Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

wallarm

Why API Discovery Is the First Step to Securing AI

Apr 17, 2026 By Wallarm In Wallarm
AI risk doesn’t live in the model. It lives in the APIs behind it. Every AI interaction triggers a chain of API calls across your environment. Many of those APIs aren’t documented or tracked. That’s your real exposure. Shadow API discovery gives you visibility into those hidden endpoints, so you can find them before attackers do. If you don’t know which APIs your AI relies on, you can’t secure the system.
Read Post
salt security

Claude Mythos Changed Everything. Your APIs Are the First Target.

Apr 14, 2026 By Roey Eliyahu In Salt Security
Anthropic just released Claude Mythos Preview. They did not make it publicly available. That decision alone should tell you everything you need to know about what this model can do. During internal testing, Mythos autonomously discovered and exploited zero-day vulnerabilities across every major operating system and web browser. It found a 27-year-old bug in OpenBSD. A 16-year-old vulnerability in a widely used media codec.
Read Post
salt security

Everyone Is Securing the Wrong Layer of AI

Apr 13, 2026 By Michael Callahan In Salt Security
The AI security market is crowded. Vendors are racing to protect prompts, harden models, detect jailbreaks, and scan for data leakage at the LLM layer. The investment is real. The intent is good. And most of it is missing the point. Here is the problem: agents do not just think. They act. They call APIs. They trigger workflows. They write to databases, send emails, move money, and modify production systems.
Read Post
salt security

The AI Supply Chain is Actually an API Supply Chain: Lessons from the LiteLLM Breach

Apr 10, 2026 By Eric Schwake In Salt Security
The recent supply chain attack involving Mercor and the LiteLLM vulnerability serves as a massive wake-up call for enterprise security teams. While the security industry has spent the last year fixating on prompt injections and model jailbreaks, this breach highlights a far more systemic vulnerability. The weakest link in enterprise AI is not necessarily the model itself. It is the middleware connecting the models to your data.
Read Post
salt security

The Era of Agentic Security is Here: Key Findings from the 1H 2026 State of AI and API Security Report

Apr 8, 2026 By Eric Schwake In Salt Security
The era of human-centric API consumption is officially ending. Over the past year, enterprises have rapidly transitioned from simply experimenting with Generative AI to deploying autonomous AI agents that drive core business operations. These agents act as digital employees. They utilize Large Language Models (LLMs) for reasoning, Model Context Protocol (MCP) servers for connectivity, and internal APIs for execution. This evolution has fundamentally altered the enterprise attack surface.
Read Post
Building Smarter Virtual Assistants with Gemini 3 Flash API: AI for Seamless Workflow Automation

Building Smarter Virtual Assistants with Gemini 3 Flash API: AI for Seamless Workflow Automation

Apr 8, 2026 By SecuritySenses In SecuritySenses
As teams become more distributed and workloads continue to increase, the need for effective automation tools has never been greater. Traditional methods of collaboration often fall short when it comes to handling repetitive tasks, managing high volumes of information, or providing real-time, intelligent support. That's where AI virtual assistants come in, changing how teams collaborate, streamline workflows, and boost productivity.
Read Post

Everyone is Deploying AI Agents. Almost Nobody Knows What They're Doing

Apr 6, 2026 By Salt Security In Salt Security
AI agents are operating inside your enterprise; querying databases, triggering workflows, and taking action through APIs. As AI agents are adopted, organizations cannot see, track, or control what these agents are actually doing. In this session, Roey Eliyahu, Co-Founder and CEO of Salt Security, challenges the industry’s narrow focus on LLM safety and exposes the much larger, invisible attack surface created by agentic systems.
View Video
Codex API In DevSecOps: Balancing Developer Speed With Secure Code Review

Codex API In DevSecOps: Balancing Developer Speed With Secure Code Review

Apr 3, 2026 By SecuritySenses In SecuritySenses
AI-assisted coding is no longer a side experiment. It is becoming part of daily engineering workflows, from drafting functions and refactoring legacy code to generating tests and accelerating routine implementation work. That shift is why the Codex API now belongs in a broader DevSecOps conversation, not just a developer productivity discussion.
Read Post
salt security

The Agentic Stack Explained: How LLMs, MCP Servers, and APIs Work Together

Apr 2, 2026 By Eric Schwake In Salt Security
The term AI agent is dominant in current cybersecurity discourse. Vendors, analysts, and CISOs all use the label, yet technical confusion remains regarding how agents actually operate and where the security risks reside. Beneath the surface-level familiarity, there is often significant confusion about what an AI agent actually is, how it operates technically, and most importantly for security teams, where the risk actually lives.
Read Post

How does Sisense stay on top of API Attacks?

Apr 2, 2026 By Salt Security In Salt Security
Sisense powers analytics experiences inside the applications businesses rely on every day. As an API-first platform, securing those connections is critical, especially as AI agents increasingly operate through APIs to access data and trigger workflows. In this conversation, Sangram, CISO and VP of IT at Sisense, and Michael Callahan, CMO at Salt Security, discuss how Sisense approached API security strategically to protect their platform, maintain customer trust, and support innovation in the Agentic AI era.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.