[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
The Cybersecurity Pulse
The Biggest Supply Chain Attack of 2026 Was Unfolding While We Were at RSAC, the FBI Director's Gmail Got Popped, and a $10B AI Startup's Biometrics Hit the Auction Block
The Dust Has Settled: Top Takeaways from RSAC & BSidesSF 2026
AWS Bedrock's Sandbox Gets Pwned, Is RSAC Over Yet?, and Google Closes $32B Wiz Deal
TCP #124: Security's Biggest Founders Return, AI Is Guarding Its Own Henhouse, and A Wiper Hits Healthcare
The AppSec Model Was Built for a World That's Disappearing.
25 Million Alerts. One Year of Real SOC Data.
TCP #123: Iran War Cyberfront, CrowdStrike Reports Earnings, and Drones Hit AWS
TCP #122: Agents Gone Wild, SASTPocalypse, and Did I Just Get Gaslit?
TCP #121: The AI Security Land Grab is Here, AI Cyber Model Benchmark, and More
TCP #120: Opus 4.6 uncovers 500 vulns; 50K forecasted in 2026; and RSAC Innovation Sandbox Announced
Deploy Securely
7 things nobody tells you about ISO 42001 certification
Slack just overrode your AI settings
Prescient Security and StackAware: building audit-ready AI governance
StackAware and Armilla AI: advancing AI insurance
How StackAware found 3 key security risks in Cursor
Driving ISO 42001 certification in AI-powered healthcare with Eleos
Human-in-the-loop
3 risks from AI-powered no-code tools and how to manage them to avoid data breaches and fines
SecureForge is a scam
California’s Automated-Decision System Regulation
Omer on Security
Can Splunk Overcome Its Innovator's Dilemma?
How to Jumpstart Your Collaboration with the Data Team
The Inside Scoop on Insider Risk
Help Stop SOAR Abuse
You've Never Seen Lock-In Like This Before
Survivor's Guide to SIEM in 2024
Navigating a Market for Lemons
Lacework’s AI Didn’t Work
Busting Four Myths on Usage-Based Pricing for Security Operations
The Security Data Fabric Identity Crisis
Cloud Native Detection
Multi-Cloud Detection at Scale: A Normalization Framework
The Cloud-Native Detection Engineering Handbook
Return on Security
💰 Security, Funded #238 - Thank Goodness for Candy
💰 Security, Funded #237 - AI is Everywhere and Nowhere
💰 Security, Funded #236 - Really Secure Agent Chain (RSAC)
💰 Security, Funded #235 - Left of Boom
💰 Security, Funded #234 - The Signal is Loading
💰 Security, Funded #233 - The Week Everything Happened
💰 Security, Funded #232 - Paper Hand Tourist Investors
💰 Security, Funded #231 - That's Quite the Return
💰 Security, Funded #230 - The One Vendor to Rule Them All
2025 State of the Cybersecurity Market: $25B Funding, $76B M&A, and What's Next
Venture in Security
Blind Men and the Elephant: the story of cybersecurity
5 unexpected takeaways and one big prediction from RSAC
“It is not the customer’s job to know what they want” rings true in cyber
Every significant B2B company is becoming a security company
There’s only one kind of tool security teams should be building with AI
Anthropic won’t kill cyber, but it will kill some companies
RSA mafia continues to shape the industry 44 years later
Stop comparing safety and cybersecurity, they have very little in common
The lazy myth that CISOs “don’t understand the business” has to go
If you ask these two questions, you’re asking the wrong thing
Detection at Scale
Agents That Don't Wait for Alerts to Fire
What Happens to Detections When Agents Do the Work
D@S #76 - Google's Detection Director: 99% of Our Million Annual Tickets Never Reach a Human
D@S #75 - The Bigger Risk Is Refusing to Adopt AI Agents At All
D@S #74 - Compass' Ryan Glynn on Why LLMs Shouldn't Make Security Decisions — But Should Power Them
Threat Hunting with Claude Code and MCP
D@S #73 - Veeva Systems' Mike Vetri on Building Resilient Security Teams in the Age of AI
Building Threat Models with MCP and AI Agents
D@S #72 - Trustpilot's Gary Hunter on Structuring Security Knowledge for AI Success
2025 Wrapped: Essential Reading on AI in Security Operations
Latio Pulse
AI Code Security: Enterprise Governance for AI Generated Code
The Complete Guide to Preventing Open Source Malware
How to Know If the Trivy Supply Chain Attack Hit You
The 2026 Latio Application Security Report is Live!
The 5 Security Features that will lead in 2026, and 3 that should
Emerging Categories: The Evolution of AI SOC
Shai Hulud 2.0: Analysis and Community Resources
Unpacking Wizdom and GitHub Universe 2025
The 2025 Latio Cloud Security Report is Live!
Fixing the Blind Spot in Endpoint Security
Detection Engineering Weekly
DEW #151 - The Security Cognitive Rust Belt, Music Streaming Fraud & the Axios Incident Post-Mortem
DEW #150 - macOS Endpoint Security Firewall, EDR telemetry updates & Supply Chain Bonanza
DEW #149 - Roll your own Sigma SIEM, Stryker Breach and New Branding!
DEW #148 - Detection Pipeline Maturity, GenUI for Log Analysis and Hunting Kali in Splunk
DEW #147 - Flying Blind with your Logs, MAD lads and Z-scores & How Reddit Does Threat Detection
DEW #146 - The logs are lying, my latest post on Agentic Security & re-tooling security for speed
Knowing what good looks like in agentic security
DEW #145 - Modified Z-Score for Anomaly Detection, Watermarking for Audit Logs -> SIEM and Zack gives you all an RFC for homework
DEW #144 - Pyramid of Permanence and 🦞OpenClaw 🦞 Security Dumpster Fires
DEW #143 - Suppressing False Positives at Scale, Silencing EDRs & Detection Fidelity via Social Network Analysis
Resilient Cyber
Claude Mythos - Why It Matters (And Why It Doesn't)
Your AI Agent Is Running As Root
Resilient Cyber Newsletter #92
Vulnpocalypse: AI, Open Source, and the Race to Remediate
Resilient Cyber Newsletter #91
What 450000 Hours of Incident Response Reveals
The Human-in-the-Loop Illusion
Agents in Action - What 177,000 Tools Reveal About AI's Shift from Thinking to Doing
Resilient Cyber Newsletter #90
M-Trends 2026: What 450,000 Hours of Incident Response Tells Us
The OSINT Newsletter
Episode 16: Investigating Digital Footprints and Archiving Video at Scale
The OSINT Newsletter - Issue #102
The OSINT Newsletter - 50% Off Easter Sale
The OSINT Newsletter - Issue #101
Episode 15: Offline OSINT and Building Ethical Investigative Skill Sets
The OSINT Newsletter - Issue #100
The OSINT Newsletter - Issue #99
Episode 14: IP Address Investigations and Local OSINT
The OSINT Newsletter - Issue #98
The OSINT Newsletter - Issue #97
© 2026 RiskDiscovery | Sponsored by: Deception Logic