Do CVEs make sense anymore? As vulnerabilities are discovered and remediated through the assistance of AI, what timeline are they viable? In cloud native architectures with CI/CD pipelines, where remediation can occur quickly, how do we reshape the value of understanding vulnerabilities? Who owns this process? Is it the development team alone? What signals are needed in the short duration of time that a vulnerability might exist? Does the value of threat feeds dwindle? Removing vulnerabilities that no longer exist to reduce the noise becomes increasingly important to sort through what’s needed and what’s actually harmful from a process standpoint.

Non-human identity (NHI) for workloads, API, and AI agents are quickly evolving due to high demand and proliferation of services using machine identity and automated API connections. The intent of this blog is to increase collaboration and provoke thoughts on the next set of challenges for NHI, while providing an update on the current state in the evolution toward secure credentials.

Amidst all the noise around quantum computing, this blog aims to help organizations and SaaS providers move beyond the hype, focusing on practical steps developers and operational teams can take to prepare for what’s ahead.

Defenses evolve with time, moving from defense in depth to intrinsic. An ability to rely on services being secure is fundamental to the success of a business application.

Will you be ready for the attack, even at the break of day?