Monday 3/30
Temporal hunting: Time as a threat hunting surface (Cribl)
By embedding threat intelligence at the pipeline level and carrying it through federated searches, organizations gain a hunting workflow that thinks in time, not silos. Every pivot to hot alerts, warm logs, or long-term archives is accelerated and informed.
https://cribl.io/blog/temporal-hunting-time-as-a-threat-hunting-surface/
Citrix + Amazon WorkSpaces Core: A Flexible Path to Cloud VDI
Historically, Azure was effectively the only practical option for running Windows 10/11 multi-session desktops, especially for organizations aligned with Microsoft 365. In many cases, that meant customers were forced into Azure for VDI, even if their broader cloud strategy or preference was elsewhere. WorkSpaces Core changes that, giving organizations a real alternative, and the flexibility to run Citrix workloads in AWS without being locked into a single cloud.
https://www.gothamtg.com/blog/citrix-amazon-workspaces-core-a-flexible-path-to-cloud-vdi
Cloud Backup Strategies: 5 Upgrades Cloud Infrastructure Teams Need in 2026 (Eon)
The 3-2-1-1-0 model tells you what to achieve. The challenge is how to achieve it at scale across cloud environments. Native tools in each cloud handle pieces of it, but nothing connects them into a single workflow.
https://www.eon.io/blog/five-ways-to-improve-your-cloud-backup-strategy
Tuesday 3/31
CIS Safeguard 8.10: Retain Audit Logs
https://www.gothamtg.com/blog/cis-safeguard-810-retain-audit-logs
Axios NPM Distribution Compromised in Supply Chain Attack (Wiz)
A compromised axios maintainer account led to malicious npm releases that propagated across environments. Learn how to assess impact, detect compromise, and secure your development workflows.
https://www.wiz.io/blog/axios-npm-compromised-in-supply-chain-attack
Copilot Cowork: Now available in Frontier (Microsoft)
Copilot Cowork makes it easy to delegate and complete work. Describe the outcome you want, and Copilot Cowork creates a plan, reasons across your tools and files, and carries work forward with visible progress and opportunities to steer.
https://www.microsoft.com/en-us/microsoft-365/blog/2026/03/30/copilot-cowork-now-available-in-frontier/
Wednesday 4/1
Cloudflare Client-Side Security: smarter detection, now open to everyone (Cloudflare)
Client-side security operates differently than active vulnerability scanners deployed across the web, where a Web Application Firewall (WAF) would constantly observe matched attack signatures. While a WAF constantly blocks high-volume automated attacks, a client-side compromise (such as a breach of an origin server or a third-party vendor) is a rare, high-impact event. In an enterprise environment with rigorous vendor reviews and code scanning, these attacks are rare.
https://blog.cloudflare.com/client-side-security-open-to-everyone/
From power on to productivity: Nerdio Manager and IGEL announce integration for zero-friction endpoints (Nerdio)
Modern IT teams shouldn't have to choose between a premium user experience and rigorous security governance. By bringing together Nerdio Manager and IGEL OS 12, we have created a unified solution where the endpoint and the cloud work in perfect symmetry.
https://getnerdio.com/blog/from-power-on-to-productivity-nerdio-manager-and-igel-announce-integration-for-zero-friction-endpoints/
Thursday 4/2
New CrowdStrike Innovations Secure AI Agents and Govern Shadow AI Across Endpoints, SaaS, and Cloud (CrowdStrike)
The endpoint has always been a primary target for adversaries, but the rise of personal AI agents like OpenClaw puts them at the frontline of a new attack technique called living off the AI land (LOTAIL). LOTAIL exploits a dangerous combination of factors that converge on the endpoint: increasing agent autonomy, high system permissions, and minimal governance.
https://www.crowdstrike.com/en-us/blog/new-crowdstrike-innovations-secure-ai-agents-govern-shadow-ai/
Using External MFA for Microsoft Entra ID (HYPR)
With External MFA, organizations can use their preferred authentication provider while satisfying Entra ID MFA requirements for Conditional Access Policies, Privileged Identity Management role activation, Identity Protection risk-based polices, and Microsoft Intune device registration.
https://www.hypr.com/blog/using-external-mfa-for-microsoft-entra-id
Friday 4/3
Continuous. Contextual. Controlled. The new standard for identity security (Delinea)
When your controls are intelligent, continuous, and built around what identities are actually doing, not just who they are, security stops being a cost center and starts being a genuine business accelerator. Getting there starts with one fundamental question: Do your controls stop at the front door, or do they travel everywhere your identities go?
https://delinea.com/blog/continuous-contextual-controlled-the-new-standard-for-identity-security