Chat with Sales
| April 16, 2025
Introducing DataMatrix™: Cracking Open the Black Box of SaaS Security
In cybersecurity, context is everything. And for too long, SaaS security has lacked it. Today, we’re changing that. We’re excited to introduce..
Introducing DataMatrix™: Cracking Open the Black Box of SaaS Security
In cybersecurity, context is everything. And for too long, SaaS security has lacked it. Today, we’re changing that. We’re excited to introduce..
Vulnerabilities Gonna Vulnerability—And Third-Party Risk Won’t Manage Itself
Security practitioners already know that vulnerabilities will always exist. Whether it’s the software we create, the software we purchase, or the..
Oracle Health Breach: What Security Teams Need to Know
What happened In early 2025, a breach involving Oracle Health (formerly Cerner) exposed sensitive patient data from multiple U.S. hospitals and..
Q&A with Adam Burt Part 3: The Blind Spots in SaaS Security
In Part 1 of our conversation, we explored why SaaS API logging is unreliable and impedes security teams from detecting and responding to SaaS..
Compromised GitHub Action Targets Coinbase in SaaS Security Breach
What happens when your CI/CD pipeline turns against you? In one of the more quietly devastating supply chain breaches we’ve seen this year, attackers..
Q&A with Adam Burt Part 2: The Hidden Dangers in Your SaaS Integrations
In Part 1 of our conversation, we explored why SaaS API logging is a mess—why logs are incomplete, misleading, or locked behind paywalls—and how..
New OAuth Phishing Attack on GitHub: What Security Teams Must Know
Cybercriminals have once again exploited OAuth tokens to hijack accounts—this time targeting GitHub developers through fake security alerts...
Q&A with Adam Burt Part 1: Why SaaS Breach Investigations Are So Hard
The explosion of SaaS applications has transformed how businesses operate, but SaaS security remains an underappreciated risk. To get to the heart of..
How Silk Typhoon Exploits IT Supply Chains and What You Can Do
Silk Typhoon is a China-linked advanced persistent threat (APT) group that has escalated its cyber operations, now actively targeting IT supply..
Vorlon, Securing Financial SaaS Ecosystems, Sponsors FS-ISAC 2025
The financial sector relies on SaaS applications, APIs, and third-party integrations for efficiency and innovation. But these same connections create..
Discover Vorlon at RSAC 2025: A New Approach to SaaS Ecosystem Security
Find us in the Early Stage Expo Hall The countdown to RSA Conference 2025 is on, and Vorlon is thrilled to be part of one of the most anticipated..
Grubhub Data Breach: A Costly Meal for Customers, Drivers, and Merchants
Grubhub, a major food delivery service, has recently disclosed a data breach affecting customers, drivers, and merchants. The GrubHub data breach..
APIs in Healthcare: Transforming Data Sharing, Security, & Compliance
Hospitals and healthcare providers increasingly leverage APIs to enhance data exchange between Electronic Health Records (EHRs) and various..
Meet Vorlon at ViVE 2025: Addressing Third-Party Risks in Healthcare IT
Are you heading to ViVE 2025? So are we! You’ll find Vorlon Security in the Cybersecurity Pavilion at Booth V-2727, where we will showcase how we..
The Postman Data Leak - Exposing the Hidden Risks of API Development
How poor practices in API and third-party app security leave sensitive data vulnerable The Postman data leak has revealed significant security risks..
Otelier Breach: When Hotel Management Checks Out
Hotel management platform Otelier experienced a significant data breach after cybercriminals accessed its Amazon S3 cloud storage. The breach..
Snowflake Breach Response Playbook
Summary of Breach In May 2024, Snowflake became aware of unauthorized access to some of its customer accounts, with threat-related activity going..
The Stiiizy Data Breach: Lessons for Mitigating Third-Party Security Risks
STIIIZY, a renowned cannabis brand in California, experienced a significant data breach when their point-of-sale (POS) vendor was targeted by..
BeyondTrust Breach: Implications for U.S. Treasury and beyond
BeyondTrust, a leading provider of privileged access management (PAM) solutions, recently disclosed a significant security incident involving its..
Vorlon’s Perspective on the Gartner Report: Adapt Your Third-Party API Security to 3 Specific Use Cases
Two days after I joined Vorlon Security as their VP of Marketing, Gartner included Vorlon as a representative vendor in their report: Adapt Your..
Better Together For All Parties: Salt Security and Vorlon
Introduction API security has a broad range of definitions depending on who you ask. More often than not, API security is thought of as the APIs that..
The API Security Checklist: What to Review Before Integrating a Third-Party API
Integrating third-party APIs into your application can significantly boost functionality and efficiency. However, without proper security evaluation,..
Internal vs. Third-Party APIs: Who Would Win in a Fight!?
On the digital battlefield where APIs (Application Programming Interfaces) reign supreme, knowing the strengths and weaknesses of internal versus..
Mean Time To What!?
Are you numb to the exorbitant number of security incidents happening to enterprises large and small on a daily basis yet? Sadly, the number gets..
Capgemini's Data Disaster: When Hackers Turned Consulting into Chaos
Introduction A new data breach has surfaced, and this time, it involves global IT services giant Capgemini. A hacker going by the name "grep" claims..
Fortinet Hit by Cyber Attack: Third-Party Breach Affects Asia-Pacific Customers
Introduction Fortinet, a leading global cybersecurity firm, which provides solutions like firewalls and endpoint protection disclosed a data breach..
Avis Car Rental Breach: Looks Like Cars Weren't the Only Thing Avis Was Giving Away
What Happened? Last month, Avis noticed that hundreds of thousands of customer data (including PII) had been exfiltrated. Hackers gained access to an..
Better Together: Vorlon + Tines
Summary It’s no secret, your enterprise’s third-party application landscape is complicated. Most enterprises rely heavily on third-party vendors and..
Securing More with Less: Navigating Cybersecurity in a Shrinking Budget Era
Summary In today’s cybersecurity landscape, where security budget growth has slowed compared to the rapid expansions of previous years, organizations..
Dick's Sporting Goods Breach - And How Vorlon Can Help
What happened? As reported on Bleeping Computer, on August 21, 2024, Dick's Sporting Goods discovered that there was a serious data breach. Bad..
Put the Car in Gear and Shift Correctly: Highlights From SANS DFIR Summit
Last week, at the SANS DFIR Security Summit, my colleague Mike Cioffi and I had the opportunity to dive deep into an often overlooked but critical..
HealthEquity Breach - And How Vorlon Can Help
What happened? On March 9th, 2024, hackers gained access to HealthEquity’s systems by leveraging the hijacked credentials of a third-party..
NYTimes Github Breach - And How Vorlon Can Help
What happened? In January 2024, attackers obtained an exposed GitHub token and accessed NYTimes repositories. Leveraging the exposed secret, the..