Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Eric O’Neill, former FBI ghost and author of “Spies, Lies & Cybercrime,” joins host David Puner to take a deep dive into the mindset and tactics needed to defend against today’s sophisticated cyber threats. Drawing on O’Neill’s experience catching spies and investigating cybercriminals, the conversation explains how thinking like an attacker can help organizations and individuals stay ahead.

Migrating from Atlassian Data Center to Cloud is a major step toward modernization. With miniOrange, the process becomes seamless, secure, and fully automated — ensuring no data loss or downtime. Our solutions help you manage users, licenses, and compliance effortlessly while enhancing security and performance. Move smarter and faster with miniOrange to unlock the full potential of Atlassian Cloud.

If you plan to launch or expand financial services in Australia, understanding Australia's evolving Know Your Customer (KYC) and Know Your Business (KYB) requirements is critical. While the country supports innovation, its robust regulatory regime also maintains clear guardrails. Australia’s fintech and financial services markets are among the most regulated in the world with heavy penalties for noncompliance.

As global regulations requiring age-appropriate access to online content and services expand, organizations face a critical challenge: How do you effectively check a user's age without creating a frustrating experience or compromising their privacy? The International Organization for Standardization (the ISO) has provided a clear answer with its new standard, ISO 27566-1.

IdP-initiated SSO vs. SP-initiated SSO: Both differ from each other in terms of the login process, authentication flow, and use cases. Learn the key differences between the two.

CyberArk introduces Access Requests for Secure Cloud Access: Secure, seamless user experience for requestors and approvers alike. Securing and requesting access to multiple clouds can feel like navigating through a maze of approvals and endless tool-switching. In an ideal world, access requests would provide users with frictionless, just-in-time access across AWS, Azure, and Google Cloud from within their existing platform.

When I started my career on the trade floor of a Canadian bank, I quickly learned what it meant to work in a fast-paced, highly regulated environment. Every identity had to be secured, justified and auditable. Later, when I moved to the security engineering team, I saw firsthand how compliance could consume entire teams. We weren’t just protecting accounts; we were constantly running manual processes to prove that the right controls were in place.

The first time it happened, nobody noticed. An automation reconciled a ledger, logged its success, and shut itself down. The token that made it possible looked harmless. Tidy, legacy, supposedly scoped “just enough.” But a week later, refunds ghosted, dashboards blinked, and audit logs told three different versions of the truth. And that token? Not a token at all. More like a Fabergé raptor egg sitting in a server room. Not decoration. Incubation. Of chaos.