How CrowdStrike Tracks and Stops Advanced Adversaries
They’re not random hackers. They’re organized, funded, and relentless. Our Counter Adversary Operations team makes sure they don’t win.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Salt Cloud Connect for Github
Your developers are shipping agents, MCP servers, and APIs faster than security can see them. GitHub Connect changes that. Salt scans your repositories and surfaces every agent, MCP server, and API hiding in your codebase, then maps them into the Agentic Security Graph. You see the agentic infrastructure forming in code, before it ever reaches production. No more waiting for runtime to find out what shipped. No more blind spots between dev and prod. Govern what's being built from day one.
Is anything about AI worth the hype?
Dr. Adeel Shaikh Muhammad argues that when it comes to AI in the SOC, alert prioritization, anomaly detection, and SOC efficiency are where the real value is. The rest is mostly noise. On The Cybersecurity Defenders Podcast, the cybersecurity strategist and three-time author draws a clear line between where AI delivers and where the industry has oversold it. Full autonomous SOCs, perfect attack prediction, and replacing human analysts all fall on the hype side. AI narrows focus and accelerates decisions, but the final call still belongs to humans.
Analyze SMS phishing with an AI agent in Tines
Automate SMS phishing triage with AI — employees upload a screenshot, and Tines handles the rest in under 5 minutes. When employees forward suspicious texts, security teams still have to manually review screenshots, extract indicators, and route cases. This Five Minute Flow shows how to automate the entire process using the Tines AI action with Claude Sonnet — from employee submission to SOC case creation, IOC enrichment, and escalation when multiple employees report the same threat.
Securing AI agents: Why guardrail placement is a key design decision
When teams start building AI agents, especially with managed systems like Amazon Bedrock, they often wonder whether simply enabling guardrails is enough to secure their agents. A framework like Amazon Bedrock Guardrails provides a solid foundation for content filtering and policy enforcement, but having guardrails in place is only part of the equation.
Improve API authentication detection with Datadog
Many organizations have hundreds or thousands of API endpoints across their services, each of which handles authentication differently. For example, one service might rely on standard headers like Authorization: Bearer, while another uses an API key, and a third uses a custom JSON Web Token header with mechanisms or naming conventions specific to the team that built it.
Runtime Observability for AI Agents: What to Instrument and Why
Every guide to AI agent observability tells you what to capture — prompts, tool calls, token usage, traces, syscalls. Almost none address which of those signal sources you can still trust when the agent itself is part of the threat model. That distinction is the entire difference between observability that helps your SRE team debug a slow reasoning chain and observability that helps your security team investigate a breach.
Tranche 2 Australia: Who's affected and how to comply
On 1 July 2026, Australia's Tranche 2 reforms take effect. If you're a lawyer, accountant, real estate agent, conveyancer, precious metals dealer, or trust and company service provider, this deadline likely applies to you. Tranche 2 extends Australia's AML/CTF obligations to approximately 100,000 businesses that were previously unregulated.
SecurityScorecard Weekly Brief: The Driftnet Edition on Critical Infrastructure - Gilad F. Maizles
In this week’s Weekly Brief: The Driftnet Edition, Cyber Researcher Gilad F. Maizles breaks down new SecurityScorecard research powered by the company’s acquisition of Driftnet, exposing widespread internet-facing risk inside a U.S. municipal utility provider that also operated as the town’s ISP. “Threat actors will always target the lowest hanging fruit.” Using the Driftnet engine, SecurityScorecard identified significantly more internet-facing services and attack paths than traditional methodologies.
Why the GitHub Breach is a ZSP Wake-Up Call
A GitHub breach occurred on May 18, 2026 when a threat actor called TeamPCP pushed a malicious version of Nx Console (a widely used VS Code extension with 2.2 million installs) to Microsoft’s official Visual Studio Marketplace.