Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

elastic

SIEM-as-a-Service offering leverages Elastic for unified cybersecurity across the US government

Mar 25, 2026 By Chris Townsend In Elastic
The US Cybersecurity and Infrastructure Security Agency (CISA) has launched a SIEM-as-a-Service (SIEMaaS) offering for federal civilian agencies, featuring Elastic Security on Elastic Cloud. SIEMaaS delivers a cloud-based platform for next-generation, AI-powered threat analytics, incident response, and open-standards-based cybersecurity data ingestion.
Read Post
bitsight

Major Security Event: Supply Chain Compromise in LiteLLM Versions 1.82.7 and 1.82.8

Mar 25, 2026 By Emma Stevens In BitSight
A supply chain compromise that impacted the Python package LiteLLM, with malicious versions 1.82.7 and 1.82.8 was published to PyPI on March 24, 2026. Bitsight Threat Intelligence, public reporting and vendor disclosures indicate the malicious releases included credential harvesting, Kubernetes-focused lateral movement, and persistence mechanisms, creating serious risk for cloud-native and AI-related environments that installed or ran the affected versions.
Read Post
vanta

How to request security budget from your CFO and exec teams

Mar 25, 2026 By Vanta In Vanta
Accelerating security solutions for small businesses‍ Tagore offers strategic services to small businesses. A partnership that can scale‍ Tagore prioritized finding a managed compliance partner with an established product, dedicated support team, and rapid release rate. Standing out from competitors‍ Tagore's partnership with Vanta enhances its strategic focus and deepens client value, creating differentiation in a competitive market.
Read Post
certkit

CertKit Keystore: Private keys that never leave your infrastructure

Mar 25, 2026 By Todd H. Gardner In CertKit
When you use CertKit, your private keys live in CertKit’s database, encrypted at rest. We’ve written about why the actual risk is smaller than it sounds. But some organizations have policies that prohibit storing private keys with any third party, regardless of how they’re protected. That policy isn’t going away. The Local Keystore enables those organizations to use CertKit and still keep their keys local.
Read Post
Snyk

From Discovery to Defense: Why AI Red Teaming Is the Next Step After AI-SPM

Mar 25, 2026 By Agnieszka Koc In Snyk
This week, we announced the general availability of Evo AI-SPM, the first operational layer of Snyk’s AI Security Fabric. AI-SPM gives security teams something they’ve never had before: a system of record for AI risk, with the ability to discover models, frameworks, datasets, and agent infrastructure embedded directly in code. For many organizations, that discovery step is a breakthrough.
Read Post
cyberhaven

Top Generative AI Security Risks In The Enterprise

Mar 25, 2026 By Cyberhaven In Cyberhaven
Enterprise security teams spent years building data loss prevention (DLP) programs around a predictable set of egress channels: email, USB drives, cloud storage, and sanctioned SaaS apps. Generative AI has rewritten those assumptions almost overnight. Today, the same data those DLP controls were built to protect is flowing into AI interfaces that most organizations have no visibility into and no enforcement capability over.
Read Post

Exposure Management - Tanium Tech Talks #157

Mar 25, 2026 By Tanium In Tanium
Exposure management goes beyond CVEs. In this Tech Talk, see how Tanium helps you identify, prioritize, and remediate real risk across vulnerabilities, misconfigurations, compliance gaps, and more. You'll see how Tanium: Goes beyond CVEs to include misconfigurations, compliance failures, certificates, and lateral movement Uses benchmarks, dashboards, and risk scoring to prioritize what actually matters Connects discovery and remediation - from compliance policies to third‑party app patching.
View Video
knowbe4

Why Your Human Risk Management Strategy Can't Ignore AI

Mar 25, 2026 By KnowBe4 Team In KnowBe4
AI isn’t just another technology wave—it’s a force multiplier for both innovation and risk. In a recent webinar featuring insights from Bryan Palma and guest speaker Jinan Budge, Vice President and Research Director at Forrester, one message came through clearly: the rise of AI and AI agents is fundamentally reshaping the human risk landscape—and security leaders need to move fast to keep up.
Read Post
Tines

Introducing the workflow capability matrix

Mar 25, 2026 By Amber Langdon In Tines
Ever wonder if you're getting the most out of intelligent workflows? Tines' workflow capability matrix (WCM) gives you a complete view of what's possible. The matrix enables you to audit your existing workflows and discover new ideas. By covering core capabilities across security and IT operations, the WCM ensures you're considering the full range of opportunities available. Capabilities covered in the matrix include.
Read Post
safeaeon

Vulnerability Management as a Service: What Businesses Need to Know

Mar 25, 2026 By SafeAeon Inc. In SafeAeon
Cyber threats are at an all-time high because the digital world is rapidly changing. Every day, new vulnerabilities are found in security systems. Attacks threaten businesses of all sizes by stealing data, disrupting operations, and damaging reputations. It has become clear that Vulnerability Management as a Service (VMaaS) is an effective managed approach for companies to protect their digital assets without managing security systems themselves.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.