Anytime. Anywhere. Since 1997.
Released in July 2025, NIST SP 800-63 Revision 4 introduced new requirements for authentication strength, identity proofing, and federation security. Many organizations still haven't assessed their systems against these updated standards. Learn what changed, why it matters for compliance, and how to evaluate your current identity controls against the new framework.
The July 31st advisory from CISA and the U.S. Coast Guard (AA25-212A) is less about what happened and more about what could have. A proactive threat hunt at a U.S. critical infrastructure organization revealed no active compromise, but it uncovered systemic weaknesses like insecure credentials, unrestricted remote access, and insufficient monitoring. This is a textbook case of “security theater”: policies and tools on paper, without enforcement in practice. The takeaway …
A modern approach to IT observability inspired by hazard analysis. Learn how to improve system reliability, reduce monitoring complexity, and proactively manage service risks through Critical Control Points.
A critical, newly disclosed, and actively exploited vulnerability, CVE-2025-53770, affects all self-hosted / on-premises Microsoft SharePoint Server versions. This critical issue does not impact SharePoint Online (Microsoft 365).
The exploit enables attackers to: