee Robinson leads global alliances for Devo and is responsible for defining and executing Devo’s channel strategy. She was named a 2025 Channel Chief by CRN, which recognizes influential leaders who drive the channel agenda and evangelize the importance of channel partnerships. Estee’s work on channel strategy helped land Devo in the CRN Partner Program Guide and inclusions in the CRN Cloud 100 and Security 100 lists for 2025.

In cybersecurity, the adage “what’s old is new” continues to hold true as attackers resurface longstanding techniques or repurpose them with new twists and adaptations. The popularization of Living Off the Land Binaries (LOLBins) — legitimate, Windows-native tools commonly abused for malicious uses — is a great example of this.

When it comes to cyber attacks, it’s no longer a question of if but when. Threat actors aren’t discriminating between the public or private sector — each organization has valuable data, which means every organization is a viable target. In this new threat landscape, digital resilience — the ability to defend against, withstand, and recover from attacks — has become an operational imperative.

The sheer volume of cybersecurity vulnerabilities is overwhelming. In 2024, there were 39,998 CVEs — an average of 109.28 per day! This constant stream of new threats makes it increasingly difficult for security teams to keep up. Large Language Models (LLMs) offer a possible solution, helping automate vulnerability investigation and prioritisation, allowing teams to more efficiently assess and respond to emerging risks. Do you even have time to skim over 109 CVEs a day?

tl;dr: There's no silver bullet for keeping secrets out of logs, but if we put several "lead bullets" in the right places, we have a good chance of success.

Industrial facilities increasingly rely on interconnected systems to improve operations. As they implement these technologies into their legacy environments, they create new cybersecurity risks within previously isolated Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) by connecting them to public internet-facing applications.

Think about how your banking app connects to payment processors or how your healthcare provider’s system shares records securely – APIs have become essential for modern digital interactions, enabling applications to communicate and share data effortlessly. However, this convenience comes at a cost: APIs often handle vast amounts of Personally Identifiable Information (PII), making them prime targets for API data exfiltration.