%term

YOLO Mode: Hidden Risks in Claude Code Permissions

Jan 13, 2026 By Greg Pollock In UpGuard

What permissions are developers granting to Claude Code, and could those permissions pose a risk if the coding agent were exposed to malicious inputs? To answer this question, we turned to GitHub, the website where developers go to share their private configuration files. From Github we collected a dataset of 18,470.claude/settings.local.json files, each containing the permissions that a user granted to Claude Code for a software project.

Read Post

UpGuard

Read more about YOLO Mode: Hidden Risks in Claude Code Permissions

An actionable guide to GDPR compliance for startups

Jan 13, 2026 By Vanta In Vanta

The General Data Protection Regulation (GDPR) is the EU’s landmark law for data security and privacy, and is mandatory for any organization that processes the data of individuals within the EU. ‍ While GDPR compliance is a legal requirement, the framework also serves as a benchmark for ethical and transparent data management. For growing startups, aligning with the GDPR boosts credibility early on and signals customers and investors that privacy and trust are critical to the organization.

Read Post

Vanta

Read more about An actionable guide to GDPR compliance for startups

Vibe Coding and GenAI Security: Balancing Speed with Risk

Jan 13, 2026 By Natalie Tischler In Veracode

If you think AI-generated code is saving you time and boosting productivity, you’re right. But here’s the problem: it’s also likely introducing security vulnerabilities. However, there are GenAI security practices that can be weaved into your workflow to help protect your apps. The software development landscape is shifting under our feet.

Read Post

Veracode

Read more about Vibe Coding and GenAI Security: Balancing Speed with Risk

GreyNoise Findings: What This Means for AI Security

Jan 13, 2026 By Greg Zemlin In Zenity

Late last week, GreyNoise published one of the clearest signals we have seen that AI systems are no longer just research targets. They are operational targets. Their honeypot infrastructure captured 91,403 attack sessions between October 2025 and January 2026, revealing two distinct campaigns systematically mapping AI deployments at scale. This is a meaningful inflection point.

Read Post

Zenity

Read more about GreyNoise Findings: What This Means for AI Security

EventSentry Training [08-12]: Digitally Signing Event Logs

Jan 13, 2026 By NETIKUS.NET LTD In EventSentry

How to digitally sign event logs and Syslog data with EventSentry.

View Video

EventSentry

Read more about EventSentry Training [08-12]: Digitally Signing Event Logs

EventSentry Training [05-05]: HTTP Receiver (HEC) / Network Services

Jan 13, 2026 By NETIKUS.NET LTD In EventSentry

How to setup EventSentry to collect (receive) logs in JSON format from remove devices via the HTTPS protocol (aka HEC).

View Video

EventSentry

Read more about EventSentry Training [05-05]: HTTP Receiver (HEC) / Network Services

EventSentry v6.0: New Features Overview

Jan 13, 2026 By NETIKUS.NET LTD In EventSentry

Introduction video showcasing the main new features in EventSentry v6.0, including native Azure log support, HEC, digital log signing, oauth support, location filtering, sigma and more.

View Video

EventSentry

Read more about EventSentry v6.0: New Features Overview

Crypto Good, Bad Or Evil For Security

Jan 13, 2026 By Razorthorn Security In Razorthorn

The episode asks whether cryptocurrency is good, bad or evil for society and for cybersecurity. Themes include state controls on cash, market abuse in crypto trading, real world payment use, digital money already present in banking systems and the open challenge crypto poses to traditional financial power.

View Video

Razorthorn

Security

Read more about Crypto Good, Bad Or Evil For Security

From Dugouts to Data Lakes: Applying Moneyball to the AI SOC

Jan 13, 2026 By Arctic Wolf Networks In Arctic Wolf

In this exclusive interview, Ari Kaplan, Chief Evangelist at Databricks and one of the real-life inspirations behind Moneyball, teams up with cybersecurity luminary Dan Schiappa, President, Technology and Services at Arctic Wolf, and AI Technical Fellow Mike Mylrea to explore how AI strategies that revolutionized professional sports are now being applied to transform modern cybersecurity.

View Video

Arctic Wolf

Read more about From Dugouts to Data Lakes: Applying Moneyball to the AI SOC

How to Build HIPAA-Compliant Infrastructure on AWS

Jan 13, 2026 By Mark Mazza In Opti9

Many healthcare organizations want to move workloads to AWS but stall because they’re uncertain how to maintain HIPAA compliance in the cloud. The good news: AWS provides the tools and certifications needed for HIPAA-eligible services. The challenge is implementing them correctly. AWS has been HIPAA-eligible since 2013 and currently offers over 150 services that can be used in HIPAA-compliant architectures. But eligibility doesn’t equal compliance.

Read Post

Opti9

Read more about How to Build HIPAA-Compliant Infrastructure on AWS

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

YOLO Mode: Hidden Risks in Claude Code Permissions

An actionable guide to GDPR compliance for startups

Vibe Coding and GenAI Security: Balancing Speed with Risk

GreyNoise Findings: What This Means for AI Security

EventSentry Training [08-12]: Digitally Signing Event Logs

EventSentry Training [05-05]: HTTP Receiver (HEC) / Network Services

EventSentry v6.0: New Features Overview

Crypto Good, Bad Or Evil For Security

From Dugouts to Data Lakes: Applying Moneyball to the AI SOC

How to Build HIPAA-Compliant Infrastructure on AWS

Monthly Archive

Follow Us