Overview
Explore
Services
Experts
Events
86 results found
SSL Certificate Validity Changes 2025: How to Prepare Your Business Now
Beginning in March 2026 SSL/TLS certificate will begin expiring after 200 days and will continue to be reduced each year until 2029 when validity will be down to just 47 days. This change aims to enhance security, reduce exposure from compromised certificates, and encourage automation, but will require significant changes in certificate management processes for many companies. Organizations should begin preparing now for shorter certificate lifespans and more frequent domain validations to avoid security risks and ensure reliable digital interactions
Infrastructure as a Strategic Target of War
As infrastructure disruption becomes an acknowledged tool of state power, resilience is no longer just a cyber issue — it's operational and strategic. This piece outlines what critical infrastructure operators, boards and technology providers must reassess in a world where disruption is deliberate.
Stop Stacking Boxes. Start Designing Security.
Back-to-back firewalls were effective 15-20 years ago, but in today's encrypted, identity-driven and rapidly evolving threat landscape, they add cost and complexity without meaningful protection. Modern security replaces duplicated perimeters with platform-integrated NGFW enforcement, segmentation and coordinated prevention—delivering stronger, measurable defense through intelligent design rather than stacked legacy controls.
Check Point and the Post-Quantum Transition
Quantum computing's rise threatens classical cryptography, prompting urgent shifts to post-quantum cryptography (PQC). Check Point leads this transition with quantum-ready solutions, ensuring secure communications through hybrid key exchanges and cryptographic agility. As PQC standards evolve, Check Point's architecture promises seamless adaptation, safeguarding digital infrastructures against future quantum threats.
MITRE ATT&CK vs. Cybersecurity Kill Chain: A Simple Breakdown
In the third installment of the "Grizzled CyberVet: Practical Cybersecurity" collection, we compare and contrast the Cybersecurity Kill Chain and MITRE ATT&CK Framework.
Integrating Dataminr into a Palo Alto Networks–Centric Platform
Dataminr Pulse for Cyber Risk integrates external real-time intelligence into Palo Alto Networks' platform, enabling security teams to act on early warning signals before threats impact internal systems. This approach shifts security from reactive to prevention-based by leveraging AI-analyzed data from over a million public sources to detect risks outside organizational perimeters.
The MITRE ATT&CK Framework: A Beginner's Guide
As part of the "Grizzled CyberVet: Practical Cybersecurity" collection, we examine the MITRE ATT&CK framework. We simplify and explain this framework used by attackers to compromise your digital ecosystem.
Security vs. Privacy, the Difference is Epic
Cyber teams need to understand the difference between security and privacy and apply them to every system in production.
The Quantum Computing Threat – Part 2
Many advancements have occurred since I last wrote about the Quantum Threat, especially around NIST PQC, IBM, Intel and Q-SENSE. Here, I share my research, what Quantum really means and real guidance for my peers and clients alike.
The Quantum Computing Threat - Part 1
As we become more "any connection from anywhere" the means of secure transactions becomes even more critical.
The Grizzled CyberVet's Tactical Plan: Mapping Palo Alto Networks to MITRE ATT&CK
Next up in the Grizzled CyberVet series: A global enterprise faces a full-scale cyberattack spanning every stage of the MITRE ATT&CK framework. Armed with Palo Alto Networks' full security platform, they stop the threat at every turn. Learn how a unified security strategy can outmatch attackers before they succeed. Read on to see it in action!
Stop Treating Cloud Security Like a Post-Deployment Fire Drill
Cloud environments ship too fast for security reviews that happen after deployment. This post breaks down what DevSecOps and cloud workload security look like when they're actually integrated — security requirements defined before code is written, pipeline gates that enforce rather than just report, and runtime findings that feed back to the team that owns the workload. Security built in, not bolted on.