Enterprise Security Tech

If you want to understand why cyberattacks keep landing harder and faster, look beyond attacker TTPs and into the boardroom. A new study from VikingCloud reveals a widening psychological fault line inside organizations — one that’s quietly eroding resilience from within. Nine in ten frontline cybersecurity managers say attacks are hitting more frequently, and 88% say those attacks have grown more severe in the past year. Yet in the corner office, that urgency drops to 77% an

At its 10th annual Converge conference this week, Tanium rolled out one of its most sweeping product waves in years — a clear sign the company is trying to cement itself as the operating system for fully autonomous IT. And if the message wasn’t obvious from the demo-heavy keynotes, CTO Matt Quinn spelled it out himself: “Tanium continues to push the boundaries of what’s possible by leveraging AI and real-time endpoint intelligence to empower organizations to move from reacti

Salesforce has pulled the emergency brake on a swath of Gainsight-published applications after uncovering suspicious activity tied to the integrations — a move that instantly set off alarm bells across the SaaS security world and reignited concerns about the increasingly fragile state of OAuth-based trust models. Shortly after 8:00 p.m. on November 19, Salesforce issued a security advisory confirming that unusual activity linked to Gainsight applications could have enabled un

In an internet held together by a handful of ultra-concentrated infrastructure giants, a single glitch can ripple worldwide. On Tuesday, that fragility was on full display when Cloudflare—one of the web’s quietest but most critical underpinnings—suffered a cascading internal failure that knocked major sites offline, including X, ChatGPT, Letterboxd, and countless others riding atop its global edge network. For about an hour, parts of the web looked like they’d been unplugged.

For more than a decade, cybersecurity has been defined by silos: agencies hoarding intelligence, companies building isolated defenses, and critical infrastructure operators treating cyber risk like an inconvenient maintenance task. But 2026 is shaping up to be the year those walls finally crack — not because of idealism, but because adversaries are exploiting every weak seam at once. The next 12 months won’t just reshape the threat landscape. They’ll redraw who collaborates,

In the sprawling world of cyber-physical systems—industrial controllers, medical devices, manufacturing lines, energy infrastructure—security teams have been fighting a quiet but brutal battle: no one can agree on what anything is actually called. A single controller might report three different names depending on the protocol you ask. Another might hide its product code entirely. Vendors publish advisories full of vague model families instead of specific variants. And CVE li