Now in its 18th yr, the Verizon Enterprise DBIR is likely one of the trade’s longest standing and main stories on the present cybersecurity panorama. This yr’s report analyzes greater than 22,000 safety incidents with victims spanning 139 international locations, inspecting vital development in third-party involvement in breaches, will increase in ransomware and examines the common quantities paid and period of time to patch vulnerabilities, amongst many different findings.
Section Sources:
– https://www.verizon.com/about/information/2025-data-breach-investigations-report
– https://www.verizon.com/enterprise/assets/stories/dbir
This section is sponsored by Verizon Enterprise! To learn the complete Verizon Enterprise 2025 Information Breach Investigations Report, please go to https://securityweekly.com/verizonrsac.
Over the previous 20 years, the browser has advanced from a easy net rendering engine to the first gateway by which customers work together with the web, be it for work, leisure or transactions. In different phrases, browsers have gotten the brand new endpoint.
But, regardless of the exponential development of browser-native assaults, conventional safety options proceed to give attention to endpoint and community, leaving a big gaping gap with regards to browser safety.
SquareX has began the Yr of Browser Bugs (YOBB), a yearlong initiative to attract consideration to the dearth of safety analysis and rigor in what stays one of the understudied assault vectors – the browser.
Study extra about SquareX’s Browser Detection and Response resolution at https://securityweekly.com/squarexrsac
Final Mile Reassembly Assaults: https://www.sqrx.com/lastmilereassemblyattacks
Polymorphic Extensions technical weblog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04
There’s a rising overlap between endpoint and cloud environments, creating new safety challenges. ThreatLocker has just lately launched progressive options designed to guard organizations working on this house. These embrace Cloud Management, Cloud Detect, Patch Administration, and different superior safety instruments tailor-made to bridge the hole between endpoint and cloud safety.
This section is sponsored by ThreatLocker. Go to https://securityweekly.com/threatlockerrsac to be taught extra about them!
Jason Mical, Discipline CTO, discusses Devo and Detecteam’s built-in resolution, which proactively improves safety posture by figuring out and shutting detection gaps. The mixing combines Devo’s complete menace detection, investigation, and response capabilities with Detecteam’s autonomic detection lifecycle platform to repeatedly validate and enhance detection capabilities based mostly on real-world assault situations.
Resolution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/
This section is sponsored by Devo . Go to https://securityweekly.com/devorsac to be taught extra about them!
Whereas the worth of identification safety stays largely untapped, SailPoint’s newest Horizons of Identification Safety report reveals that organizations with mature identification packages can bend their identification security-to-value curve and acknowledge disproportionately increased returns. These packages unlock new worth swimming pools and may help tackle rising challenges, comparable to securing machine and AI agent identities.
The 2024-25 Horizons of Identification Safety report: https://www.sailpoint.com/identity-library/horizons-identity-security-3
Take the identification safety maturity evaluation: https://www.sailpoint.com/identity-security-adoption
Study extra about SailPoint’s Buyer Expertise Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio
This section is sponsored by SailPoint. Go to https://securityweekly.com/sailpointrsac to be taught extra about them!
Identification has lengthy been the smooth underbelly of cybersecurity—however with AI, non-human identities (NHIs), and autonomous brokers on the rise, it’s now entrance and middle for safety groups, the C-suite, and boardrooms alike. Adversaries aren’t simply hacking techniques anymore—they’re hijacking identities to slide by the cracks and transfer undetected in techniques. For too lengthy, identification safety was handled as interchangeable with IAM—however that mindset is precisely what left important gaps uncovered. Take heed to our interview with Hed Kovetz as he unpacks why identification has change into at present’s most pressing battleground in cyber. He’ll what you are able to do about it with an identification safety playbook that offers you the higher hand.
https://assets.silverfort.com/identity-security-playbook/residence
https://www.silverfort.com/weblog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/
This section is sponsored by Silverfort. Go to https://securityweekly.com/silverfortrsac to be taught extra about Silverfort’s IDEAL strategy to identification safety!
