Why a five-minute sniff test is your secret supply chain defense
In its updated 2025 guidance on SBOMs, the Cybersecurity and Infrastructure Security Agency (CISA) states, “An SBOM should include information T…
Tech news from the best sources
In its updated 2025 guidance on SBOMs, the Cybersecurity and Infrastructure Security Agency (CISA) states, “An SBOM should include information T…
The inevitable path to access to quantum computing brings an equal and opposite responsibility to address post-quantum cryptography.  Govern…
Okta has made its AI agent governance platform generally available for FedRAMP- and HIPAA-regulated environments, becoming what it clai…
Most cloud systems make one authorization decision at login. Everything after runs on trust established at authentication time. For systems handling r…
For a long time, logs lived in a strange purgatory: technically required, rarely read, and mostly forgotten until something broke. The post What your …
The European Union’s Cyber Resilience Act (CRA) is just months away from ushering in a new era of accountability that’s The post “Th…
Software development has always had a way of quietly distributing sensitive data in unexpected places, and many organizations have lost The post How M…
Picture making a lasagna with noodles, peanut butter, and pears. You’ve got the base right, but the ingredients don’t quite The post LLMs …
Regulated industries know this pattern well: A new capability emerges. Teams spin up point solutions, each one solving a discrete The post The hidden …
Recently, I was working with a senior engineering leader at a large financial institution to review their DevSecOps platform engineering The post As a…