Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

teramind

How to Handle AI Policy Enforcement in the Era of Shadow AI

Apr 8, 2026 By Teramind In Teramind
Here’s the reality most security teams are already living: over 80% of employees are using unapproved AI tools at work, and nearly half are actively hiding it from IT. The question facing every organization is no longer whether to adopt artificial intelligence — it’s how to secure the sensitive data flowing into it every single day. This is the governance gap.
Read Post

Stop Drowning in Container CVE Alerts: Reachable Risk & Docker VEX with Mend.io

Apr 8, 2026 By Mend In Mend
Developers are often overwhelmed by thousands of container CVE alerts, most of which are unfixable base image noise. This walk-through covers how to use reachable risk factors and Docker VEX statements within the Mend.io platform to streamline your vulnerability management.
View Video

Public infrastructure protection depends on analysts with Mike Hamilton, PISCES International [308]

Apr 8, 2026 By LimaCharlie In LimaCharlie
Michael Hamilton, Chief Technology Officer at PISCES International, joins us to discuss the benefits of providing real world experience to students while they protect existing public infrastructure. The resilient future of local government security rests in our ability to adapt to changing threats and adopt new technologies, including AI.
View Video

Full SOC Operations with Claude Code: Fork, Install and Run Agents

Apr 8, 2026 By LimaCharlie In LimaCharlie
After RSAC, one thing was clear: security teams don't want a black box AI SOC product and they want to go beyond triage and co-pilots. They want infrastructure they can control, extend, and own. LimaCharlie runs composable AI agents built on real SecOps infrastructure, in production. Our open-source AI triage agents are designed as self-contained, installable units, each with defined scope, permissions, and behavior. Join Maxime Lamothe-Brassard, CEO and Founder, as he walks through the architecture and runs live demonstrations inside the Agentic SecOps Workspace.
View Video

Ep. 53 - The Dragon's Shadow: China's Silent Cyber War Has Already Begun

Apr 8, 2026 By SafeBreach In SafeBreach
What if the next cyberattack doesn’t steal your data…but quietly prepares to break your infrastructure? In this premiere episode of our series on Chinese threat actors, we uncover how China transformed from noisy, smash-and-grab hackers into the world’s most sophisticated cyber power—one focused not just on espionage, but on pre-positioning inside critical infrastructure. Through a chilling real-world scenario, we explore a new kind of threat: digital landmines—subtle, invisible changes inside power grids, telecommunications networks, and industrial systems that can be triggered at any time.
View Video
miniorange

IAM Security Risks You Can't Ignore in 2026

Apr 8, 2026 By Chaitali Avadhani In miniOrange
If you’re using an Identity and Access Management (IAM) solution for safeguarding employee and customer accounts, then you must know about the IAM security risks. This is to account for the possible gaps and work on them. Identity security risks are no longer limited to not meeting checklists, but have shifted to a dynamic approach. A continuous, real-time, and risk-based approach is the new norm.
Read Post
miniorange

Zero Trust IAM: Why Modern IAM is the Foundation of the Zero Trust Framework

Apr 8, 2026 By miniOrange In miniOrange
For years, cybersecurity relied on a secure network perimeter, where users were trusted once inside. This approach was effective when everything was contained in a controlled environment, but it no longer works today. Modern organizations operate across cloud platforms, SaaS, mobile devices, and distributed teams. Employees and partners connect from various locations while APIs exchange data. As a result, the traditional network boundary no longer exists.
Read Post
salt security

The Era of Agentic Security is Here: Key Findings from the 1H 2026 State of AI and API Security Report

Apr 8, 2026 By Eric Schwake In Salt Security
The era of human-centric API consumption is officially ending. Over the past year, enterprises have rapidly transitioned from simply experimenting with Generative AI to deploying autonomous AI agents that drive core business operations. These agents act as digital employees. They utilize Large Language Models (LLMs) for reasoning, Model Context Protocol (MCP) servers for connectivity, and internal APIs for execution. This evolution has fundamentally altered the enterprise attack surface.
Read Post
datadog

CI/CD security: How to secure your GitHub ecosystem

Apr 8, 2026 By Juvenal Araujo In Datadog
In Part 1 of this series, we discussed the CI/CD security boundary, mapped out potential attack vectors with a CI/CD threat matrix, and introduced a simple threat model focused on ideating detection workflows. In this post, we’ll apply these principles to a real-world source code management (SCM) tool example that every developer is familiar with: GitHub. In addition to threat modeling, we’ll also be taking a closer look at historical attacks on GitHub and GitHub Actions ecosystems.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.