Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

George Kurtz + Dan Ives on AI Agents Bypassing Security Policies

Apr 10, 2026 By CrowdStrike In CrowdStrike
One AI agent didn’t have permission to fix an issue… so it asked another agent with access to do it. Another? It rewrote the security policy to achieve its goal. This isn’t theory. This is happening. George_Kurtz sat down with DivesTech to discuss why AI needs guardrails.
View Video

SecurityScorecard Weekly Brief: The Adversary Insights Edition with Steve Cobb

Apr 10, 2026 By SecurityScorecard In SecurityScorecard
This is SecurityScorecard's Weekly Brief: The Adversary Insights Edition with SecurityScorecard's CISO Steve Cobb. Critical infrastructure security in the U.S. remains an important element of the ongoing conflict between the U.S. and Iran with Iranian-linked threat actors targeting US-based assets. Iranian threat actors have focused their efforts on the fastest methods of attack by searching for what Cobb calls “low hanging fruit” in critical infrastructure environments where many organizations have exposed systems.
View Video

Auditing Agentic Behavior for FedRAMP Compliance | Teleport

Apr 10, 2026 By Teleport In Teleport
AI agents are tireless, highly capable, eager to please, but difficult to manage. George Chamales (CriticalSec) and Josh Rector (Ace of Cloud) unpack the identity and access challenges posed by agentic AI. How do you verify it was the right agent, doing the right action, approved by the right person? How do we bound, constrain, govern agentic behavior? Ultimately, the same frameworks built for human identity and access should be applied to agents.
View Video
outpost 24

What Is a PCI ASV Scan? A Guide to PCI DSS Compliance Scanning

Apr 10, 2026 By Daniel Imber In Outpost 24
“We do not store any credit card data, we outsource it. PCI DSS is not relevant for us.” If you think this way, you are not alone, but it is a misconception. The Payment Card Industry Data Security Standard (PCI DSS), is designed to enhance the security of credit card data. It applies to all organizations that store, process, or transmit cardholder data and sensitive authentication data, or that could affect the security of the environment used for such data.
Read Post
egnyte

Preconstruction Modernisation: Reducing Risk Before Commitments Lock In

Apr 10, 2026 By Joëlle Colosi In Egnyte
Preconstruction is no longer a buffer between design and delivery. Across UK construction projects, timelines are compressing, risk is shifting upstream, and teams are being asked to commit earlier with less certainty than ever before. At the same time, project information is increasingly fragmented across cloud platforms, project systems, shared drives, and email. Without structured information management, the speed gains from digital tools often amplify uncertainty rather than reduce it.
Read Post
vista infosec

GDPR for Canadian Tech Startups: Do You Need to Comply?

Apr 10, 2026 By Narendra Sahoo In VISTA InfoSec
You built something great. Your SaaS platform is signing up users. Your app is getting traction — some from Germany, some from France, maybe a handful from Sweden. You’re based in Toronto or Vancouver, operating under PIPEDA, and things feel legally tidy. Then a European enterprise prospect sends over a data protection questionnaire and asks: “Are you GDPR compliant?” Your stomach drops. You’re not sure.
Read Post
WatchGuard

Why Multi-Factor Authentication (MFA) Is No Longer Optional

Apr 10, 2026 By Carlos Arnal In WatchGuard
Passwords are still necessary, but they are no longer sufficient. Using long, unique, and hard-to-guess passphrases remains best practice. The problem is what happens when one of those passwords falls into the wrong hands: the system doesn’t detect an intrusion—it simply sees a legitimate login. From that point on, the attacker moves through the environment like any other user.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.