from the gaming-like-it’s-1930 dept

It’s time for the second in our series of spotlight posts looking at the winners of our eighth annual public domain game jam, Gaming Like It’s 1930! We’ve already covered the Best Adaptation winner, and this week we’re looking at the winner of Best Deep Cut: CARAMENTRAN by RedSPINE and poymakes.

Sometimes, we get entries that were designed for more than one game jam, and this is one of them. In this case, the game was also created for the Themed Horror game jam in which one of the themes was “macabre carnival”. CARAMENTRAN delves specifically into a Provençal carnival tradition from France, in which the “King of Carnival” or Caramentran is put on trial for all the year’s ills then burned at the stake in punishment. As the player, you are Caramentran himself, trying to ward off accusations from the villagers while extinguishing the flames at your feet in a grimy, unsettling horror arcade game.

It’s a fitting premise for a horror game, but what makes it special for this game jam is its visual assets, drawn from a variety of public domain sources. The game’s hauntingly hideous aesthetic comes from a collage of archive images and postcards of actual carnivals in Southern France, combined with figures taken from American magazines, ads, and fashion plates.

Many of the materials are from 1930, while many others are from earlier, and the combination of wildly different styles is viscerally jarring in a way that amplifies the horror. There are no widely recognized images or famous works of art here, only fragments of visual language plucked piece by piece from the vast sea of imagery in the public domain, and for that it’s this year’s Best Deep Cut.

Congratulations to RedSPINE and poymakes for the win! You can play CARAMENTRAN in your browser on Itch. We’ll be back next week with another winner spotlight, and don’t forget to check out the many great entries that didn’t quite make the cut. And stay tuned for next year, when we’ll be back for Gaming Like It’s 1931!

Filed Under: game jam, games, gaming, gaming like it’s 1930, public domain, winner spotlight

The security industry has spent the last year talking about models, copilots, and agents, but a quieter shift is happening one layer below all of that: Vendors are lining up around a shared way to describe security data. The Open Cybersecurity Schema Framework (OCSF), is emerging as one of the strongest candidates for that job.

It gives vendors, enterprises, and practitioners a common way to represent security events, findings, objects, and context. That means less time rewriting field names and custom parsers and more time correlating detections, running analytics, and building workflows that can work across products. In a market where every security team is stitching together endpoint, identity, cloud, SaaS, and AI telemetry, a common infrastructure long felt like a pipe dream, and OCSF now puts it within reach.

OCSF in plain language

OCSF is an open-source framework for cybersecurity schemas. It’s vendor neutral by design and deliberately agnostic to storage format, data collection, and ETL choices. In practical terms, it gives application teams and data engineers a shared structure for events so analysts can work with a more consistent language for threat detection and investigation.

That sounds dry until you look at the daily work inside a security operations center (SOC). Security teams have to spend a lot of effort normalizing data from different tools so that they can correlate events. For example, detecting an employee logging in from San Francisco at 10 a.m. on their laptop, then accessing a cloud resource from New York at 10:02 a.m. could reveal a leaked credential.

Setting up a system that can correlate those events, however, is no easy task: Different tools describe the same idea with different fields, nesting structures, and assumptions. OCSF was built to lower this tax. It helps vendors map their own schemas into a common model and helps customers move data through lakes, pipelines, security incident and event management (SIEM) tools without requiring time consuming translation at every hop.

The last two years have been unusually fast

Most of OCSF’s visible acceleration has happened in the last two years. The project was announced in August 2022 by Amazon AWS and Splunk, building on worked contributed by Symantec, Broadcom, and other well known infrastructure giants Cloudflare, CrowdStrike, IBM, Okta, Palo Alto Networks, Rapid7, Salesforce, Securonix, Sumo Logic, Tanium, Trend Micro, and Zscaler.

The OCSF community has kept up a steady cadence of releases over the last two years

The community has grown quickly. AWS said in August 2024 that OCSF had expanded from a 17-company initiative into a community with more than 200 participating organizations and 800 contributors, which expanded to 900 wen OCSF joined the Linux Foundation in November 2024. 

OCSF is showing up across the industry

In the observability and security space, OCSF is everywhere. AWS Security Lake converts natively supported AWS logs and events into OCSF and stores them in Parquet. AWS AppFabric can output OCSF — normalized audit data. AWS Security Hub findings use OCSF, and AWS publishes an extension for cloud-specific resource details. 

Splunk can translate incoming data into OCSF with edge processor and ingest processor. Cribl supports seamless converting streaming data into OCSF and compatible formats.

Palo Alto Networks can forward Strata sogging Service data into Amazon Security Lake in OCSF. CrowdStrike positions itself on both sides of the OCSF pipe, with Falcon data translated into OCSF for Security Lake and Falcon Next-Gen SIEM positioned to ingest and parse OCSF-formatted data. OCSF is one of those rare standards that has crossed the chasm from an abstract standard into standard operational plumbing across the industry.

AI is giving the OCSF story fresh urgency

When enterprises deploy AI infrastructure, large language models (LLMs) sit at the core, surrounded by complex distributed systems such as model gateways, agent runtimes, vector stores, tool calls, retrieval systems, and policy engines. These components generate new forms of telemetry, much of which spans product boundaries. Security teams across the SOC are increasingly focused on capturing and analyzing this data. The central question often becomes what an agentic AI system actually did, rather than only the text it produced, and whether its actions led to any security breaches.

That puts more pressure on the underlying data model. An AI assistant that calls the wrong tool, retrieves the wrong data, or chains together a risky sequence of actions creates a security event that needs to be understood across systems. A shared security schema becomes more valuable in that world, especially when AI is also being used on the analytics side to correlate more data, faster.

For OCSF, 2025 was all about AI

Imagine a company uses an AI assistant to help employees look up internal documents and trigger tools like ticketing systems or code repositories. One day, the assistant starts pulling the wrong files, calling tools it should not use, and exposing sensitive information in its responses.

Updates in OCSF versions 1.5.0, 1.6.0, and 1.7.0 help security teams piece together what happened by flagging unusual behavior, showing who had access to the connected systems, and tracing the assistant’s tool calls step by step. Instead of only seeing the final answer the AI gave, the team can investigate the full chain of actions that led to the problem.

What’s on the horizon

Imagine a company uses an AI customer support bot, and one day the bot begins giving long, detailed answers that include internal troubleshooting guidance meant only for staff. With the kinds of changes being developed for OCSF 1.8.0, the security team could see which model handled the exchange, which provider supplied it, what role each message played, and how the token counts changed across the conversation.

A sudden spike in prompt or completion tokens could signal that the bot was fed an unusually large hidden prompt, pulled in too much background data from a vector database, or generated an overly long response that increased the chance of sensitive information leaking. That gives investigators a practical clue about where the interaction went off course, instead of leaving them with only the final answer.

Why this matters to the broader market

The bigger story is that OCSF has moved quickly from being a community effort to becoming a real standard that security products use every day. Over the past two years, it has gained stronger governance, frequent releases, and practical support across data lakes, ingest pipelines, SIEM workflows, and partner ecosystems.

In a world where AI expands the security landscape through scams, abuse, and new attack paths, security teams rely on OCSF to connect data from many systems without losing context along the way to keep your data safe.

Nikhil Mungel has been building distributed systems and AI teams at SaaS companies for more than 15 years.

Welcome to the VentureBeat community!

Our guest posting program is where technical experts share insights and provide neutral, non-vested deep dives on AI, data infrastructure, cybersecurity and other cutting-edge technologies shaping the future of enterprise.

Read more from our guest post program — and check out our guidelines if you’re interested in contributing an article of your own!

It’s easier now to stay connected wherever you are, but getting to that point is still complicated. Wireless plans for phones and home internet plans are typically two separate things, with some crossover or discounts if you get them from the same provider.

AT&T OneConnect puts wireless and home service together in one bundle, with unlimited mobile data for up to 10 voice lines and gigabit broadband at home. However, it’s limited to new AT&T customers only. Here’s how the details break down.

OneConnect offers three pricing tiers, billed monthly:

• Individual — $90: One member, one voice line, up to three data devices and one household with 1Gbps internet.

• Duo — $120: Two members, two voice lines, up to six data devices and one household with 1Gbps internet.

• Family — $225: Unlimited members, up to 10 voice lines, up to 10 data devices and one household with 1Gbps internet.

One notable detail is that the OneConnect subscription prices listed above include taxes and fees, a practice that’s quickly becoming increasingly rare among major carriers. On many plans, including AT&T’s newest wireless plans, those costs are added on top.

For comparison, an AT&T bundle for two people with unlimited wireless and gigabit-speed home internet would cost about $225, including two lines on the AT&T Premium 2.0 plan and AT&T Internet 1000 fiber at $65. For one person, a single Premium 2.0 wireless plan costs $90, plus $65 for home fiber. (It’s also important to note that speeds and availability vary depending on your location.) 

As with any new connection plan, you’ll want to scrutinize the details so you know what you’re getting into.

For instance, OneConnect is currently limited to new customers; existing AT&T customers have no migration path to combine their broadband and wireless services under this digital umbrella. According to an AT&T spokesperson, “Once we gather customer feedback and validate the experience with our initial cohort, we will make OneConnect available to as many customers as possible.”

It’s also entirely BYOD — or ‘bring your own device’: “Limited to bring your own eSIM compatible, unlocked smartphones, tablets, and wearables,” reads the fine print on AT&T’s press statement. There are no phone deals tied to OneConnect, although the spokesperson didn’t rule out that possibility in the future.

Unlike AT&T’s standalone wireless plans, OneConnect follows a one-size-fits-all model. One benefit of AT&T mobile service is that each person on an account can select their own plan. For instance, a parent might choose AT&T Premium 2.0, while a teen could opt for the cheaper but more limited AT&T Value 2.0.

Other major carriers offer home internet and mobile service bundles, but they’re not packaged in the same way. Verizon and T-Mobile, for example, provide discounts if you’ve signed up for both types of plans. 

AT&T is betting that account owners will want a simpler, bundled service instead of two separate plans. With unlimited talk, texting, data and AT&T’s Active Armor service for filtering out unwanted calls and texts, that’s a size that does seem to fit all.

Lucid Group finished 2025 on an upswing — building twice as many EVs as the previous year and reporting a 55% uptick in sales. Then the first quarter of 2026 arrived.

The company, which makes the Air sedan and Gravity SUV, reported Friday that it sold 3,093 vehicles in the first quarter, a 42% drop from the previous quarter and about 0.5% lower than the same period last year. It had built many more, about 5,500 in total.

Lucid said the sales dip, and the gap between production and deliveries, is not a demand problem. Instead, the company blames a supplier quality issue with its second-row seats, which disrupted deliveries of the Lucid Gravity for 29 days.

The supplier issue also prompted Lucid to recall more than 4,000 Gravity SUVs. Lucid told the National Highway Traffic Safety Administration that it discovered some of the anchors for the SUV’s second-row seat belts were not properly welded.

Lucid spokesperson Nick Twork confirmed to TechCrunch that the decrease in sales was tied to problems with the supplier. He said that due to an unapproved change made by a supplier, the company issued a stop on Gravity sales that lasted most of February to ensure proper vehicle quality before restarting them. Twork made a point of noting Lucid’s more recent success, saying that “following eight record quarters, we showed strong results in both January and March which very nearly achieved year-over-year growth on their own.” 

Lucid said in its securities filing Friday that the issue has been addressed, and the company seems confident that disruption won’t affect its production goals.

Lucid reaffirmed its previously announce production guidance of between 25,000 and 27,000 vehicles this year. Lucid built 18,378 EVs in 2025. That would represent an increase of as much as 47% from last year.

Lucid’s seat supplier troubles come as the company prepares to start building its first vehicle on a new lower-cost platform aimed at the mass market. Lucid has said that first vehicle will cost around $50,000, a price point that will put it in direct competition with the upcoming Rivian R2 SUV, as well as existing products like the Tesla Model Y, Tesla Model 3, and Chevrolet Equinox EV.

Database credentials remain one of the most common attack vectors in enterprise breaches, yet most organisations still manage them through shared spreadsheets, hardcoded connection strings, or standalone credential vaults with no session oversight. Keeper Security, the Chicago-based cybersecurity company best known for its password management platform, is attempting to close that gap with KeeperDB, a new capability that embeds database access controls directly into its privileged access management (PAM) platform.

The product was announced at RSA Conference 2026 in San Francisco, where Keeper also collected 18 industry awards across categories including password management, privileged access management, and zero-trust security.

What KeeperDB actually does

KeeperDB adds a vault-native database access interface to KeeperPAM, Keeper’s unified privileged access management platform. In practical terms, this means developers, database administrators, and security teams can connect to MySQL, PostgreSQL, Oracle, and Microsoft SQL Server databases directly from the Keeper Vault, without exposing credentials in plaintext or relying on separate database management tools.

Every database session is governed by centralised policies, with full session recording for audit and compliance purposes. The idea is straightforward: if organisations already store their passwords, secrets, and privileged credentials in Keeper, database access should live there too, rather than requiring a separate tool with its own credential store.

“KeeperDB represents a natural evolution of our zero-trust architecture,” said Darren Guccione, CEO and co-founder of Keeper Security. “By embedding database access directly into the vault, we eliminate the credential sprawl that creates risk in most enterprise environments.”

The credential sprawl problem

The challenge KeeperDB addresses is well documented. Database credentials in most organisations are scattered across configuration files, environment variables, CI/CD pipelines, and individual developer machines. When an employee leaves or a credential is compromised, tracking down every instance of that credential becomes an exercise in archaeology.

Traditional database access tools compound the problem. Each tool maintains its own connection profiles and saved credentials, creating multiple copies of sensitive information outside any centralised governance framework. For organisations subject to SOC 2, HIPAA, PCI DSS, or similar compliance requirements, this fragmentation makes audit preparation significantly more time-consuming.

KeeperDB’s approach consolidates database access under the same zero-knowledge encryption and policy engine that already governs passwords, SSH keys, API tokens, and remote desktop sessions in KeeperPAM. Credentials are never exposed to users in plaintext, access is granted based on role-based policies, and every query session is recorded.

Proxy mode for existing workflows

Recognising that many teams have established workflows with existing database clients, Keeper is also introducing KeeperDB Proxy. This companion feature allows developers to continue using their preferred tools (pgAdmin, MySQL Workbench, DBeaver, and similar clients) while routing connections through Keeper’s infrastructure. The proxy maintains centralised policy enforcement, credential protection, and session visibility without requiring teams to abandon their existing tooling.

This is a pragmatic concession. Asking database administrators to switch from tools they have used for years is a reliable way to generate friction and reduce adoption. By offering both a native vault interface and a proxy mode, Keeper is betting that organisations will adopt whichever path creates the least disruption.

A broader PAM strategy

KeeperDB is the latest addition to a platform that has expanded considerably beyond its password management origins. KeeperPAM now includes password and passkey management, secrets management for DevOps and CI/CD pipelines, privileged session management with recording, remote browser isolation, secure remote desktop and SSH access via Keeper Connection Manager, and now database access.

The company’s strategy is to consolidate multiple point solutions into a single platform with a single credential store and a single policy engine. For managed service providers (MSPs), Keeper announced a revamped 2026 partner programme in February with tiered discounts and expanded enablement resources, suggesting that the mid-market and channel are key growth targets alongside direct enterprise sales.

The F1 connection

Keeper’s RSAC presence coincided with the company’s broader visibility push. Now in its third season as the official cybersecurity partner of the Atlassian Williams F1 Team, Keeper launched a global advertising campaign in March 2026 featuring driver Alex Albon. The campaign, filmed during pre-season testing in Bahrain, draws parallels between the real-time data protection required in Formula 1 operations and the identity-first security model that Keeper promotes for enterprise environments.

Williams uses KeeperPAM to protect passwords, infrastructure secrets, and privileged accounts both at its Grove headquarters and trackside, where race strategy, telemetry, and engineering systems depend on tightly controlled access to sensitive data.

What this signals

The broader trend KeeperDB reflects is the continued consolidation of identity and access management tools. Organisations that once maintained separate solutions for password management, secrets management, privileged access, remote connectivity, and database access are increasingly looking for unified platforms that reduce complexity and the number of credential stores to protect.

Keeper is not the only vendor pursuing this strategy. CyberArk, BeyondTrust, and Delinea have all expanded their PAM platforms in recent years. What distinguishes Keeper’s approach is its zero-knowledge architecture (meaning Keeper’s own servers cannot access customer data) and its consumer-grade user experience, which the company argues drives higher adoption rates than traditional enterprise PAM tools.

KeeperDB is available now for KeeperPAM customers, with support for MySQL, PostgreSQL, Oracle, and Microsoft SQL Server. KeeperDB Proxy is expected to follow in a subsequent release.

For once, we can avoid debating in the comments what constitutes a “cyberdeck”, because [LCLDIY] does not refer to his cyberpunk masterpiece as such — he calls it a laptop. Considering the form factor is more like an all-in-one with a built-in laser projection keyboard, that’s arguably an even more controversial label to use, but as stylish this build is, it’s what’s inside it that interests us most.

No, not the cash-register motherboard that serves as the brain, though that has got to be worth some hacker cred. No, it’s the graphics card [LCLDIY] designed to drive 10″ electroluminescent (EL) displays that really has us interested. EL screens have a unique and beautiful glow that many find captivating, but we don’t see them all that often for two reasons. One is price: if you can’t find them surplus, they’re not cheap. The other is driving them, which [LCLDIY]’s project helps with, because the graphics card is open source.

The card is PCI, so you’ll need an adapter to plug it into a modern PCIe slot, or you’d have to redesign the thing. Since this isn’t elegant-engineering-a-day, we know which we’d do. The card is based on the CHIPS65548/5 chip, which means you should be able to find driver support under Linux and Windows. [LCLDIY] seems to be using Windows 2000, but that might just be because it’s all been downhill since then.

If the cyberpunk laptop wasn’t enough inspiration, [LCLDIY] also created a giant-scale Game Boy using the same 10″ screen and DIY graphics card. The soft glow of the EL display is particularly suited to the low-res nature of the retro games, as it’s not entirely unlike a CRT. You can see it in action–both builds!– in videos embedded below.

The last time somebody posted an EL display here, they had to build the driver board for it, too.