MITRE ATT&CK v18: What’s in it — and why it matters
Learn what’s been added to the framework — and how you can use it to advance your threat detection and response.
Security Operations
MITRE ATT&CK v18: What’s in it — and why it matters
The cybersecurity job market is complicated: 3 key insights
While the state of cybersecurity careers is confusing, key trends are driving companies to think big-picture — and outside of traditional roles.
7 container security best practices
With the rise of attacks on the supply chain and threats from AI, securing containers requires a modern strategy. Here are key considerations.
Secure AI deployment is complicated: 5 ways to get your ducks in a row
A Cloud Security Alliance report explores new requirements for the tools, processes, and roles that secure AI-driven systems. Here are key takeaways.
Suspicious file analysis: Enhance your SOC to fight sophisticated attacks
Several factors are driving the need for better detection of malicious files. Ransomware is one that stands out. Here's how to boost your triage efforts.
Securing generative AI: 5 action items to protect your organization
AI's integration across enterprise platforms is "rapidly expanding the global attack surface." Here are five action items for your team.
Compliance as cybersecurity: A reality check on checkbox risk management
Here's what's driving the compliance-as-security trend — and why it's essential to go beyond checkbox cybersecurity amid a rapidly changing threat landscape.
The year in ransomware: Security lessons to help you stay one step ahead
Ransomware kept its stride in 2024. In 2025, threat actors are moving toward targeting key parts of the software supply chain. Here are key lessons.
NIST's NICE: 3 ways to adapt the hiring framework for modern threats
NICE is designed to help leaders build better cybersecurity teams. Here's how to put it to work in the software supply chain security era.
AI and cybersecurity: Modernize your SecOps to tackle today's threats
Here are highlights from Caleb Sima's recent BSides and RVAsec talks — and expert insights on how AI can help deal with today's threats head-on.
Do cybersecurity certifications still deliver? Experts share 6 key insights
With AI and the shift from the perimeter to the software supply chain as a primary attack vector, are certifications still relevant? Here's what top experts say.
Cybersecurity's workforce woes are a myth: 5 ways to rethink recruiting
Leaders say a cybersecurity talent shortage is a myth — instead, it's a plain old hiring and training gap. And the industry is making the problem worse.
5 SecOps automation challenges — and how to overcome them
Here are the key trends driving SecOps automation, its numerous benefits — and the main challenges organizations face when automating their SOC.
9 SecOps talks you don’t want to miss at Black Hat
SecOps pros are in the hot seat. Here are the top 2024 talks that practitioners and leaders can use to stay up to speed on defending their organizations.
Top cybersecurity Substacks to follow
Get up to speed on the state of security operations and related cybersecurity practices by subscribing to these 10 expert-curated Substacks.