Daniel Kennedy

I'm sorry to hear that. I felt they made a big mistake 16 years ago when they pulled this with Brian Krebs, and I feel that way again reading this. Cybersecurity is too important a topic not to have respected tenured reporters at a newspaper of record.

Transition from isolation to exposure brings evolving threats to IoT and OT systems - blog.451alliance.com/transition-f...

Any SecOps capabilities that can be automated or simplified represent opportunities for security services providers to dramatically streamline and improve MSS delivery. blog.451alliance.com/genai-is-str...

"Automating aspects of detection, analysis or response, including outside tool coordination and data retrieval, can streamline repeatable incident response tasks in chronically understaffed security operations centers (SOCs)." blog.451alliance.com/organization...

Recent attacks amplify the need for software supply chain security The 451 Alliance shares recent survey findings on all things application security, including pain points cited by security professionals.

Recent attacks amplify the need for software supply chain security - blog.451alliance.com/recent-attac...

Agentic AI complicates the picture around non-human identities What are the specific pain points around identity security facing Security leader’s today? The 451 Alliance shares recent survey findings.

blog.451alliance.com/agentic-ai-c...

Black Hat and DefCon Next in Tech · Episode

The annual “security summer camp” that is made up of the Black Hat and DefCon conferences is just past and the security analyst team, Scott Crawford, Dan Kennedy, Justin Lam & Mark Ehr, join host Eric Hanselman to examine what they saw and discuss the implications.

open.spotify.com/episode/1itd...

Reflections from Black Hat USA 2025 Our team’s #BlackHat2025 recap is up on the latest Next in Tech podcast, where Scott Crawford, Mark Ehr, Justin Lam, and I join Eric Hanselman to provide our impressions of the conference. We encourag...

Reflections from Black Hat USA 2025 - www.linkedin.com/pulse/reflec... #BlackHat

Use of GenAI security solutions has spiked, continued uptake projected: blog.451alliance.com/use-of-genai...

Turns out it’s not the company clothing store…

Webinar Recap: Reimagining Application Security Posture Management In a timely discussion hosted by S&P Global Market Intelligence, Principal Research Analyst Daniel Kennedy sat down with Idan Plotnik (Founder of Apiiro) and Jason Espone (Global Head of Application S...

apiiro.com/blog/webinar...

AI Delivers AppSec Gains, but Ransomware Overconfidence Persists Cybersecurity leaders are embracing generative AI for its practical value in security operations and application security. But as ransomware tactics evolve, S&P's

I had the opportunity again this year at #RSAC to discuss my latest end user security research with @mathewjschwartz.bsky.social at the ISMG studio.

Full interview: www.databreachtoday.com/ai-delivers-...

RSA Conference Preview YouTube video by S&P Global Market Intelligence

#RSAC 2025 - www.youtube.com/watch?v=F7GX...

Thank you to all who joined our 451 #RSAC breakfast this year, it was great catching up, however briefly.

As the RSA Conference kicks off this week, listen to our conference preview on the Next in Tech podcast: www.spglobal.com/market-intel... #rsac2025

I recently had the opportunity to sit down with a couple of folks who have spent significant time working out real world challenges in enterprise application security programs, catch the replay here: event.on24.com/wcc/r/490723...

Security talent gap cannot be expressed in job numbers alone The 451 Alliance shares key findings from a recent information security study. The topic? Organizational behavior.

How important are information security certifications?

Almost half (47%) of respondents to our recent survey note certifications are very important, and they require job candidates to have them. Another 43% note they are somewhat important - blog.451alliance.com/security-tal...

Meta just fired about 20 employees for leaks The Facebook parent company fired the workers for sharing confidential information

From an old hand, step 1 in the 'finding leakers' handbook is...don't announce you're looking for or have found leakers. I know you think it has a deterrence effect, it doesn't. You want folks to make mistakes and leave bread trails, not get better at leaking information.

qz.com/meta-fires-2...

a man in a black shirt and tie is writing on a notebook with a pen . ALT: a man in a black shirt and tie is writing on a notebook with a pen .

Let's see, from what I'm reading you're making some demands here, somewhat impolitely, I just need to check a couple things...

- Yup, not in my chain of command, ok, next thing...

- You don't add value, either now or project to in the future...

And there you go, right on the 'pay no mind' list.

"We have a new guideline in place, if you could just sign the form..."

Gotcha, well I apologize, I have a process where I'm not allowed to 'just sign' anything I don't understand or agree with or that lacks the force of law, you understand, can't be upsetting the folks upstairs here at Kennedy Inc.

"SecOps managers said they were aware of but unable to investigate 43% of alerts they received through security operations center (SOC) tools.It's a number that has remained consistent over the years..."

www.techtarget.com/searchitoper...

TikTok replaced Vine, and if it’s banned something will replace it (YouTube shorts and Instagram reels among the options). All of these ‘it will be healthy’ takes…20 million kids aren’t going to walk outside and rub their eyes in the sun, and then ‘play until the street lights come on’.

Explosive use of GenAI in 2023 results in need to secure it What's in store for 2024? The 451 Alliance asks security professionals about their planned spending for the new year.

Explosive use of GenAI in 2023 results in predictable need to secure it - blog.451alliance.com/explosive-us...

Multicloud multiplies the pain for information security - 451 Alliance The 451 Alliance explores the evolution of cloud security practices in organizations and key pain points identified in securing the cloud.

Multicloud multiplies the pain for information security - blog.451alliance.com/multicloud-m...

Ransomware Defender Risk: 'Overconfidence' in Security Tools Are your defenses against ransomware good enough to survive contact with the enemy? Don't be so sure. A new study from market researcher 451 Research finds that "overconfidence in security tooling rem...

"indicating the importance of a resilience-based strategy focusing on backup technologies such as immutable storage" www.databreachtoday.com/blogs/ransom...

Don’t celebrate #ransomware’s decline just yet - blog.451alliance.com/dont-celebra...

I had the opportunity to sit down with Beth Pariseau on her podcast for a wide ranging discussion on the notion of a cybersecurity skills shortage & the effects of the Crowdstrike outage on a long-running debate about platforms vs best-of-breed: www.podbean.com/media/share/...

Exploring the shifts in attitudes around 'coordinated disclosure': www.veracode.com/sites/defaul...

Managing privileged identities remains a headache for organizations’ security leaders — it is the top-cited pain point in identity management (36%). blog.451alliance.com/privileged-i...

App Sec and the shift to DevSecOps with 451 Research and GitLab YouTube video by GitLab

App Sec and the shift to DevSecOps, a conversation with GitLab: www.youtube.com/watch?v=LFtW...