Insights

This past weekend, Ryan Vargas drove the Critical Path Security #28 Dodge Challenger to another podium finish, continuing to prove why he's not only a fierce competitor but also a true ambassador for our brand. But the path to the podium wasn't without challenges. After qualifying, an individual unexpectedly walked onto pit road, forcing Ryan to take evasive maneuvers that destroyed the clutch. With rain drizzling down and time slipping away before the green flag, the DJK Racing crew jumped into action, replacing the clutch on pit road under pressure to get Ryan back into the fight. It was a testament to the grit and determination of Ryan and the entire DJK Racing team, refusing to let circumstances dictate the outcome. And the result? A dominating, hard-fought drive to the front, reminding everyone that overcoming adversity is part of the DNA of both Ryan Vargas and Critical Path Security. None…

We're proud to announce that Patrick Kelley's session at RSAC™ 2025, titled "Mental Health In Cybersecurity: ​Balancing the Scales ", has officially been recognized as a Top-Rated Session of the conference. Mental health remains one of the most underdiscussed but deeply felt issues in our industry. Patrick's session cut through the noise, bringing raw vulnerability and lived experience to the stage-and it resonated. Here's what attendees had to say: "One of the best talks on burnout in the cybersecurity sector I have ever attended." "Absolutely best session of the conference so far!" The session emphasized the importance of boundaries, balance, and breaking the silence: "This presentation caused me to take a hard look at how I interact with my team and reflect on past missteps and how I could better approach those in the future." This wasn't just another conference talk. It was a shared moment of reflection and connection-a reminder…

Critical Path Security is excited to announce that Patrick Kelley, our CEO and seasoned cybersecurity expert, will deliver specialized training on leveraging Zeek for advanced cybersecurity monitoring at the upcoming Co-op Cyber Tech conference. The event, a leading technical conference addressing cybersecurity in the cooperative space, is scheduled for June 24 - 26, 2025, in Denver, Colorado. In this highly anticipated session, titled "Zeek: Leveraging ACID and OT Protocols," Patrick will offer practical, hands-on training tailored for critical infrastructure and operational technology (OT) professionals. Participants will gain invaluable insights into effective deployment and use of Zeek for comprehensive network visibility and threat detection across IT and OT environments. Training Highlights Include: Zeek Deployment Best Practices: Optimal sensor placement strategies (external, internal, between network segments). Comprehensive Zeek Management: Mastering Zeek command-line tools and service control (zeekctl). Advanced Scaling Techniques: Distributed Zeek deployment using Docker and Ansible for enhanced performance. OT-Specific Protocol…

SharePoint phishing has become one of the most effective tactics used by attackers to compromise user credentials-and it's working because it looks familiar. If your team uses Microsoft 365, you're likely sharing and receiving SharePoint links regularly. That convenience is exactly what attackers are counting on. Here's the Red Flag: If someone shares a SharePoint document with you, you should not be prompted to log in again-especially if you're already signed in to Office 365 in your browser or desktop apps. If you're already authenticated, you shouldn't have to authenticate again. Phishing campaigns often mimic the Microsoft SharePoint sharing experience. They send a link that looks like a legitimate SharePoint document. But when you click the link, instead of seeing the document, you're redirected to a fake Microsoft login page. It looks real. It uses a Microsoft logo. It even may copy the same fonts and layout. But when you…