Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Zenity

Scaling Microsoft AI Agents Securely: Zenity Brings Inline Prevention to Microsoft Foundry and Copilot Studio

Nov 18, 2025 By Andrew Silberman In Zenity
Microsoft Foundry and Microsoft Copilot Studio have made it simple to build AI agents that automate workflows, access sensitive data, and integrate across critical business systems. However, agent democratization without control creates new security challenges. Further, as more agents are deployed across the organization, it means more agents that can access more data, invoke more tools (including MCP and A2A), and perform more actions. In other words, the potential attack surface is expanding.
Read Post

Admin MCP

Nov 18, 2025 By Apono In Apono
Apono announces the launch of our Admin MCP (Model Context Protocol), a new tool that simplifies organizational access management through natural language queries. The product works with MCP-supported clients like Claude and Cursor, allowing administrators to quickly answer access questions without manually navigating through dashboards and permissions. This demo shows how users can instantly check if someone can access database resources or get comprehensive audit reports for AWS production accounts.
View Video
idstrong

What You Need to Know about the DoorDash Data Breach

Nov 18, 2025 By IDStrong In IDStrong
Food delivery giant DoorDash recently suffered a cybersecurity incident that compromised sensitive customer and merchant information. Known for delivering everything from burritos to bubble tea across the United States and beyond, DoorDash confirmed that unauthorized actors accessed parts of its system in a recent data breach.
Read Post
levelblue

Crowdsourced Penetration Testing: Understanding the Risks for Better Decision-Making

Nov 18, 2025 By Jason Shepherd In LevelBlue
Crowdsourced penetration testing promises broad coverage, flexible resourcing, and cost efficiency by tapping into a distributed pool of security testers. Trustwave, A LevelBlue Company, realizes not every organization has the financial resources to partner with a security firm with dedicated penetration testing capabilities. At the same time, we want to make organizations aware of the many pitfalls in the crowdsourced pen-testing market and offer a few pointers on choosing the right vendors.
Read Post
upguard

Lookalike Domain Attacks Explained

Nov 18, 2025 By Revashni Moodley In UpGuard
Your potential customers could be interacting with a malicious website that resembles your company's website. This dangerous cyber risk, known as a lookalike domain, is on the rise, with 80% of registered web domains in 2024 resembling 2000 global brands. This article explains what lookalike domains are, their impact on your brand, and why these attacks are increasing, providing real-time strategies to protect your business from domain spoofing.
Read Post
upguard

Risk Automations: The Shift From Catch-Up to Command

Nov 18, 2025 By Revashni Moodley In UpGuard
What if your security operations team could reduce the time from risk discovery to resolution, from hours to seconds? 64% of analysts spend more than half of their time on manual tasks. It’s a sobering reality, considering how accelerated detection has become, and the contrast couldn’t be sharper. There are tools that detect zero-day vulnerabilities, map complex attacks, and identify vendor risk exposures, but remediation is still stuck in the age of manual mitigation.
Read Post
upguard

Supply Chain Cybersecurity Strategies for Modern Business

Nov 18, 2025 By Revashni Moodley In UpGuard
The widening attack surface signals a critical risk, and your supply chain is the prime target. Attackers exploit vulnerabilities that were inserted long before the system was onboarded. This enables them to infiltrate data or disrupt systems at any stage, making supply chain attacks a direct and growing risk. A third-party breach compromises your vendor, but a supply chain attack targets you, which is why organizations need to make supply chain cybersecurity a business priority.
Read Post
egnyte

Egnyte Collaborates With Microsoft to Power Enterprise AI With Microsoft Agent 365

Nov 18, 2025 By Niamh Conlon In Egnyte
Egnyte is excited to announce a new collaboration with Microsoft, integrating Egnyte’s data governance and secure collaboration expertise with Microsoft Agent 365 for AI agents. This collaboration is designed to transform how organizations empower their employees, enhancing productivity and decision-making through secure, governed AI. The enterprise landscape is rapidly evolving.
Read Post
cyberark

Why access management needs a challenger mindset

Nov 18, 2025 By Khizar Sultan In CyberArk
Cybersecurity never stands still. Every login, session, and connection shifts the balance between freedom and control. Effective access management today isn’t about restriction—it’s about enabling trust at the speed of innovation. Modern enterprises achieve this by evolving their controls to be seamless, adaptive, and invisible to the user.
Read Post
cyberark

Racing and Fuzzing HTTP/3: Open-sourcing QuicDraw(H3)

Nov 18, 2025 By Maor Abutbul In CyberArk
This blog post provides a dive into HTTP/3’s evolution for security engineers, an overview of our research journey, and what led us to develop the open-source tool QuicDraw, which can be used for fuzzing and racing HTTP/3 applications. QuicDraw implements “Quic-Fin-Sync” our implementation of the last-byte-sync with the single packet attack on HTTP/3. We conclude by evaluating QuicDraw’s performance against a real-world target and comparing its results to other tools.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.