Melinda Marks's Avatar

Melinda Marks

@melindamarks.bsky.social

Writer, gardener, music lover. Day job is Practice Director, Cybersecurity, at Omdia covering cloud native security, app sec (formerly @solublecloud, StackRox,Qualys, VMware), opinions are my own

227 Followers  |  215 Following  |  25 Posts  |  Joined: 22.11.2023  |  1.9616

Latest posts by melindamarks.bsky.social on Bluesky

Preview
AI Scams Are Growing Up Faster Than Kids AI scams, early device use and limited supervision are reshaping digital parenting. Here's how and what parents can do about it.

AI is helping attackers target mobile devices and our children who are increasingly online. Learn more and gain practical tips to help your family stay safe online.
#cybersecurityawareness #cybersecurity #onlinesecurity #AIscams #CSAM #childsafety
www.forbes.com/sites/tonybr...

29.10.2025 01:10 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image Post image

Another update from #Qualys #ROCon keynote w/ Shailesh Athalye: integration of identity security w/ TruRisk Platform pulling data from Active Directory for context to mitigating risk from access points.
#identitysecurity #riskmanagement #trurisk #riskremediation #attacksurfacemanagement

15.10.2025 17:03 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image Post image Post image

More from #Qualys #ROCon on their work eliminating risk, including their application of #AgenticAI to automate remediation
#ciso #infosec #threatintelligence #Secops #soc #patchmanagment #vulnerabilitymanagement #riskmanagement #AI

15.10.2025 16:55 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image Post image Post image

The #Qualys user conference: Qualys Security Conference, #QSC, is now the Risk Operations Conference (ROCon). CEO/President Sumedh Thakar describes their journey: from #vulnerabilitydetection to patch management, to #riskmanagement, to #ROCon
#VulnerabilityManagement #infosec #ciso #cybersecurity

15.10.2025 16:53 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image Post image Post image Post image

Updates to @HashiCorp Security Lifecycle Management (SLM) for #vault help with #secretmanagement. Keynote with @armon.bsky.social β€œYou have to protect secrets everywhere, the attackers only have to find it once.”
@hashiconf #IAM #appsec #devsecops #securedevelopment

25.09.2025 23:28 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Security Lifecycle Management (SLM) enhancements in today’s #hashiconf keynote: @armon.bsky.social covered how security can work with platform engineers and development to manage vulnerabilities and exposure from #secrets sprawl with #Vault.
#secretsmanagement #appsec #devsecops #infosec

25.09.2025 23:21 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Announcements at #hashiconf:
#ILM updates help #security: HCP #Terraform Stacks GA scales configuration management and betas for Terraform Search and Terraform Actions trigger actions with resources at various points in the development lifecycle.
#appsec #devsecops
#infosec
#cybersecurity #cyber

25.09.2025 23:14 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image Post image

Today #hashiconf keynote celebrated its 10th year! @armon.bsky.social described how their view of the world has been supporting hybrid infrastructure, operationalizing what's needed to build applications and support #AI adoption. This helps w/ #cybersecurity!
#devsecops #terraform #IaC #appsec

25.09.2025 23:12 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Identity and data security themes at Black Hat 2025 | TechTarget Explore Black Hat 2025's top trends around agentic AI security, identity verification against deepfakes and preparing for post-quantum cryptography.

The Blackhat summary blog is live! If you choose "Agentic AI", you won the buzzword bingo contest. The blog has details on trends/ announcements around identity security and data security (and, of course, it touches on AI agents!). www.techtarget.com/searchsecuri...

20.08.2025 13:29 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
DLP and DSPM: Navigate policy challenges and quiet alert noise | TechTarget Discover how DSPM and DLP technologies work together to solve alert fatigue and policy challenges in modern data security programs.

New Blog Published: Running into Data Loss Prevention (#DLP) alert noise and figuring out how Data Security Posture Management (#DSPM) plays with DLP? Check out the blog and Enterprise Strategy Group research for insights to help your data security team - www.techtarget.com/searchsecuri...

28.07.2025 17:59 β€” πŸ‘ 1    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
@ Black Hat USA 2025 - BrightTALK @ Summits Live-streamed expert conversations between industry professionals and Enterprise Strategy Group analysts, powered by TechTarget Studios. Join us for a virtual experience as we stream live and speak to...

Our #cybersecurity Enterprise Strategy Group
analysts will be at #BlackHatUSA hosting BrightTALK @ Summit sessions. Spots are filling up fast. Follow the link or ping us to learn more.

at-summits.brighttalk.com/summit/7043/

#infosec #cloudsecurity #appsec #blackhat #lasvegas

01.07.2025 19:05 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
The Imperative to Involve Security Starting Early in Application Development Processes - Enterprise Strategy Group Demands for breakneck speed in application development certainly aren’t going away in increasingly competitive business environments.

Check out the new research brief here on the importance of getting security involved as early as possible in the development processes from my study on the State of #DevSecOps and #CloudSecurity Platforms.
#securedevelopment #appsec #shiftleft #cloudnativesecurity #cloudsecurity #cnapp

10.06.2025 15:52 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Signalgate: Learnings for CISOs securing enterprise data | Computer Weekly A leak of information on American military operations caused a major political incident in March 2025. The Security Think Tank considers what can CISOs can learn from this potentially fatal error.

What's an enterprise CISO to do in slight of #signalgate? My thoughts are published in @computerweekly.bsky.social . TL;DR it is about security culture more than technical controls (but don't forget those controls ... and their limitations!). www.computerweekly.com/opinion/Sign...

02.05.2025 16:19 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
RSAC 2025 to center on agentic AI, GenAI in security | TechTarget Security leaders at RSA conference will learn how to support their organizations' use of AI while managing security risks.

#AgenticAI will be a game changer for #cybersecurity! πŸ’₯ Read my Enterprise Strategy Group colleague Dave Gruber's post on how it helps #SecOps (and check out his latest research on πŸš€ The Future of SecOps in an AI Driven World!)
#AI #SecurityOperations www.techtarget.com/searchsecuri...

26.04.2025 01:14 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
RSAC 2025 to center on agentic AI, GenAI in security | TechTarget Security leaders at RSA conference will learn how to support their organizations' use of AI while managing security risks.

New blog alert! 🚨 At #RSAC am looking forward to deep dives into #AI adoption and how applying #genAI πŸ€– and #agenticAI help #cybersecurity teams scale πŸ“ˆ.
#infosec #artificialintelligence #RSAC2025 #AIsecurity
www.techtarget.com/searchsecuri... via @techtargetnews

25.04.2025 21:14 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
3 EUC security topics I'll be looking for at RSAC 2025 | TechTarget Those interested in RSA Conference 2025 should learn what topics to focus on at this upcoming conference.

New post on what to expect at #RSAC next week for email and endpoint security from my Enterprise Strategy Group colleague @gabeknuth.bsky.social
#RSAC2025 #EUC #EndpointSecurity #EmailSecurity #GenerativeAI #CyberSecurity #Phishing #BEC
www.techtarget.com/searchenterp... via TechTarget

23.04.2025 20:48 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Keynote at #GoogleCloudNext - demo of Google Unified Security (GUS) utilizes agentic AI to analyze data from typically siloed tools, adding context and intelligence for rapid remediation and security hardening.
#cybersecurity #cloudsecurity #vulnerabilitymanagement #threatintelligence #devsecops

09.04.2025 17:44 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image Post image Post image

Fun way to kick off #googlecloudnext at the Sphere: Sundar Pichai showcases how #AI helps brings us new experiences reducing the huge amount of work it would take to create an immersive experience.

09.04.2025 00:30 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
What the $32B Google-Wiz deal says about cloud-native security | TechTarget Google's purchase of Wiz for $32 billion highlights the importance of cloud-native security.

Here's my take on the @wiz_io acquisition & how #cloudnative security solutions have evolved. This a πŸ”₯ space and this post explores the evolution over the past 10 years.
#cloudsecurity #CSPs #cloudnative #devsecops #applicationsecurity
#appsec www.techtarget.com/searchsecuri... via @techtargetnews

27.03.2025 16:11 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
@ RSA Conference 2025 USA Live-streamed expert conversations from the showfloor at the Moscone Center in San Francisco! Hear from security / IT / cyber / risk professionals and Enterprise Strategy Group Analysts, powered by Te...

The entire Enterprise Strategy Group
#cybersecurity team is excited for #RSAC2025. We'll be in Broadcast Alley again this year filming sessions. Ping us with your ideas for topics and/or to participate! at-summits.brighttalk.com/summit/7001/
#infosec #rsac

13.02.2025 22:40 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
The Value of Early Analyst Engagement for Startup Marketing Success - Enterprise Strategy Group Joining a startup is exciting. You get to bring a new product or service to market that solves customer problems. Success depends on focusing the internal team on creating a unique offering that serve...

I am often asked about when #startups should engage with industry analysts, so I wrote this blog post about how we at Enterprise Strategy Group help startups with product market fit #PMF and #GTM strategy
#cybermarketing #startupmarketing #analystrelations
www.techtarget.com/esg-global/b...

29.01.2025 22:57 β€” πŸ‘ 7    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Too many 'point'less tools: Platformization is better | TechTarget The security community has long debated the merit of point products vs. platforms. Follow this cheat sheet to get started toward platformization.

Cybersecurity point product vs platforms? A new @tylershields.bsky.social blog weighs in on the debate. I am of the view that "it depends" and "s--t has gotta work" - www.techtarget.com/searchsecuri...

24.01.2025 16:53 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Useful series here πŸ‘‡ for anyone considering making the move from a Mac 🍎 to a PC πŸ’» from my awesome Enterprise Strategy Group colleague Gabe Knuth.
#Dell #MacOS #MSWindows #windowsPC #ARM #microsoft #applecomputers

06.01.2025 19:01 β€” πŸ‘ 1    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
The basics drive 2025 identity security investments | TechTarget Before investing in shiny new technologies, enterprises know they need foundational identity security technologies and processes in place. Learn more.

Lots of #cybersecurity talk about zero day threats, but the basics will drive identity security investments (AKA identity & access management) according to the Enterprise Strategy Group 2025 Technology Spending Intentions survey. www.techtarget.com/searchsecuri...

03.01.2025 22:40 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 1
2025 cloud-native cybersecurity predictions | TechTarget From increased investments in cloud security to GenAI, IAM and tool consolidation, read the top cloud-native security predictions for 2025.

Wondering what's in store for 2025 for cloud-native security? Here are my predictions, including vendors addressing key areas
#cloudsecurity #devsecops #genAIsecurity #appsec #applicationsecurity #ASPM #CNAPP #riskmanagement #remediation #softwaresupplychainsecurity #vulnerabilitymanagement

03.01.2025 17:26 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 1
Preview
Challenges Leveraging Generative AI for Modern Application Security - Enterprise Strategy Group Organizations are looking to adopt generative AI (GenAI) to enable employees, especially software developers, to increase productivity and gain a competitive advantage.

πŸ†• research on #genAI challenges for modern #appsec. as they need to support developer adoption of #AI, genAI and #chatbots
This is available for @esg_global clients but ping me to learn more
#cloudnativesecurity #applicationsecurity #developersecurity #devsecops
www.techtarget.com/esg-global/r...

18.12.2024 01:37 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
2025 identity security and data security predictions | TechTarget Read six predictions about identity security and data security for 2025, including entitlement management gaps closing and GenAI compliance becoming clearer.

It is December, time for chestnuts roasting on the open fire, dreidels spinning, and 2025 #cybersecurity predictions! My 2025 prognostications blog just published, a lovely holiday concoction of identity security and data security predictions. www.techtarget.com/searchsecuri...

05.12.2024 21:34 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
Introducing Wiz Defend | Wiz Blog We’re excited to announce the public preview of Wiz Defend, a cloud-native detection and response solution.

Excellent to see as our #CDR research shows challenges and the need to optimize efficiency for cloud threat detection and response (CDR). #SecOps need to optimize remediation and speed response.
#cybersecurity #cloudsecurity #devsecops #secops #SIEM #appsec #CNAPP www.wiz.io/blog/introdu...

02.12.2024 20:01 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Introducing Amazon GuardDuty Extended Threat Detection: AI/ML attack sequence identification for enhanced cloud security | Amazon Web Services AWS extends GuardDuty with AI/ML capabilities to detect complex attack sequences across workloads, applications, and data, correlating multiple security signals over time for proactive cloud security.

New #AWS #GuardDuty threat detection capabilities: applies AI/ML to identify active attack sequences in AWS environments, including access/privilege discovery, API manipulation, data exfiltration.
#awsreinvent #cybersecurity #cloudsecurity #CDR #TDIR #AI aws.amazon.com/blogs/aws/in...

02.12.2024 19:40 β€” πŸ‘ 4    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Experimental view on #KubeCon topics in Salt Lake (based on BlueSky tag combinations). Is this usefule? #CNCF #CloudNative #ESG

01.12.2024 05:37 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

@melindamarks is following 19 prominent accounts