Blog

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation In Ocean’s Eleven (2001), the casino isn’t protected by a single impenetrable vault. Instead, it relies on layers of controls—motion sensors, pressure floors, timed locks, and human oversight. The brilliance of the heist is that it only succeeds when multiple safeguards are bypassed at once. If even one layer holds, the plan fails. That layered-defense mindset is exactly what CIS Safeguard... read more.

• May 19, 2026

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/11 How we’re tackling Microsoft 365 Copilot governance internally at Microsoft (Microsoft) To ensure that proper data hygiene extends to AI-powered workflows, Microsoft designed Copilot to respect the sensitivity labels and data loss prevention (DLP) controls that organizations configure in their Microsoft Azure environment. That way, administrators can be confident that the right people and apps have access to the data they need, and that sensitive information doesn’t appear where it... read more.

• May 15, 2026

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation In the documentary Zero Days (2016), investigators explain how Stuxnet, one of the most sophisticated malware campaigns ever discovered, initially spread through infected USB drives. The systems it targeted weren’t connected to the internet. They were air-gapped. And yet, malware still got in—because removable media was trusted by default. That lesson is exactly why CIS Safeguard 10.4: Configure... read more.

• May 12, 2026

By Jason Santamaria, Posted in Security

Solve it with Gotham’s Axonius-Powered Managed Services. Most cybersecurity incidents don’t start with a sophisticated zero-day exploit or brute force intrusion. They are usually rooted in something more mundane: an asset no one knew existed—or an asset assumed to be secure that hasn’t been patched or updated in months. Maybe it’s a server spun up for a project last year and forgotten. Or a SaaS app quietly adopted by a single department, unaccounted for by your security team... read more.

• May 08, 2026

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/4 Microsoft Agent 365, now generally available, expands capabilities and integrations (Microsoft) Microsoft Agent 365 helps you take control of agent sprawl as your control plane to observe, govern, and secure agents and their interactions—including agents built with Microsoft AI and agents from our ecosystem partners—using the admin and security workflows your teams already run.  https://www.microsoft.com/en-us/security/blog/2026/05/... read more.

• May 08, 2026

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation In Independence Day (1996), Earth isn’t nearly destroyed because the aliens have better weapons—it’s because their technology is allowed to interface freely with human systems. Once malicious code is permitted to run, the damage is already underway. The turning point comes when access is restricted and assumptions are challenged. That same lesson sits at the heart of CIS Safeguard 9.6: Blo... read more.

• May 05, 2026

By Eric Corcoran, Posted in Technology Week in Review

Monday 4/27 The Network Perimeter Is Re-Emerging: What This Means for Modern SOCs (Adlumin) Organizations that optimized for a single layer of defense are finding themselves vulnerable to attacks they cannot even see. By examining the findings from the 2026 report, IT leaders can understand why this shift occurred, the risks of relying on isolated security tools, and how to build a unified strategy that stops modern threats. https://www.n-able.com/blog/the-network-perimeter-is-re-emerging-what-this-means... read more.

• May 01, 2026

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation In Catch Me If You Can (2002), Frank Abagnale successfully impersonates pilots, doctors, and lawyers—not by hacking systems, but by exploiting trust. People believe the uniform, the letterhead, and the signature. The deception works because there’s no reliable way to verify identity at a glance. Email spoofing works the same way. Messages look legitimate, appear to come from trusted senders, and... read more.

• April 28, 2026

By Eric Corcoran, Posted in Technology Week in Review

Monday 4/13 Mailbox rules in O365—a post-exploitation tactic in cloud ATO (Proofpoint) Mailbox rules are a high-risk post-exploitation tactic.?Attackers abuse native mailbox rules for exfiltration, persistence, and communication manipulation. Combined with third-party services and domain spoofing, attackers can hijack threads, impersonate victims, and manipulate vendor communications, all without network-level interception.  https://www.proofpoint.com/us/blog/threat-insight... read more.

• April 24, 2026

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation In The Lord of the Rings, the One Ring is small, unassuming, and even useful—at first. It grants power and convenience, but every additional moment it’s worn increases risk, influence, and loss of control. The danger isn’t obvious until it’s too late. Browser and email client extensions often play the same role in enterprise environments. They look harmless, promise productivity, and... read more.

• April 21, 2026