Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

salt security

Measuring Agentic AI Posture: A New Metric for CISOs

Jan 29, 2026 By Eric Schwake In Salt Security
In cybersecurity, we live by our metrics. We measure Mean Time to Respond (MTTR), Dwell Time, and Patch Cadence. These numbers indicate to the Board how quickly we respond when issues arise. But in the era of Agentic AI, reaction speed is no longer enough. When an AI Agent or an MCP server is compromised, data exfiltration happens in milliseconds rather than days. If you are waiting for an incident to measure your success, you have already lost.
Read Post
cloudflare

Introducing Moltworker: a self-hosted personal AI agent, minus the minis

Jan 29, 2026 By Celso Martinho In Cloudflare
The Internet woke up this week to a flood of people buying Mac minis to run Moltbot (formerly Clawdbot), an open-source, self-hosted AI agent designed to act as a personal assistant. Moltbot runs in the background on a user's own hardware, has a sizable and growing list of integrations for chat applications, AI models, and other popular tools, and can be controlled remotely. Moltbot can help you with your finances, social media, organize your day — all through your favorite messaging app.
Read Post
veracode

Veracode and Palo Alto Networks: Unify Application Risk from Code to Cloud

Jan 29, 2026 By Joe Ariganello In Veracode
Software development has entered a new era. Applications are built and deployed faster than ever, powered by cloud-native architectures, open-source software, and AI-assisted development. But this speed has introduced a new challenge: a dramatically expanded attack surface and a fragmented security model that struggles to keep up.
Read Post

Episode 7 - Practical AI for Zeek, MITRE, and Security Docs

Jan 29, 2026 By Corelight In Corelight
In Episode 7 of Corelight DefeNDRs, join me, Richard Bejtlich, as I sit down with Dr. Keith Jones, Corelight's principal security researcher, to discuss the practical applications of AI in enhancing network security. We delve into how large language models (LLMs) can assist in cleaning up documentation and generating Zeek scripts, sharing insights from our extensive experience in incident response and coding. Keith reveals the challenges and successes he has encountered using LLMs to streamline processes, including their role in analyzing MITRE techniques.
View Video
levelblue

Par for the Course: Why Golf Facilities Are Prime Targets for Cyberattacks

Jan 29, 2026 By LevelBlue In LevelBlue
Golf can be an incredibly frustrating game to play. The great Winston Churchill described golf as "a game whose aim is to hit a very small ball into an even smaller hole, with weapons singularly ill-designed for the purpose.” Interestingly, cybersecurity professionals face the exact opposite problem.
Read Post
Tines

Futureproofing Tines: Fair share orchestration

Jan 29, 2026 By Braddy Yeoh In Tines
Fair-share orchestration of resources in a tenant, especially in a multi-tenant context is a complex, multifaceted issue. It involves ensuring equitable access to shared resources, preventing system overload, and maintaining optimal performance across all customer workflows. As more customers build and trust Tines with their most important workflows, (which sees the platform handle over a billion automated actions per week), we recognized that we needed to ensure our platform's scalability.
Read Post
appknox

Vibe Coding Speeds Up Mobile Apps But Creates New Security Risks

Jan 29, 2026 By Ginil P G In Appknox
AI-assisted development has crossed a tipping point. Mobile teams are no longer debating whether to use AI to write code. They are deciding how fast they can ship with it. This shift, often called vibe coding, prioritizes intent and speed over manual implementation. Developers describe what they want, and AI fills in the rest. Velocity improves. Releases accelerate. But security assumptions quietly break. For mobile applications, that risk compounds.
Read Post
CalCom

Why the UK Thinks Differently About Cybersecurity Compliance

Jan 29, 2026 By Dean Roberts In CalCom
A multinational financial institution walks into its annual PCI DSS review confident it has “checked the boxes.” Firewalls are segmented, logs are retained, access controls are documented, and the audit report is clean. Months later, the same organization is reprimanded by the UK Information Commissioner’s Office (ICO). The controls were properly implemented.
Read Post
vanta

What is vendor compliance, and why does it matter?

Jan 29, 2026 By Vanta In Vanta
Modern organizations depend on a vast network of third-party vendors to deliver their products and services, often outsourcing logistics like manufacturing and customer support. While this promotes scalability and innovation, relying on external parties can create blind spots in data security, regulatory compliance, and risk management. ‍ These gaps exist because vendors often don’t operate under the same policies and ethical standards as the organization with which they collaborate.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.