Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

How GitGuardian and CyberArk MCP Servers Cut Secrets & Vault Sprawl with AI Automation

Apr 13, 2026 By GitGuardian In GitGuardian
Watch the teams of GitGuardian and CyberArk for a demo-first session on how MCP (Model Context Protocol) servers can help you tame secrets sprawl and vault sprawl by letting developers use AI to trigger the right actions, with far less cognitive load! What you’ll learn.
View Video

I Tried 5 Prompt Injection Attacks (Here's What Happened)

Apr 13, 2026 By Snyk In Snyk
In this video, we explore the growing security risk of prompt injection in large language model (LLM) applications. As AI becomes embedded in more products, new vulnerabilities emerge, especially through natural language manipulation. We break down how LLMs work, the importance of system prompts, and demonstrate five real-world prompt injection techniques used to extract sensitive information or bypass safeguards. You’ll see live examples using different models and learn why newer models are more resilient, but still not immune.
View Video
armo

CVE-2026-0968: The libssh Heap Read That Isn't as Scary as Scanners Say

Apr 10, 2026 By Ben Hirschberg In ARMO
A missing null check in libssh’s SFTP directory listing code lets a malicious server crash clients, but real-world exploitability is extremely constrained. CVE-2026-0968 is an out-of-bounds heap read in sftp_parse_longname(), triggered when an SFTP client processes a crafted SSH_FXP_NAME response with a malformed longname field. Red Hat, which serves as the CNA (CVE Numbering Authority) for this vulnerability, scored it 3.1 (Low), while Amazon Linux independently scored it 4.2 (Medium).
Read Post
armo

AI Workload Baseline and Drift Detection: Defining "Normal" Agent Behavior

Apr 10, 2026 By Ben Hirschberg In ARMO
Security teams deploying AI agents into Kubernetes know they need behavioral baselines. The concept is straightforward: define what “normal” looks like for each agent, then detect when behavior drifts in ways that suggest compromise. The problem is that AI agents are designed to change. A model update alters inference latency. A prompt revision shifts tool-calling sequences. A new MCP integration adds API destinations nobody flagged during the last security review.
Read Post
armo

How to Triage an AI Agent Execution Graph: A Three-Tier Decision Framework for Security Teams

Apr 10, 2026 By Yossi Ben Naim In ARMO
A platform security engineer gets an alert at 2:14 a.m. One of the LangChain agents running in their production Kubernetes cluster has produced an execution graph with eleven nodes, seven tool calls, and an egress edge to a domain that is not in the agent’s approved integration list. The chain is fully rendered in their console. Every signal is there.
Read Post
armo

The CISO's AI Agent Production Approval Checklist: 7 Gates to Clear Before Go-Live

Apr 10, 2026 By Shauli Rozen In ARMO
Your engineering lead is in your office Thursday morning. They want to push an AI agent to production next Tuesday. It’s a LangChain-based workflow agent, connected through MCP to three internal tools and one external API, with access to a customer database. The framework posters are on the wall. Your team has spent two quarters standing up runtime observability. And sitting in that chair, you still don’t know whether to say yes.
Read Post

Auditing Agentic Behavior for FedRAMP Compliance | Teleport

Apr 10, 2026 By Teleport In Teleport
AI agents are tireless, highly capable, eager to please, but difficult to manage. George Chamales (CriticalSec) and Josh Rector (Ace of Cloud) unpack the identity and access challenges posed by agentic AI. How do you verify it was the right agent, doing the right action, approved by the right person? How do we bound, constrain, govern agentic behavior? Ultimately, the same frameworks built for human identity and access should be applied to agents.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.