Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

Best Practices for Implementing AI Agents

Mar 24, 2026 By Martin Kraemer In KnowBe4
On March 9th, Codewall.ai disclosed how it had hacked McKinsey & Company’s AI platform called Lilli, a purpose-built system for 43,000+ employees to analyze documents, chat, and access decades of proprietary research. The researchers unleashed an AI agent which quickly scanned 200 endpoints, identified 22 that did not require authentication, and one that wrote user search queries into a database including non-parameterized JSON keys which were concatenated directly into SQL.
Read Post
knowbe4

I Didn't Revoke my API Keys Because Claude Called Me An Idiot

Mar 24, 2026 By Javvad Malik In KnowBe4
I need to confess something. A few days ago whilst vibe coding at 2am (which can end up burning through tokens like they are going out of fashion) I accidentally pasted my API key directly into a Claude chat instead of the terminal window I had open. Claude told me off. It felt like a full, proper, disappointed parent tone; the AI equivalent of 'I'm not angry, just disappointed', except it absolutely was angry. There may have been paragraphs.
Read Post
knowbe4

100,000+ New Vulnerabilities This Year and Most Will Be Zero-Days Exploited Faster

Mar 24, 2026 By Roger Grimes In KnowBe4
The number of publicly reported unique vulnerabilities has risen year after year. There was a brief decrease and stabilization in 2015 - 2016, but those are the only years in the over two decades (1999 - on) I have been following vulnerability metrics. Other than that, it has been up, up, up.
Read Post
Beyond Firewalls: Why User Behavior Data Is Becoming Essential to Modern Security

Beyond Firewalls: Why User Behavior Data Is Becoming Essential to Modern Security

Mar 24, 2026 By SecuritySenses In SecuritySenses
For decades, cybersecurity has been defined by barriers. Firewalls, antivirus software, encryption protocols, each designed to keep threats out and systems protected. These tools remain essential, but the nature of digital risk has changed. Today, many security incidents don't begin with external breaches alone. They emerge from within normal activity, subtle shifts in user behavior, unusual access patterns, or unexpected interactions that go unnoticed until it's too late.
Read Post
Fortifying Your SaaS: A CISO's Guide to Secure Embedded Analytics

Fortifying Your SaaS: A CISO's Guide to Secure Embedded Analytics

Mar 24, 2026 By SecuritySenses In SecuritySenses
In the competitive SaaS landscape, differentiation is key. Product leaders are constantly searching for the next feature that will not only attract new customers but also increase the stickiness of their platform. Enter embedded analytics. The ability to provide users with interactive, real-time data visualizations directly within your application is no longer a luxury; it's an expectation. But as we rush to empower our customers with data, are we inadvertently opening a new front in the cybersecurity war? For every visually stunning dashboard, there's a potential attack vector waiting to be exploited. The question then becomes not if you should implement embedded analytics, but how you can do so without compromising your security posture. This guide will walk you through the critical security considerations, from data isolation to API security, ensuring your next product enhancement doesn't become your next data breach headline.
Read Post
How Connected Vehicles and AI Are Redefining Insurance and Digital Security Risks

How Connected Vehicles and AI Are Redefining Insurance and Digital Security Risks

Mar 24, 2026 By SecuritySenses In SecuritySenses
The way we drive is changing. Cars are no longer just machines that take us from one place to another. They are now connected systems that collect data, communicate with networks, and use artificial intelligence to improve safety and performance. These connected vehicles are transforming industries like insurance and cybersecurity in ways we are only beginning to understand.
Read Post
fidelis security

How Can Organizations Perform Hybrid Infrastructure Risk Assessment Effectively?

Mar 23, 2026 By Fidelis Security In Fidelis Security
Most organizations didn’t design their infrastructure to become hybrid. It happened gradually. A few workloads moved to the cloud first. Development teams adopted new services. Meanwhile, some systems stayed exactly where they were — inside internal data centers — because moving them wasn’t practical. Over time the environment expanded. Now many organizations run applications across cloud platforms, private infrastructure, and on-premise systems at the same time.
Read Post
sophos

The global CISO landscape: A leadership gap too large to ignore

Mar 23, 2026 By Sophos In Sophos
The global CISO landscape: A leadership gap too large to ignore Why the world needs scalable security leadership — and MSPs and MSSPs are key to delivery The 2026 CISO Report, published by Cybersecurity Ventures in partnership with Sophos, highlights a critical imbalance in global cybersecurity leadership. Despite decades of progress and near-universal CISO adoption in Fortune 500 and Global 2000 organizations, there are still only 35,000 CISOs worldwide serving an estimated 359 million businesses.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.