In modern DevOps environments, CI/CD pipelines automate code development, testing, and deployment, enabling rapid delivery and scalability while significantly expanding the attack surface. CI/CD audits conducted in 2025 and 2026 revealed that credentials leaked in repositories, misconfigured runners, insecure artifact…
Category: Focus
The increased professional use of mobile devices, mobile phones and tablets, as well as the forced adoption of remote work during the Covid crisis, have led to a multiplication of mobile work situations in companies. Two cases can be distinguished: remote work…
1. AI is no longer a fantasy, it's a reality that IAM must not miss Two years ago, we asked whether artificial intelligence (AI) could represent a revolution for IAM in our article “Artificial intelligence: a revolution in IAM? -…
Against a backdrop of heightened geopolitical tensions, recent years have been marked by an upsurge in cyber threats, illustrated by the strengthening of attackers’ capabilities, the diversification of their tactics and even the enhancement of their operations thanks to artificial…
This article is structured around four complementary approaches aimed at strengthening end‑to‑end backup security. After addressing, in Part 1, backup usability (1) and the security of the backup infrastructure (2), this second part focuses on the last two approaches: protecting…
CERT-Wavestone handles cybersecurity incidents of all types and magnitudes, from investigating a single suspicious workstation to large-scale overnight ransomware outbreaks. After 10 years of forensics investigations and crisis management at Wavestone, one thing stands out: attackers are more sophisticated than…
The rise of AI agents is redefining enterprise security Artificial intelligence has now become a structuring lever for companies: 70%¹ have already placed it at the heart of their strategy. So far, most deployments relied on conversational assistants capable…
AI is now embedded across a growing range of offensive security workflows. The most visible shift is the rise of services that apply large language models and agentic orchestration to autonomous testing activity. Some vendors have been present for years,…
Classifying an industrial system is a first step; making that classification operational in the field is another matter altogether. This is precisely where version 2.0 of the guide “Industrial Systems Cybersecurity – Detailed Measures”, published on November 27, 2025, positions itself: translating cybersecurity classes into…
The Quantum Threat Is Becoming Clearer Quantum computing poses a serious threat to today’s asymmetric cryptography and is expected to render widely used algorithms such as RSA and ECC obsolete. By contrast, symmetric cryptography (such as AES) and hash functions, maintaining an equivalent level of security…
