Welcome to Issue 75 of The Cybersecurity Pulse! I'm Darwin Salazar, PM at Monad and former Detection Engineer. Each week, I dig through 1,000+ headlines to bring you the latest security product innovation and industry news. Stay ahead of the curve and receive my updates directly to your inbox by subscribing below. Share with a friend if already sub’d! 📩

Share

25 degrees Fahrenheit with snow flurries in Austin, TX this morning. Strange things are happening including more plane crashes and Fortinet being ranked Forbes #7 most trusted company in America 😬

Anyway, let’s cyber 🕺🏽

The easiest way to secure your applications

Whether you’re just starting on your AppSec journey or need to replace ineffective, siloed controls, Jit enables you to prioritize the real risks and empower developers to deliver secure code faster. Our platform makes all of your code and cloud security scanners feel like one, prioritizes the vulnerabilities that matter, and delivers real-time feedback directly into existing dev workflows.

👉 Give it a try here

👋 Interested in sponsoring? Click here!

⚒️ Picks of the Week ⚒️

2025 State of Detection Engineering - Anvilogic x SANS 🔥

🔥Hot off the presses as of this morning. I love this report because it stems from a survey of 100+ practitioners and security leaders. It paints an accurate picture of how much the field and craft of detection engineering (DE) has progressed and still the work that we have to do.

Will be reading this from cover to cover over the weekend but below are a few highlights:

• Organizations are investing heavily into detection engineering. See graphic above.

• Largest skill gaps: Threat modelling (53%), data engineering (52%), reporting/visualization (47%)

• Top three most effective detection types: behavior-based (67%), correlation (43%), and threat intel driven (43%)

• 52% of respondents said data engineering is a valuable detection engineering skill they do not have and need to develop

Also, if you scroll to section 5 on data management, you'll find some of my thoughts on how to create cleaner and more efficient detections :)

The True Cost of Alerts

Forrester has been pounding the drum on the circus that MITRE ATT&CK Engenuity evaluations are for product/detection efficacy. In their latest research, they evaluated multiple vendors across 3 endpoint attack scenarios and found that, to no surprise, most vendors are extremely noisy. They even had one vendor generate over a million alerts across the 3 scenarios.

You don't need a Forrester subscription to know that this has sadly been the state of things for decades. While noise:signal ratio has gotten better in recent years, it's still a dumpster fire at most orgs, especially large scale enterprises w/ boat loads of infra of all sizes and ages.

SailPoint IPO Signals Bright Spot for Cybersecurity

SailPoint is now a public company again after being taken private by Thoma Bravo in a $6.9B deal in 2022. The IPO fared well, opening at $23 per share and closing at a high of $25.70 yesterday.

Many are watching closely as this IPO will certainly impact the next wave of cybersecurity IPOs which could include Snyk, ArcticWolf, Tanium, and Cato Networks.

For a deep dive on SailPoint's journey and what it means for the market, check out Strategy of Security's deep dive here.

Replit and Anthropic’s AI just helped Zillow build production software—without a single engineer

It's happening. Non-engineers are pushing production software at a publicly traded company. What about AppSec, CloudSec, and traditional shared responsibility models? Sounds like Replit and Google Cloud have it covered 🤔

“Replit handles security and reliability concerns through Google Cloud’s enterprise infrastructure. “We’ve built our security framework on a foundation of enterprise-grade infrastructure through Google Cloud’s Vertex AI platform,”” - Michele Catasta, Replit

Extend Your SOC Team with AI-Powered Security Operations

Tired of an endless alert backlog and too many false positives?

Intezer's Autonomous SOC solution automates investigations and triage decisions, freeing up your team to focus on what matters most. Discover how enterprise teams and top MSSPs are using AI-powered alert triage to cut through the noise, enhancing their SOC analysts' efficiency and accuracy.

👉 See Intezer in action – Book a demo

Solving for Exponential Data Growth in Next-Gen SIEM

Interesting piece on how CrowdStrike is positioning themselves in the SIEM market. Next SIEM wave is heating up with this + Palo Alto Network's recently announcing Cortex Cloud which we discuss in the next section!

China’s Salt Typhoon hackers continue to breach telecom firms despite US sanctions

Salt Typhoon (Chinese nation-state actor) continues to wreak havoc on the Telcos across the globe. Most alarming of everything is this though:

“Salt Typhoon also hacked into the systems that law enforcement agencies use for court-authorized collection of customer data, potentially accessing sensitive data such as the identities of Chinese targets of U.S. surveillance.” Carly Page - TechCrunch

📰 Product News 📰

Product News. My favorite kind of news.

AI Security

Pangea Launches AI Guard and Prompt Guard for GenAI Security

• AI Guard - prevents sensitive data leakage from GenAI apps

• Prompt Guard - identifies common and specialized prompt injection techniques

Seems like Pangea is shaping out to be a nice one-stop-shop for product/application security.

Cloud Security

Palo Alto Networks merges Prisma with Cortex

This can be summarized with Cortex Cloud = Code to Cloud to SOC

A convergence of multiple PANW capabilities that bring cloud runtime alerts and other time-sensitive alerts directly to the SOC. A mashing of XDR, SOAR, CDR, and CNAPP. Would be fun to test it In real environment.

More cloud security product news ⬇️

1. Introducing the AWS Trust Center

Data Security

Orca adds custom data detection to their DSPM

Sensitive data comes in all shapes and doesn't always follow a consistent, rigid pattern. This feature enables teams to set custom rules using regex which is pretty neat.

More Data Security product news ⬇️

1. Introducing enQase for Quantum-Safe Security

Identity Security

CyberArk Makes Identity Security Play With Zilla Acquisition

CyberArk is an identity security juggernaut. They've cornered the privileged access management (PAM) since the early 2000s but, they fell behind in a few categories in the most recent wave of digital transformation. Last year, they acquired Venafi, a non-human identity player and last week, they announced their acquisition of Zilla Security for $165M which will enable them to play in the Identity Governance and Administration (IGA) space.

National Security

Dream raises $100M @ $1.1B valuation

Dream, a security startup founded by the ex-CEO of NSO, has raised $100M series B at a valuation of $1.1B in a round led by Bain Capital. Their product and services have been adopted by multiple governments across the globe and they report having $130M in ARR. Their focus is on national security.

Security Operations

CrowdStrike Introduces Charlotte AI Detection Triage

*CrowdStrike has entered the chat.*

CRWD 0.00%↑ has released their own AI for SOC focusing on practical application of alert triaging. Makes sense.. It's to be expected that the major players will jump on all things AI moving forward including Agentic AI.

More SecOps product news ⬇️

1. Stellar Cyber Reimagines SOC-Less Cybersecurity For The Midmarket

2. DeepWatch acquires Dassana for undisclosed amount

Interested in sponsoring TCP?

Bye For Now!

That’s all for this week… ¡Nos vemos la próxima semana! 👋🏽