Author: Nikhil
Security teams across the world are battling severe crises, including personnel shortage and burnout. In addition, the attack surface gets bigger and more complex as new technologies like Artificial Intelligence (AI) and adoption of Software-as-a-Service (SaaS) increases. Wouldn’t it be great if the process, or parts of it, could be automated to give some relief to the analysts? Agentic AI allows you to do just that, i.e. autonomous cyber defense. Agentic AI cybersecurity can function autonomously, reducing the load on the SOC personnel. It can take care of one of the biggest headaches: alerts. Agentic AI allows automation of the…
Despite everyone’s best efforts, DDoS attacks continue to be a nuisance. The emergence of new technologies like AI has allowed bad actors to add teeth to the attacks. Having a DDoS mitigation tool as a part of the security stack is a necessity, not an option. But buying the right product is also a critical process. The product should provide reasonable, if not great, ROI. Matrices comparing various products based on several factors, like customer impact, are a great help in choosing a product that meets your specific requirements. A year-on-year comparison of two matrices helps you refine your search.…
2025 continues with (another) big data breach. This time, it is a lot of big companies, including Google and Cloudflare. Of course, we are talking about supply chain risks following the (continuing) fallout from the Salesloft breach. The attacker uses a third-party tool to get past security. While we have seen a lot of supply chain attacks since 2020. Including spectacular ones like the 2020 one, where the attackers were able to break into various US government departments, including the Treasury Department. While SaaS adoption has a lot of plus points, it also contains vulnerabilities that can be exploited by…
Have you seen the Apple TV+ series “Prime Target?” The series’ premise is that prime numbers apparently have patterns that can be manipulated to defeat every type of encryption. While the series is pure fiction, the part about encryption can become a scary reality owing to a computer that is yet to fully exist. Quantum Computing is a still-emerging technology that has a lot of potential. Unlike traditional computers. It operates on quantum physics laws, which allow it to supersede traditional computers, at a fraction of the time when compared with a traditional computer. While the technology is far from…
Ransomware is a word that brings nothing but dread to anyone’s mind. Imagine logging in to your office or home computer and seeing your valuable data encrypted with a demand to pay up or see the data being nuked in real time. Over the years, the premise has remained the same, but the wonders of technology have transformed it into a different kind of beast. Just like SaaS (Software as a Service), we now have RaaS. It is as deadly as the similarly pronounced Liam Neeson character from Batman Begins. The full form is Ransomware as a Service. The threat…
We have been consistently told for quite some time that AI is going to revolutionize cybersecurity. It has already caused disruptions by automating repetitive, high-volume tasks like log analysis and anomaly detection. But a lot of other tasks, like monitoring and threat hunting, baselining user behavior, and threat response, need a human in the loop. What we can definitely say about the present state of AI-backed security is that it most certainly hasn’t completely freed analysts from the burden of false positives or has detected and stopped that many breaches in real time. What it has done is augment the…
Benjamin Franklin once said, “In this world, nothing is certain except death and taxes.” Now we can add one more thing to the list: user authentication. Multi-factor authentication (MFA) and the flood of push notifications are issues we encounter every day. This eventually leads to something called MFA fatigue. This year’s severe breaches happening through MFA fatigue include the Marks & Spencer breach. Therefore, vendors are already looking for alternatives. These include passkeys and behavioral MFA. Since we are talking about behavioral MFA, let us stick to it. Behavioral MFA, as is clear from the name, uses user behavior as…
The Managed Detection and Response (MDR) services are witnessing increasing year-on-year growth because of powerful capabilities like 24*7 access to experts, quicker incident response, and proactive network monitoring and traffic insights that allow users to adopt a proactive security stance. However, the factors driving the market upwards are shaped by the introduction of newer technologies, the compliance norms, and the changing needs of the customers. Here, we take a look at some of the trends that are driving the MDR market in 2025. Industry-tailored products: While cybersecurity is key for all organizations, their needs are different. One size does not…
It is a redundant statement by now, but there is no better way to start a blog on anything involving SaaS: Businesses are increasingly using SaaS deployments for various reasons. However, as SaaS usage has increased, so have the associated risks. You see, with great capabilities come great risks. What are the risks? Shadow IT is a risk that security teams have to fight every day. While there are apps like Salesforce or Microsoft 365 that the organizational IT teams can manage, there are also apps that the IT teams can have a hand in purchasing and vetting, but granting…
As our dear friend ChatGPT says, compliance is no longer restricted to checking boxes off a list. The cost of non-compliance is rising—not only in fines but also in reputational damage and legal liabilities. Therefore, it makes total sense to check how the compliance landscape looks for the rest of the year, particularly as this year has been marked by various events that indicate clear noncompliance. The compliance norms becoming stringent is no longer just an empty, inevitable sentence that is a must-use for discussing anything about capabilities needing to follow compliance norms, like data storage. Countries like India have…