Joel is the Director of Content and a co-founder at Expert Insights; a rapidly growing media company focused on covering cybersecurity solutions.
He’s an experienced journalist and editor with 8 years’ experience covering the cybersecurity space. He’s reviewed hundreds of cybersecurity solutions, interviewed hundreds of industry experts and produced dozens of industry reports read by thousands of CISOs and security professionals in topics like IAM, MFA, zero trust, email security, DevSecOps and more.
He also hosts the Expert Insights Podcast and co-writes the weekly newsletter, Decrypted. Joel is driven to share his team’s expertise with cybersecurity leaders to help them create more secure business foundations.
Latest versions of Anthropic’s AI coding tool are backdoored to access data, the Chinese government claims. Anthropic says Chinese users shouldn't be accessing Claude anyway.
by Akshaya Asokan
We reviewed the leading Salesforce backup platforms on granularity of object-level recovery, backup frequency, and how they handle metadata alongside standard CRM records.
The initiative seeks to build agentic cyber defense using frontier AI models.
by Akshaya Asokan
CISA has reportedly deployed Anthropic’s Mythos to catch bugs in federal code.
by Akshaya Asokan
An exposed cloud server acting as a LiteLLM proxy to Amazon Bedrock was compromised and used to mine cryptocurrency.
by Alessandro Mascellino
BlackCloak's Dr. Chris Pierson on why healthcare executives are uniquely exposed, and how digital vulnerabilities are becoming physical threats.
We reviewed the leading API security testing tools on the depth of endpoint discovery, how accurately each identifies OWASP API Top 10 vulnerabilities, and the developer-facing output that determines whether findings get fixed or ignored.
The best all-in-one RMM and PSA software for MSPs, compared by Expert Insights.
We've evaluated the best browser security solutions for small businesses to help lean security and IT teams protect web-based work, prevent data loss, and stop phishing without heavy infrastructure or dedicated security staff.
We reviewed 10 DSPM platforms on discovery coverage, classification accuracy, remediation capabilities, and AI governance features. Here's how they compare for enterprise security teams.
We compared 10 AI SOC platforms on triage depth, autonomous response controls, and false positive rates. The results were more varied than the marketing suggests.
We reviewed the leading SOC automation platforms on playbook depth, integration breadth, and how much manual work they actually eliminate. Some deliver; some don't.
We reviewed 8 ISPM platforms on the depth of identity risk discovery, how accurately each identifies misconfigured permissions and risky access paths, and the integration quality with the IAM and directory tools security teams already use.
We reviewed 8 secure file-sharing and storage services on how well each enforces security policies when files are shared externally, the granularity of access controls, and the compliance certifications that matter for regulated industries.
We reviewed 5 privacy-focused email and productivity suites on encryption architecture, data residency options, and how well each supports the compliance obligations of organizations that cannot accept standard cloud data processing terms.
We reviewed 10 secure document-editing platforms on how well each maintains security controls throughout the collaboration lifecycle, from initial creation through external sharing and final archiving.
We reviewed 11 secure collaboration tools on encryption depth, how well DLP policies hold up during real collaboration workflows, and whether admin controls give security teams the visibility and enforcement they need at organizational scale.
We reviewed 10 cloud collaboration platforms on the granularity of admin controls, how well each enforces security policy for external collaboration, and the encryption architecture that determines what happens to your data if the vendor is compromised.
We reviewed 11 human risk management platforms on the sophistication of individual risk scoring, how well training is adapted based on measured behavior, and the reporting that gives security teams evidence of real risk reduction over time.
We reviewed 10 cybersecurity intelligence and telemetry feeds on threat coverage breadth, update frequency, and how well each integrates with SIEM and SOAR platforms to drive automated response.
We reviewed 8 cybersecurity professional services providers on the range of disciplines covered, engagement model flexibility, and the evidence of real-world outcomes. Here's what we think is worth considering.
We reviewed 8 customizable cybersecurity service providers on engagement model range, technical depth at each tier, and the evidence of genuine flexibility when client requirements change.
We reviewed the leading managed cybersecurity service providers on the breadth of protection they deliver, analyst quality, and the compliance support that matters for organizations in regulated industries.
We reviewed 9 platforms against CMMC 2.0 requirements across Levels 1, 2, and 3. Here's what we found for defense contractors working toward certification.
We reviewed the leading AI compliance platforms on how well they map to the EU AI Act, NIST AI RMF, and emerging sector-specific requirements, and whether the governance workflows they provide are operational or just documentation.
We reviewed 10 compliance training platforms on content library depth, completion tracking, and how well they map to specific regulatory frameworks. Engagement quality varied considerably.
We reviewed the leading secure data management platforms on classification accuracy, policy enforcement depth, and how well they support audit and compliance workflows across enterprise data environments.
We reviewed the leading business continuity and alerting solutions on how quickly they surface disruption events, the reliability of alert delivery across communication channels, and how well each integrates with incident response workflows.
We reviewed the leading EUC risk management tools on the accuracy of end-user computing asset discovery, the depth of version and change controls, and how well each supports the audit evidence that regulators require.
We reviewed the leading compliance tracking solutions on framework breadth, control mapping quality, and how well each surfaces gaps before they become findings during an audit.
Our list of the top alternatives to NinjaOne for RMM, MDM, UEM, device control, and patch management. We looked at each platform based on its ability to address the same use cases as NinjaOne, as well as testing its performance, ease of use, and scalability.
We reviewed the leading Rippling IT alternatives on core IT management capabilities, how well they handle device lifecycle management independently of HR workflows, and the pricing models available at different scales.