Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

armo

Detecting Threats in Multi-Agent Orchestration Systems: LangChain, CrewAI, and AutoGPT

Apr 23, 2026 By Yossi Ben Naim In ARMO
It’s Tuesday morning at a mid-size fintech. A customer-support workflow runs on CrewAI in production: a Triage agent reads tickets, a Records agent pulls customer history, a Remediation agent drafts and sends the reply. A user submits a ticket with a pasted error log containing an indirect prompt injection. Triage summarizes and delegates. Records, interpreting instructions embedded in the summary, pulls 2,400 customer records instead of one.
Read Post

GitGuardian Can Now Monitor Your Gerrit Repositories To Help You Fight Secrets Sprawl

Apr 23, 2026 By GitGuardian In GitGuardian
In this video, Romain Jouhannet, Product Manager at GitGuardian, talks with Dwayne McDaniel, Developer Advocate at GitGuardian about the platform's new native support for Gerrit as a VCS source. Gerrit is widely used for enterprise code review workflows, often hosting sensitive internal repositories. You can now connect your Gerrit instance to GitGuardian to detect secrets exposed across your repositories and commit histories, with the same experience as our other VCS integrations.
View Video
armo

Implementing AI Agent Security on Azure AKS: A Practical Guide

Apr 22, 2026 By Ben Hirschberg In ARMO
Your platform team deployed eBPF-based runtime sensors on AKS last week. Defender for Containers is enabled. Azure Policy is enforcing pod security standards across your AI workload namespaces. And your Observe pillar is still blind — because nobody enabled the Diagnostic Setting that routes kube-audit logs to the Log Analytics workspace where your tooling can actually consume them.
Read Post
armo

AI Workload Discovery: How to Find Every AI Agent Running in Your Clusters

Apr 22, 2026 By Shauli Rozen In ARMO
A CISO at a mid-sized SaaS company pulls her platform lead aside after a board meeting. One question: “Do we have AI agents running in production?” The lead pauses. He knows the data science team has been experimenting with LangChain. He remembers a conversation about a customer-support pilot. He thinks there might be an inference server in staging that got promoted last quarter.
Read Post
armo

AI Workload Security for Healthcare: What CISOs Need to Prove Under HIPAA

Apr 22, 2026 By Yossi Ben Naim In ARMO
A patient calls your privacy office and requests an accounting of every disclosure of her PHI made outside treatment, payment, and healthcare operations over the past six years. This is her right under HIPAA. Your privacy officer pulls the EHR disclosure log. It is complete through the day your organization deployed its first production AI agent.
Read Post

GitGuardian Now Flags Overprivileged and Admin Secrets Across AWS, Entra, And Okta Identities

Apr 22, 2026 By GitGuardian In GitGuardian
GitGuardian NHI Governance will now automatically flag machine identities that carry admin access and have more privileges than they actually use. GitGuardian NHI Governance has been able to surface policy breaches for long-lived secrets, Duplicated Secrets, and, of course, if the secrets have been leaked publicly or internally.
View Video
mend

A Poisoned Xinference Package Targets AI Inference Servers

Apr 22, 2026 By Tom Abai In Mend
Part 1 covered CanisterWorm. Part 2 covered the malicious LiteLLM package. Part 3 covered the Telnyx WAV steganography attack. This post covers the latest wave: three malicious versions of xinference on PyPI, carrying the same credential-stealing playbook and a plot twist. On April 22, 2026, Mend.io’s threat detection identified malicious versions of xinference on PyPI: 2.6.0, 2.6.1, and 2.6.2.
Read Post
mend

From Panic to Playbook: Modernizing ZeroDay Response in AppSec

Apr 21, 2026 By Shannon Davis In Mend
Why the next Log4Shell will be won or lost in the first 72 hours—and what a modern zero‑day workflow looks like. Every security team remembers where they were when Log4Shell dropped. A quiet Friday afternoon in December 2021 turned into a weekend of war rooms, emergency patches, and executive updates. Years on, the Log4j fallout still shows up in breach reports—a stubborn reminder that zero‑days don’t end when the news cycle does.
Read Post
armo

AI Agent Sandboxing in Financial Services: Containing Blast Radius

Apr 21, 2026 By Shauli Rozen In ARMO
Your progressive enforcement rollout is working. eBPF sensors are deployed across the cluster. Behavioral baselines are converging. Enforcement policies are generating from observed behavior, just like the observe-to-enforce methodology prescribes. Then your compliance officer walks over to the platform team’s desks and asks a question nobody anticipated: “Which agents are in observation mode right now?”
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.