[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
The Cybersecurity Pulse
TCP 129: Vercel Breach, Mythos Leak, the SIEM arms race, and 3 Defender 0 days
The end of bug bounties? Is DEF CON canceled forever? Mythos, OAI TAC, and More
The Biggest Supply Chain Attack of 2026 Was Unfolding While We Were at RSAC, the FBI Director's Gmail Got Popped, and a $10B AI Startup's Biometrics Hit the Auction Block
The Dust Has Settled: Top Takeaways from RSAC & BSidesSF 2026
AWS Bedrock's Sandbox Gets Pwned, Is RSAC Over Yet?, and Google Closes $32B Wiz Deal
TCP #124: Security's Biggest Founders Return, AI Is Guarding Its Own Henhouse, and A Wiper Hits Healthcare
The AppSec Model Was Built for a World That's Disappearing.
25 Million Alerts. One Year of Real SOC Data.
TCP #123: Iran War Cyberfront, CrowdStrike Reports Earnings, and Drones Hit AWS
TCP #122: Agents Gone Wild, SASTPocalypse, and Did I Just Get Gaslit?
Deploy Securely
How StackAware uses agentic AI to manage AI risk
7 things nobody tells you about ISO 42001 certification
Slack just overrode your AI settings
Prescient Security and StackAware: building audit-ready AI governance
StackAware and Armilla AI: advancing AI insurance
How StackAware found 3 key security risks in Cursor
Driving ISO 42001 certification in AI-powered healthcare with Eleos
Human-in-the-loop
3 risks from AI-powered no-code tools and how to manage them to avoid data breaches and fines
SecureForge is a scam
Omer on Security
Can Splunk Overcome Its Innovator's Dilemma?
How to Jumpstart Your Collaboration with the Data Team
The Inside Scoop on Insider Risk
Help Stop SOAR Abuse
You've Never Seen Lock-In Like This Before
Survivor's Guide to SIEM in 2024
Navigating a Market for Lemons
Lacework’s AI Didn’t Work
Busting Four Myths on Usage-Based Pricing for Security Operations
The Security Data Fabric Identity Crisis
Cloud Native Detection
Multi-Cloud Detection at Scale: A Normalization Framework
The Cloud-Native Detection Engineering Handbook
Return on Security
💰 Security, Funded #241 - Bad Decisions at Machine-Speed
💰 Security, Funded #240 - The Mythos Fallout, a $70M SecOps Bet, and Why Funding Is Down But Not Out
Governing the Ungovernable: Why AI Governance is the Blueprint for Everything Else
💰 Security, Funded #239 - Too Dangerous to Email
💰 Security, Funded #238 - Thank Goodness for Candy
💰 Security, Funded #237 - AI is Everywhere and Nowhere
💰 Security, Funded #236 - Really Secure Agent Chain (RSAC)
💰 Security, Funded #235 - Left of Boom
💰 Security, Funded #234 - The Signal is Loading
💰 Security, Funded #233 - The Week Everything Happened
Venture in Security
Infra + security: why more & more CISOs are starting to own infrastructure
AI is one of the two monumental shifts in cyber today
AI might be killing traditional SIEMs, but data advantage is as strong as ever
Blind Men and the Elephant: the story of cybersecurity
5 unexpected takeaways and one big prediction from RSAC
“It is not the customer’s job to know what they want” rings true in cyber
Every significant B2B company is becoming a security company
There’s only one kind of tool security teams should be building with AI
Anthropic won’t kill cyber, but it will kill some companies
RSA mafia continues to shape the industry 44 years later
Detection at Scale
Agents That Don't Wait for Alerts to Fire
What Happens to Detections When Agents Do the Work
D@S #76 - Google's Detection Director: 99% of Our Million Annual Tickets Never Reach a Human
D@S #75 - The Bigger Risk Is Refusing to Adopt AI Agents At All
D@S #74 - Compass' Ryan Glynn on Why LLMs Shouldn't Make Security Decisions — But Should Power Them
Threat Hunting with Claude Code and MCP
D@S #73 - Veeva Systems' Mike Vetri on Building Resilient Security Teams in the Age of AI
Building Threat Models with MCP and AI Agents
D@S #72 - Trustpilot's Gary Hunter on Structuring Security Knowledge for AI Success
2025 Wrapped: Essential Reading on AI in Security Operations
Latio Pulse
Building an AI Ready Vulnerability Management Program After NVD Changes and Claude Mythos
AI Code Security: Enterprise Governance for AI Generated Code
The Complete Guide to Preventing Open Source Malware
How to Know If the Trivy Supply Chain Attack Hit You
The 2026 Latio Application Security Report is Live!
The 5 Security Features that will lead in 2026, and 3 that should
Emerging Categories: The Evolution of AI SOC
Shai Hulud 2.0: Analysis and Community Resources
Unpacking Wizdom and GitHub Universe 2025
The 2025 Latio Cloud Security Report is Live!
Detection Engineering Weekly
DEW #154 - Mythos <> Firefox hype, RSigma gets an uplift, Detection-as-Code is overrated and TeamPCP Strikes Again
DEW #153 - New IPv8 Draft, macOS Threat Detection LLM Evals & Canaries in your CI/CD Pipeline
DEW #152 - Celebrating Gaps in Detection Coverage, Threat Hunting on Teams & OpenAI Axios post-mortem
DEW #151 - The Security Cognitive Rust Belt, Music Streaming Fraud & the Axios Incident Post-Mortem
DEW #150 - macOS Endpoint Security Firewall, EDR telemetry updates & Supply Chain Bonanza
DEW #149 - Roll your own Sigma SIEM, Stryker Breach and New Branding!
DEW #148 - Detection Pipeline Maturity, GenUI for Log Analysis and Hunting Kali in Splunk
DEW #147 - Flying Blind with your Logs, MAD lads and Z-scores & How Reddit Does Threat Detection
DEW #146 - The logs are lying, my latest post on Agentic Security & re-tooling security for speed
Knowing what good looks like in agentic security
Resilient Cyber
The Identity Layer Underneath the Agentic Enterprise
You Can't Trust What You Can't Verify — The Case for AI Model Identity
Identity Is the Agentic AI Problem Nobody Has Solved Yet
Securing the Vibe: Tanya Janca on AI-Generated Code, Mythos, and the New AppSec Reality
Resilient Cyber Newsletter #94
The Software Supply Chain Cannot Scale on Trust Alone
The NVD Just Threw In The Towel - Now What?
The Industrialization of Exploitation
AI and the Future of Secure Coding
Resilient Cyber Newsletter #93
The OSINT Newsletter
The OSINT Newsletter - Issue #103
Episode 16: Investigating Digital Footprints and Archiving Video at Scale
The OSINT Newsletter - Issue #102
The OSINT Newsletter - 50% Off Easter Sale
The OSINT Newsletter - Issue #101
Episode 15: Offline OSINT and Building Ethical Investigative Skill Sets
The OSINT Newsletter - Issue #100
The OSINT Newsletter - Issue #99
Episode 14: IP Address Investigations and Local OSINT
The OSINT Newsletter - Issue #98
© 2026 RiskDiscovery | Sponsored by: Deception Logic