Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Learn How Veracode Stops Attackers from Exploiting Vulnerabilities from Founder Chris Wysopal.

Dec 4, 2025 By VERACODE In Veracode
Hear from Veracode's Founder and Chief Evangelist, Chris Wysopal, on how attackers compromise organizations by scanning applications for vulnerabilities in code, APIs, mobile integrations, and cloud environments. Vulnerabilities enter systems through feature updates, open-source components, and third-party code—creating constant exposure.
View Video

Learn How Veracode Helps Developers Deliver Fast Without Compromising Security with SVP Sarah Law

Dec 4, 2025 By VERACODE In Veracode
Hear from Veracode's SVP of Business Operations, Sarah Law, on how developers face immense pressure to deliver software quickly while security and compliance teams struggle to keep pace with constant changes. The Veracode platform addresses this challenge by discovering and organizing all technology assets across systems, then assessing the risk associated with each one. What sets Veracode apart is its built-in governance and unified, configurable policy framework that adapts to each customer's unique security posture and regulatory requirements.
View Video

The Most Dangerous Blind Spot in SaaS Architecture #saas #saassecurity #cloudsecurity #apisecurity

Dec 4, 2025 By Wallarm In Wallarm
When data flows between two critical SaaS tools (like Salesforce and a CRM chatbot), you have zero visibility into that traffic. This leaves a gaping hole for attackers to exploit Business Logic Abuse. Since you can't see the traffic, you cannot monitor the attack. The Solution? Rigorous Vendor Management. Control Your Own Keys! The responsibility to protect your sensitive data is always yours, even in the cloud.
View Video
cyberark

AI agents and identity risks: How security will shift in 2026

Dec 4, 2025 By Lavi Lazarovitz In CyberArk
The pace of technological change is relentless. Not long ago, our migration to the cloud and the automation of CI/CD pipelines dominated the conversation. Now, AI agents are reshaping how we think about automation, productivity, and risk. As we look toward 2026, it’s clear that these intelligent, autonomous systems are not just a passing trend; they are becoming foundational to how businesses operate.
Read Post
1Password

The hidden offboarding step draining your budget

Dec 4, 2025 By Jenn Marshall In 1Password
There’s a good chance something important is missing from your IT team’s offboarding checklist, and it may be causing a steady drip of unnecessary, wasted spend. The source of this leak? No, it’s not the unreturned laptops; it’s the licenses for SaaS apps that employees use every day.
Read Post
astra

Model Inversion Attacks: When AI Reveal Their Secrets

Dec 4, 2025 By Keshav Malik In Astra
Researchers in 2019 proved something that sent shock waves throughout the machine learning community. With nothing more than the facial recognition API’s confidence scores, they reconstructed clear images of people whose photos had been used to train the learning model. The re-creations were not exact replicas, but they came close enough that real people whose likenesses had never been consented to could be identified.
Read Post
astra

Building Customer Trust at Scale with Trust Centers

Dec 4, 2025 By Keshav Malik In Astra
In a world where 86% of enterprise buyers bail if they can’t verify security early, the demand for transparency has reached a critical point. Every vendor claims to have security certifications, compliance badges, and rock-solid infrastructure, but how can buyers verify these claims when they’re hidden behind emails or buried in 400-page PDFs?
Read Post
seal security

CVSS 10.0 CVE in React & Next.js: How You Can Stay Safe

Dec 4, 2025 By Itamar Sher In Seal Security
On December 3rd, CVE-2025-55182 was published by CISA. This CVSS 10.0 vulnerability allows unauthenticated remote code execution, where a threat actor can exploit a flaw in React’s process to decode payloads sent to React Server Function endpoints. It is important to note that while not every team is using React Server Function endpoints in their app, they still may be vulnerable if their app supports React Server Components.
Read Post
archTIS

Navigating Security Clearance Portability in a Zero Trust World

Dec 4, 2025 By Erik Hanson In archTIS
In today’s high-turnover work environment, we’re watching something unusual happen: record numbers of security cleared, experienced professionals are re-entering the job market. They’re leaving shuttered programs, reorganised agencies, downsized contractors, and sometimes entire departments caught in a budget reshuffle. Conventional wisdom says these people are an asset anywhere they land.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.