| March 21, 2025
The Hidden Dangers Lurking in Your SaaS Integrations
In Part 1 of our conversation, we explored why SaaS API logging is a mess—why logs are incomplete, misleading, or locked behind paywalls—and how..
The Hidden Dangers Lurking in Your SaaS Integrations
In Part 1 of our conversation, we explored why SaaS API logging is a mess—why logs are incomplete, misleading, or locked behind paywalls—and how..
New OAuth Phishing Attack on GitHub: What Security Teams Must Know
Cybercriminals have once again exploited OAuth tokens to hijack accounts—this time targeting GitHub developers through fake security alerts...
Q&A with Adam Burt Part 1: Why SaaS Breach Investigations Are So Hard
The explosion of SaaS applications has transformed how businesses operate, but SaaS security remains an underappreciated risk. To get to the heart of..
How Silk Typhoon Exploits IT Supply Chains and What You Can Do
Silk Typhoon is a China-linked advanced persistent threat (APT) group that has escalated its cyber operations, now actively targeting IT supply..
Vorlon, Securing Financial SaaS Ecosystems, Sponsors FS-ISAC 2025
The financial sector relies on SaaS applications, APIs, and third-party integrations for efficiency and innovation. But these same connections create..
Discover Vorlon at RSAC 2025: A New Approach to SaaS Ecosystem Security
Find us in the Early Stage Expo Hall The countdown to RSA Conference 2025 is on, and Vorlon is thrilled to be part of one of the most anticipated..
Grubhub Data Breach: A Costly Meal for Customers, Drivers, and Merchants
Grubhub, a major food delivery service, has recently disclosed a data breach affecting customers, drivers, and merchants. The GrubHub data breach..
APIs in Healthcare: Transforming Data Sharing, Security, & Compliance
Hospitals and healthcare providers increasingly leverage APIs to enhance data exchange between Electronic Health Records (EHRs) and various..
Meet Vorlon at ViVE 2025: Addressing Third-Party Risks in Healthcare IT
Are you heading to ViVE 2025? So are we! You’ll find Vorlon Security in the Cybersecurity Pavilion at Booth V-2727, where we will showcase how we..
The Postman Data Leak - Exposing the Hidden Risks of API Development
How poor practices in API and third-party app security leave sensitive data vulnerable The Postman data leak has revealed significant security risks..
Otelier Breach: When Hotel Management Checks Out
Hotel management platform Otelier experienced a significant data breach after cybercriminals accessed its Amazon S3 cloud storage. The breach..
Snowflake Breach Response Playbook
Summary of Breach In May 2024, Snowflake became aware of unauthorized access to some of its customer accounts, with threat-related activity going..
The Stiiizy Data Breach: Lessons for Mitigating Third-Party Security Risks
STIIIZY, a renowned cannabis brand in California, experienced a significant data breach when their point-of-sale (POS) vendor was targeted by..
BeyondTrust Breach: Implications for U.S. Treasury and beyond
BeyondTrust, a leading provider of privileged access management (PAM) solutions, recently disclosed a significant security incident involving its..
Vorlon’s Perspective on the Gartner Report: Adapt Your Third-Party API Security to 3 Specific Use Cases
Two days after I joined Vorlon Security as their VP of Marketing, Gartner included Vorlon as a representative vendor in their report: Adapt Your..
Better Together For All Parties: Salt Security and Vorlon
Introduction API security has a broad range of definitions depending on who you ask. More often than not, API security is thought of as the APIs that..
The API Security Checklist: What to Review Before Integrating a Third-Party API
Integrating third-party APIs into your application can significantly boost functionality and efficiency. However, without proper security evaluation,..
Internal vs. Third-Party APIs: Who Would Win in a Fight!?
On the digital battlefield where APIs (Application Programming Interfaces) reign supreme, knowing the strengths and weaknesses of internal versus..
Mean Time To What!?
Are you numb to the exorbitant number of security incidents happening to enterprises large and small on a daily basis yet? Sadly, the number gets..
Capgemini's Data Disaster: When Hackers Turned Consulting into Chaos
Introduction A new data breach has surfaced, and this time, it involves global IT services giant Capgemini. A hacker going by the name "grep" claims..
Fortinet Hit by Cyber Attack: Third-Party Breach Affects Asia-Pacific Customers
Introduction Fortinet, a leading global cybersecurity firm, which provides solutions like firewalls and endpoint protection disclosed a data breach..
Avis Car Rental Breach: Looks Like Cars Weren't the Only Thing Avis Was Giving Away
What Happened? Last month, Avis noticed that hundreds of thousands of customer data (including PII) had been exfiltrated. Hackers gained access to an..
Better Together: Vorlon + Tines
Summary It’s no secret, your enterprise’s third-party application landscape is complicated. Most enterprises rely heavily on third-party vendors and..
Securing More with Less: Navigating Cybersecurity in a Shrinking Budget Era
Summary In today’s cybersecurity landscape, where security budget growth has slowed compared to the rapid expansions of previous years, organizations..
Dick's Sporting Goods Breach - And How Vorlon Can Help
What happened? As reported on Bleeping Computer, on August 21, 2024, Dick's Sporting Goods discovered that there was a serious data breach. Bad..
Put the Car in Gear and Shift Correctly: Highlights From SANS DFIR Summit
Last week, at the SANS DFIR Security Summit, my colleague Mike Cioffi and I had the opportunity to dive deep into an often overlooked but critical..
HealthEquity Breach - And How Vorlon Can Help
What happened? On March 9th, 2024, hackers gained access to HealthEquity’s systems by leveraging the hijacked credentials of a third-party..
NYTimes Github Breach - And How Vorlon Can Help
What happened? In January 2024, attackers obtained an exposed GitHub token and accessed NYTimes repositories. Leveraging the exposed secret, the..
CDK Global's Breach - And How Vorlon Can Help
What happened? In June 2024, CDK Global suffered a breach at the hands of BlackSuit ransomware group, causing them to shut down major data centers..
Under the Hood: Examining Toyota’s Recent Data Breach
Toyota recently confirmed a data breach originating from a third-party entity, exposing sensitive information on both customers and employees. The..
Vorlon v2.0 Summary and Highlights
Summary I am very excited to share that Vorlon has just released the newest version of our platform, v2.0! We have listened to feedback from our..
Behind the Microphone: Insights from Our CISO Series Podcast Episode
The recent CISO Series podcast from David Sparks brought to light a lot of really interesting points about incident response and the challenges that..
From Functionality to Fortification: Securing Third-Party Integrations with Vorlon
Introduction During my early years as an engineer, I was responsible for writing APIs that facilitated seamless integration with third-party services..