Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

GitGuardian Now Flags Overprivileged and Admin Secrets Across AWS, Entra, And Okta Identities

Apr 22, 2026 By GitGuardian In GitGuardian
GitGuardian NHI Governance will now automatically flag machine identities that carry admin access and have more privileges than they actually use. GitGuardian NHI Governance has been able to surface policy breaches for long-lived secrets, Duplicated Secrets, and, of course, if the secrets have been leaked publicly or internally.
View Video

Defending at Machine Speed in the Autonomous Age

Apr 22, 2026 By Arctic Wolf Networks In Arctic Wolf
Frontier AI models are accelerating the discovery of new vulnerabilities combined with the ability to exploit those weaknesses at speed and scale. This alone isn’t the problem. Trust in AI‑driven security outcomes is. With AI dominating headlines, security leaders are asking what models like Mythos or GPT‑5.4‑Cyber mean for their business. The real issue runs deeper. Teams need to be able to trust tools and technology that move at machine speed.
View Video

Ep. 55 - The 'Typhoon' Hack: How China Hid Inside Your Home Router

Apr 22, 2026 By SafeBreach In SafeBreach
Your home router isn’t just sitting there. It might already be part of a global cyberattack. In Part 2 of our deep dive into Chinese cyber operations, Tova Dvorin and Adrian Culley unpack the “Typhoon” threat groups—Volt Typhoon, Salt Typhoon, and Flax Typhoon—and how they’re quietly reshaping modern cyber warfare. This isn’t about stealing data. It’s about staying hidden, pre-positioning, and being ready to strike.
View Video
netwrix

UEBA (User and Entity Behavior Analytics): complete guide to detection, use cases, and implementation

Apr 22, 2026 By Tyler Reese In Netwrix
User and entity behavior analytics (UEBA) is a cybersecurity technology that uses machine learning and risk scoring to detect threats by analyzing user and entity behavior patterns. UEBA establishes behavioral baselines for users, devices, and applications, then identifies anomalies that may indicate insider threats, compromised accounts, or advanced attacks that traditional security tools miss.
Read Post
LimaCharlie

Logging Is Not Observability: The AI Security Gap MSSPs Can't Ignore

Apr 22, 2026 By Daniel Ballmer In LimaCharlie
Every MSSP is fielding the same question from clients right now:"Are we safe with AI?" Most are answering with some version of"yes, we're logging everything." In a recent Defender Fridays episode, Saurabh Shintre, Founder and CEO of Realm Labs drew a hard line between these two concepts."You can log prompt and response and this bare minimum you have to do.
Read Post

AI SecOps Worskhop Series: Accelerating Cloud Security Operations with Claude Code and LimaCharlie

Apr 22, 2026 By LimaCharlie In LimaCharlie
In this workshop we will show how to use Claude Code with LimaCharlie to accelerate cloud security operations. We will have Claude Code deploy agents, create detections and identify issues before they become incidents. This hands-on workshop is designed to demonstrate the transformative power of integrating Anthropic's Claude Code, with the versatile security platform, LimaCharlie. Our focus will be on leveraging the capabilities of Claude Code to significantly accelerate and streamline various aspects of cloud security operations, turning reactive tasks into proactive, automated workflows.
View Video
levelblue

Why MDR Providers with Proprietary Threat Intelligence Detect More

Apr 22, 2026 By LevelBlue In LevelBlue
Managed Detection and Response (MDR) has become a foundational component of modern security programs. As attack surfaces expand and adversaries move faster, organizations increasingly rely on external providers to monitor, detect, and respond to threats around the clock. But not all MDR is created equal. The difference isn’t just tooling, staffing, or service-level promises. It comes down to the quality - and ownership - of the threat intelligence that powers detection.
Read Post
salt security

You're Not Watching MCPs. Anthropic's Vulnerability Shows Why You Should Be.

Apr 22, 2026 By Roey Eliyahu In Salt Security
Last week, researchers at OX Security published findings that should stop every security leader in their tracks. They discovered a critical vulnerability baked directly into Anthropic's Model Context Protocol SDK, affecting every supported language: Python, TypeScript, Java, and Rust. The result: remote code execution on any system running a vulnerable MCP implementation, with direct access to sensitive user data, internal databases, API keys, and chat histories. Over 7,000 publicly accessible servers.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.