Enterprise Security Tech

Security teams have long relied on deliberately vulnerable web applications to train defenders and test internal defenses. New research shows those same tools are now being used as a shortcut into real enterprise cloud environments. An investigation by automated penetration testing firm Pentera  found that threat actors are actively exploiting misconfigured security training and testing applications that have been left exposed on the public internet. These include intentiona

For years, public key infrastructure quietly did its job in the background, issuing certificates, encrypting traffic, and validating identities. Now it is becoming a frontline failure point. New research from CyberArk suggests that PKI systems are struggling to keep pace with the explosion of machine and workload identities across cloud native and zero trust environments. As certificates multiply, organizations are discovering that legacy tools and manual processes are no lo

For years, enterprises have treated cloud security as a budgeting problem. Spend more, buy more tools, hire more specialists. The assumption was simple: complexity could be contained with enough investment. The latest 2026 Cloud Security Report  from Fortinet  and research partner Cybersecurity Insiders suggests that assumption is breaking down. Based on a global survey of more than 1,100 senior security leaders conducted in late 2025, the report paints a picture of organizat

Zeroport Co-founder and CTO, Lavi Friedman (Left) and CEO and Co-Founder, Joseph Gertz (Right) For decades, remote access has carried an uncomfortable truth. The same IP-based plumbing that makes networks usable also makes them dangerously reachable. VPNs, bastion hosts, and layered gateways were supposed to manage that risk, yet breaches tied to exposed remote access infrastructure keep piling up, including incidents that have reached the highest levels of government. A new

Voice is still central to business outcomes -- from banks confirming fraud alerts, to hospitals coordinating care, to retailers following up on customer inquiries. But legitimate calls that originate outside the U.S. and use U.S.-based numbers are increasingly and inadvertently mislabeled as spam or blocked outright due to FCC rules and fragmented verification frameworks. The result: missed connections, wasted resources and new openings for fraud. In this Q&A with Peter Ford,