Enterprise Security Tech

For years, even the most mature software supply chain security programs have had a glaring blind spot — firmware. The low-level code running beneath operating systems on routers, MRI machines, industrial controllers, and countless other devices has remained largely opaque to security teams. That changes with a new partnership between Manifest  and NetRise , promising what the companies call the first unified, end-to-end view of software and firmware risk. Closing the Loop Bet

In this exclusive Q&A, Ngaire Guzzetti, Technical Director at CyXcel , discusses the widening trust gap between enterprises and their vendors—and why it’s putting resilience on the line. From fragmented oversight to the rise of AI-driven threats, Guzzetti unpacks how organizations can rebuild trust, strengthen accountability, and modernize risk management in an increasingly interconnected world. Your recent research found that a third of U.S. risk managers don’t fully trust t

The criminal syndicate behind some of the world’s most devastating file-transfer breaches has moved on to a new, more complex prize: Oracle’s E-Business Suite (EBS). Nearly 30 global organizations—including Harvard University, The Washington Post, and industrial heavyweight Schneider Electric—have now appeared on Cl0p’s leak site following a sophisticated campaign exploiting critical zero-day vulnerabilities in Oracle’s ERP software. A Familiar Name, a Sharper Strategy The ca

When over $100 million in jewels vanished from the Louvre in October, the story read like a cinematic caper: masked thieves, a midnight ladder, and a museum famous for the world’s most iconic painting. But as new reports emerge, the real vulnerability may have been less Ocean’s Eleven and more… “password123.” According to Libération , a French audit from nearly a decade ago revealed that “Louvre” was once the actual password to access the museum’s surveillance systems—a cyber

As International Fraud Awareness Week begins, security leaders are warning that fraud is no longer just a numbers game—it’s a cognitive one. Across industries, a new generation of agentic AI–powered schemes  is redefining what it means to deceive, forcing enterprises to rethink how they detect, authenticate, and trust in a world where machines can convincingly imitate people. “ Agentic AI is transforming the fraud landscape at an unprecedented pace, ” said Patrick Harding, Ch

In a move that fuses transparency, autonomy, and runtime intelligence, Upwind  has unveiled its Open Source Security Model  — a novel framework aimed at decentralizing and demystifying cloud risk management. The launch comes as the company also earns a coveted spot on CRN’s 2025 Stellar Startups  list in the Security category, solidifying its status as one of the most disruptive forces in modern cloud protection. A New Philosophy for Cloud Risk Management Upwind’s Open Source