Product updates, security insights, and compliance guides
Categories
SANS Top 5 Attack Techniques All Use AI — What This Means for File Transfer
For the first time, every technique in the SANS Institute's annual Top 5 carries an AI dimension. AI-powered attackers can go from intrusion to domain admin in eight minutes. Legacy file transfer infrastructure built on static SSH keys and monolithic architectures cannot survive this threat landscape.
Why I Built MnemoShare
In 2023, the MOVEit breach became painfully personal. It forced me to confront something I had seen for decades: we keep accepting fragile security models where failure is catastrophic. MnemoShare is my answer to that experience.
Ephemeral Credentials for Healthcare Data Exchange
Long-lived credentials are the primary attack vector in healthcare data breaches. Ephemeral credentials — short-lived tokens bound to verified identities — reduce the blast radius of compromise from months to minutes.
SOC 2 Audit Logging for File Transfers: What Auditors Actually Check
SOC 2 Type II auditors examine whether your file transfer audit logs are complete, tamper-evident, and independently verifiable. Most MFT platforms fail at least one of these criteria. Here is what evidence-grade audit logging looks like.
How to Replace SFTP Keys with Short-Lived Certificates
SSH keys are permanent by default. Replacing them with short-lived certificates bound to verified identities eliminates credential sprawl and reduces the blast radius of compromise to minutes instead of months.
Zero Trust Managed File Transfer: Beyond the Perimeter
Legacy MFT platforms were built for perimeter-based security. Zero trust file transfer means no standing credentials, identity verification at every access, and audit trails that assume breach. Here is what that looks like in practice.
HIPAA-Compliant File Transfer Without SFTP
SFTP has been the default for moving PHI between organizations for decades. But SSH keys and minimal audit logging create compliance gaps that auditors increasingly flag. Here is how to move regulated healthcare data without SFTP.