Traditional phishing tests that punish employees are fundamentally broken. Craig Taylor, Founder and CEO of @CyberHoots, discovered this after a $24,000 gift card scam inspired him to rethink security training entirely - building a platform that rewards good behavior instead.

Delighted to join the @getsquarex podcast with @JohnCarse — whose career spans the U.S. Navy, global finance, and tech. A conversation on resilience, AI, and why architecture aims at eternity. Design endures when it’s both creative and governed.

Learn how to implement effective extension governance that protects your organization without killing productivity through browser-native security controls with our Field CISO @JohnCarse on November 20th at 8AM PST / 11AM EST -

We had a great time at the @Gartner_inc Florida CIO & CISO Community Executive Summit, where our Field CISO @JohnCarse also spoke about "Closing the Browser Security Blind Spot" 🙌🏻 The browser has become the most exposed attack surface in enterprise environments, yet traditional

👉 "The challenge isn't whether Talos is secure; it's whether traditional security frameworks and mindsets can keep up." @DarkReading We didn't say it. Keep reading: https://t.co/3N3YoSfJV7 #Kubernetes #K8s #CloudNative #cloudcomputing

Saying hi to friends at Adversary Village and catching up with Abhijith B R (@abhijithbr), Founder of @AdversaryVillag and a past guest on our Be Fearless podcast 🙌🏻 Hosted by @JohnCarse, he shared more about his journey and the mission behind Adversary Village. Catch the full

Before founding @scythe_io, @BrysonBort built offensive cyber capabilities, led purple team ops, and served as a U.S. Army Officer. In this brand new episode, he joins @JohnCarse to talk about the why more data isn’t the answer, how “dwell time kills,” and why understanding

In today's SaaS-heavy enterprise environments, browsers have become a primary target for identity-based threats. Traditional security tools like SWGs, EDR, and IAM often miss sophisticated in-session attacks targeting user credentials and tokens. Join Field CISO @JohnCarse for

How did threat-informed defense become a movement? Jon Baker, Director & Co-founder of MITRE’s Center for Threat-Informed Defense, joins our Field CISO @JohnCarse to trace the origins of CTID and the thinking behind some of the most widely adopted frameworks in cybersecurity.

Since OpenAI launched Operator last fall, 79% of organizations have started using Browser AI Agents but few understand the risks. Join our Field CISO @JohnCarse on July 11 at 10am PDT to unpack the security implications and what SquareX uncovered in its latest research.

Since OpenAI launched Operator, the first Browser AI Agent, many other Browser AI Agents have also been released. Most clearly state its research nature on their website, warning of potential security risks of using Browser AI Agents. However, our research into Browser AI Agents

Traditional security solutions struggle with identity attacks happening directly in the browser. While SWGs, EDR, and IAM tools provide essential protection, they often miss sophisticated in-session attacks targeting user credentials and tokens in today's SaaS-heavy enterprise

Happy weekend! If you're looking for something to tune into, check out the Be Fearless Podcast. Hosted by Aleksandra Melnikova, John Carse (@JohnCarse), and Vivek Ramachandran (@vivekramac), we talk to people across the cybersecurity world about their career paths, the threats

The #Coinbase breach exposed a critical weakness in modern SaaS-heavy support environments: the browser. In his latest piece, SquareX Field CISO @JohnCarse breaks down how cybercriminals leveraged Coinbase's high-reliance on SaaS systems and insider risk to compromise customer

It was a pleasure to converse with @JohnCarse on challenges faced by a security leader. Hope it helps others navigate through challenges well!

Ever wondered how professional hackers think? In the latest episode of the Be Fearless Podcast, SquareX Field CISO @JohnCarse sits down with Abhijith B R (@abhijithbr), Founder/Head of Security Consulting at BreachSimRange, and @AdversaryVillag at DEF CON, who also has a wealth

In our recent Shadow SaaS webinar, Field CISO @JohnCarse distilled what matters most to security leaders. As he emphasized, preventing data breaches and ensuring system availability are the two core priorities for CISOs - both of which are increasingly challenged by unauthorized

Want to get an inner glimpse into our research process? Connect with our Field CISO @JohnCarse at Booth S-2361, South Expo during RSA 2025! John can walk you through our latest "Year of the Browser Bugs" discoveries on Browser Syncjacking, Polymorphic Extensions, Browser-native

In this episode of the Be Fearless Podcast, SquareX Field CISO @JohnCarse speaks with Mike Cunningham, R&D Program Manager at @MITREcorp's Center for Threat-Informed Defense. Mike brings his unique background from the Navy and NSA to discuss how organizations can better defend

A sobering reality check: a staggering 70% of SaaS applications in organizations operate outside IT and security control. With hundreds of unsanctioned apps handling sensitive company data without proper security measures like SSO or MFA, organizations face unprecedented blind