Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Automating Entra ID tenant destruction with AI

AI-assisted browser automation can turn Microsoft Graph Explorer into a destructive Entra ID administration interface when a signed-in account already holds privileged access. Using Claude for Chrome, browser-side JavaScript, and Microsoft Graph batch requests, destructive actions such as user deletion, account disablement, password resets, session revocation, and Conditional Access policy removal can be automated directly from the browser session.

Your AI coding assistant is leaking secrets

AI desktop assistants and coding tools need credentials to reach external services, and many of them store those credentials as plaintext JSON at predictable paths in the user's home directory. This research covers how credential storage works across 14 popular AI tools, where OS keychain integration is present or missing, and eight attack scenarios that turn that exposure into real risk, from malware-based theft to remote session hijacking to supply-chain compromise via MCP servers.

Your browser is not a vault. Please stop giving it the keys.

Built-in browser password managers are convenient. For enterprise secrets, convenience is not a security strategy. There are two kinds of password storage in the world: the kind that helps you log in to your favorite lunch-ordering site faster, and the kind that protects the credentials that can unlock your business. Sadly, many organizations treat both the same way.

You still have passwords. Now enforce them.

So you still have passwords. Good to admit it, now let’s deal with them. The interesting problem isn’t whether passwords should exist. We know they shouldn’t. The practical problem, the one you’re living with every day, is what happens while your organization still does have them, on your endpoints, in every corner of your environment. Most organizations already have some form of password policy.

You wish you were passwordless. But you're not.

It’s World Password Day again. Time for the reminders: update your passwords, make them longer, don’t reuse them. All good advice. But it misses something. Most of us don’t actually want passwords. We want them gone—replaced by something cleaner, invisible, safer by design. Passkeys, biometrics, devices that just know it’s you. That’s the direction, and it’s a good one. But here’s the part we don’t say out loud: we’re not there yet.

CIS benchmark tool: what it is, how it works, and why continuous monitoring matters

Here's a number worth sitting with: the CIS Microsoft Windows 11 Enterprise Benchmark v4.0.0 is 1,364 pages long and covers more than 500 individual configuration settings. That's one operating system. Add your Linux servers, network devices, databases, and cloud workloads, and you're looking at a configuration surface area no team can stay on top of manually. A CIS benchmark tool solves that problem at scale.

A double win at the Cas d'Or 2026: what identity governance success looks like in the public sector

A French channel partner recently won two top awards at the Cas d'Or 2026 for a public-sector identity governance project. The recognition covered Cyber Governance & Risk Management and the Public Sector category. Here's a look at what the win signals about identity governance in public organizations and how modern IGA platforms help tackle budget pressure, compliance demands, and complex user populations. Identity governance in the public sector rarely makes headlines.

10 top ITDR tools for identity-centric security in 2026

Identity threat detection and response (ITDR) tools close the visibility gap that EDR and MFA leave open. They surface credential misuse, lateral movement, and Active Directory activity that appears legitimate to endpoint and perimeter defenses. The right fit depends on your identity infrastructure, detection depth, and whether you need real-time blocking or post-event response.

File integrity monitoring solutions: Top tools compared in 2026

File integrity monitoring tools have become a baseline requirement for regulated environments, yet most deployments surface more noise than signal, leaving audit teams without reliable evidence and SOC teams buried in hash-change alerts. Effective FIM requires coverage across Windows file servers, network-attached-storage (NAS), and cloud workloads, tied to user identity and change context, with out-of-the-box reporting mapped to PCI DSS, SOX, and HIPAA controls.