Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Full SOC Operations with Claude Code: Fork, Install and Run Agents

Apr 8, 2026 By LimaCharlie In LimaCharlie
After RSAC, one thing was clear: security teams don't want a black box AI SOC product and they want to go beyond triage and co-pilots. They want infrastructure they can control, extend, and own. LimaCharlie runs composable AI agents built on real SecOps infrastructure, in production. Our open-source AI triage agents are designed as self-contained, installable units, each with defined scope, permissions, and behavior. Join Maxime Lamothe-Brassard, CEO and Founder, as he walks through the architecture and runs live demonstrations inside the Agentic SecOps Workspace.
View Video

Ep. 53 - The Dragon's Shadow: China's Silent Cyber War Has Already Begun

Apr 8, 2026 By SafeBreach In SafeBreach
What if the next cyberattack doesn’t steal your data…but quietly prepares to break your infrastructure? In this premiere episode of our series on Chinese threat actors, we uncover how China transformed from noisy, smash-and-grab hackers into the world’s most sophisticated cyber power—one focused not just on espionage, but on pre-positioning inside critical infrastructure. Through a chilling real-world scenario, we explore a new kind of threat: digital landmines—subtle, invisible changes inside power grids, telecommunications networks, and industrial systems that can be triggered at any time.
View Video
miniorange

IAM Security Risks You Can't Ignore in 2026

Apr 8, 2026 By Chaitali Avadhani In miniOrange
If you’re using an Identity and Access Management (IAM) solution for safeguarding employee and customer accounts, then you must know about the IAM security risks. This is to account for the possible gaps and work on them. Identity security risks are no longer limited to not meeting checklists, but have shifted to a dynamic approach. A continuous, real-time, and risk-based approach is the new norm.
Read Post
miniorange

Zero Trust IAM: Why Modern IAM is the Foundation of the Zero Trust Framework

Apr 8, 2026 By miniOrange In miniOrange
For years, cybersecurity relied on a secure network perimeter, where users were trusted once inside. This approach was effective when everything was contained in a controlled environment, but it no longer works today. Modern organizations operate across cloud platforms, SaaS, mobile devices, and distributed teams. Employees and partners connect from various locations while APIs exchange data. As a result, the traditional network boundary no longer exists.
Read Post
salt security

The Era of Agentic Security is Here: Key Findings from the 1H 2026 State of AI and API Security Report

Apr 8, 2026 By Eric Schwake In Salt Security
The era of human-centric API consumption is officially ending. Over the past year, enterprises have rapidly transitioned from simply experimenting with Generative AI to deploying autonomous AI agents that drive core business operations. These agents act as digital employees. They utilize Large Language Models (LLMs) for reasoning, Model Context Protocol (MCP) servers for connectivity, and internal APIs for execution. This evolution has fundamentally altered the enterprise attack surface.
Read Post
datadog

CI/CD security: How to secure your GitHub ecosystem

Apr 8, 2026 By Juvenal Araujo In Datadog
In Part 1 of this series, we discussed the CI/CD security boundary, mapped out potential attack vectors with a CI/CD threat matrix, and introduced a simple threat model focused on ideating detection workflows. In this post, we’ll apply these principles to a real-world source code management (SCM) tool example that every developer is familiar with: GitHub. In addition to threat modeling, we’ll also be taking a closer look at historical attacks on GitHub and GitHub Actions ecosystems.
Read Post
datadog

CI/CD security: threat modeling using a MITRE-style threat matrix

Apr 8, 2026 By Juvenal Araujo In Datadog
Source code management (SCM) and CI/CD pipelines have become the industry standard for automating software delivery. But from the time a code change enters your SCM until it’s deployed, it’s susceptible to changes and reconfigurations that can go so far as to modify the pipeline itself. If you’re not proactively securing your CI/CD system, attackers can use it to grant themselves permissions, access secrets, and ship malicious code.
Read Post
trilio

SUSE Virtualization: What to Know Before You Deploy

Apr 8, 2026 By David Safaii In Trilio
VMware costs are climbing. Broadcom’s acquisition reshuffled licensing terms, and IT teams everywhere are looking for a way out. SUSE Virtualization is one of the options getting serious attention, and for good reason. It’s an open-source, Kubernetes-native platform that runs virtual machines and containers in a single environment instead of forcing you to manage two separate stacks.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.