Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Kubernetes Tricks & Treats: Security and Scale without the Scary Stuff

Oct 30, 2025 By Teleport In Teleport
Kubernetes is powerful — but let’s be honest, managing access and identities across users, clusters, kubectl sessions, RBAC rules, CI/CD pipelines, and AI agents can feel like wandering through a corn maze in the dark. Static kubeconfigs, sprawling IAM roles, and long-lived credentials are the cobwebs and skeletons cluttering your path to secure, scalable infrastructure.
View Video
nucleus

Understanding CVSS 4.0 and the Future of Vulnerability Scoring

Oct 30, 2025 By Corey Tomlinson In Nucleus
The Common Vulnerability Scoring System (CVSS) has been the industry’s go-to framework for assessing vulnerability severity for nearly two decades. It provides a standardized way to measure and communicate the technical impact of a vulnerability. As threat landscapes evolve and organizations mature in their vulnerability management practices, questions about its relevance and limitations persist. That even led to our co-founder, Scott Kuffer, writing a defense of the algorithm earlier this year.
Read Post
protecto

How LLM Privacy Tech Is Transforming AI Using Cutting-Edge Tech

Oct 30, 2025 By Anwita In Protecto
The promise of large language models is simple: turn messy text and data into instant answers, drafts, and decisions. The catch is simple: those models are hungry, and the most valuable data you own is also the most sensitive. If that escapes, you have legal, brand, and trust problems. This is where the story shifts. How LLM Privacy Tech Is Transforming AI is about making real deployments possible.
Read Post
sumologic

Why the Gartner Critical Capabilities for SIEM report belongs in every buyer's toolkit

Oct 30, 2025 By Christopher Beier In Sumo Logic
Have you ever wished for a tool that could guide you, even on the foggiest days? That was my father’s compass. He carried it not because it told him where he was, but because it reminded him where true north was. I spent twelve years in the U.S. Navy as a cybersecurity practitioner, and that same compass has stayed with me. And in the world of SIEM and threat detection, the Gartner Critical Capabilities for Security Information and Event Management (SIEM) report feels like that compass.
Read Post

Advanced Threat Hunting Demo: Brickstorm APT

Oct 30, 2025 By Rubrik In Rubrik
Is your VMware environment secure? A sophisticated backdoor called BRICKSTORM, used by espionage actor UNC5221, could be hiding in your vCenter backups right now. Restoring from a compromised snapshot means letting the attackers right back in. But what if your backups could be your best defense? In our new 4-minute demo, we walk through the exact steps to: Proactively hunt for BRICKSTORM within your backups using YARA rules. Instantly quarantine infected snapshots to stop the threat from spreading. Identify a guaranteed 'Gold Copy' for a fast, safe, clean-room recovery.
View Video

Modern SecOps: What an AI-ready SOC actually means with Anton Chuvakin

Oct 30, 2025 By LimaCharlie In LimaCharlie
Defender Fridays - Modern SecOps: What an AI-Ready SOC Actually Means with Dr. Anton Chuvakin Join us for this week's Defender Fridays as we explore what it actually means to build an AI-ready SOC with Dr. Anton Chuvakin, Security Advisor at the Office of the CISO for Google Cloud. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
View Video
Tines

How Tines helps organizations align with the EU Artificial Intelligence Act

Oct 30, 2025 By Aoife Whelan In Tines
The EU Artificial Intelligence Act (AI Act) introduces the world’s first comprehensive regulatory framework for artificial intelligence. It defines clear rules for how AI systems are built, deployed, and monitored, focusing on risk management, data governance, transparency, and accountability. Any organization offering AI-powered products or services to EU users (or processing EU data) must comply.
Read Post
tigera

Calico Whisker in Action: Reading and Understanding Policy Traces

Oct 30, 2025 By Aadhil Abdul Majeed In Tigera
Kubernetes adoption is growing, and managing secure and efficient network communication is becoming increasingly complex. With this growth, organizations need to enforce network policies with greater precision and care. However, implementing these policies without disrupting operations can be challenging. That’s where Calico Whisker comes in. It helps teams implement network policies that follow the principle of least privilege, ensuring workloads communicate only as intended.
Read Post
Arctic Wolf

UNC6384 Weaponizes ZDI-CAN-25373 Vulnerability to Deploy PlugX Against Hungarian and Belgian Diplomatic Entities

Oct 30, 2025 By Arctic Wolf Labs In Arctic Wolf
Threat Actor Name: UNC6384 Targeted Industries: Government, Diplomatic Services Geographic Focus: Hungary, Belgium, Serbia, Italy, Netherlands (broader European diplomatic community)
Read Post
Feroot

How to Make Payment Forms PCI Compliant and Secure Against Formjacking Under PCI DSS 4.0.1

Oct 30, 2025 By Feroot In Feroot
Formjacking involves malicious code injected into payment forms that captures credit card data during transactions. The form functions normally, the payment completes, and nothing unusual appears in server logs. This happens in the browser, outside the reach of traditional server-side security controls. PCI DSS 4.0 requirements 6.4.3 and 11.6.1 extend compliance to the client side to address this.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.