Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CrowdStrike

From Scanner to Stealer: Inside the trivy-action Supply Chain Compromise

Mar 20, 2026 By Adam Cardillo - Ben Ellett - Travis Lowe - Radu-Emanuel Chiscariu In CrowdStrike
While investigating a spike in script execution detections across several CrowdStrike Falcon platform customers, CrowdStrike’s Engineering team traced the activity to a compromised GitHub Action named aquasecurity/trivy-action. This popular open-source vulnerability scanner is frequently used in CI/CD pipelines.
Read Post

Has AI structurally changed the cyber industry forever? #cybersecurity #podcast #ai

Mar 20, 2026 By LimaCharlie In LimaCharlie
On this week's episode of The Cybersecurity Defenders Podcast, Stel Valavanis, founder of onShore Networks, argues that AI is a significant milestone but does not change where security is headed. He puts AI alongside the Internet and TCP/IP and makes the case that the path forward is clear: fully embrace it as a tool, regardless of which side of the equation you are on. He also points out that agentic and automated AI was already being deployed well before LLMs arrived.
View Video

Data visibility must be continuous to keep data security manageable #datasecurity #netwrix

Mar 20, 2026 By Netwrix In Netwrix
Sensitive data no longer lives in one place. It moves across file servers, SaaS apps, cloud platforms, and collaboration tools. That’s why discovering sensitive data once is not enough. In this video, Farrah Gamboa, Senior Director of Product Management at Netwrix, explains why data visibility must be continuous to keep data security manageable.
View Video

Tough Times Create Tough People, Easy Times Create

Mar 20, 2026 By Razorthorn Security In Razorthorn
Rising anxiety around decision making worries many leaders, as younger professionals fear choices that might come back to hurt their careers. The conversation argues that some struggle and hard calls build resilience, because security work often means choosing a path with partial data and then learning fast when reality hits. ⸻ For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com. We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion..
View Video
miniorange

How to Set Up Salesforce SSO for External Users Without Paying Per-User Licensing Costs

Mar 20, 2026 By Alankrita Shrivastava In miniOrange
More than 150,000 businesses worldwide run on Salesforce, and for most of them, the CRM already holds the most complete and up-to-date picture of who their customers and partners are. That makes it a natural foundation for identity management, not just for internal employees but also for the external users who interact with your portals, applications, and partner platforms every day.
Read Post
acronis

How to protect sensitive data: A practical guide for individuals

Mar 20, 2026 By Acronis In Acronis
Protecting sensitive data is essential in today’s digital world, where personal information is stored across multiple devices and online accounts. From financial details to login credentials, even small pieces of data can be used by cybercriminals if they fall into the wrong hands. The good news is that you can protect sensitive data with simple, practical steps.
Read Post
ignyte Team

DoD IL4 and IL5 Authorization Guide - Requirements and Readiness

Mar 20, 2026 By Max Aulakh In Ignyte
One of the core pillars of the security perspective adopted by the Department of Defense is the so-called Zero Trust strategy. This strategy is the adaptation to evolving threats in the world, many of which prey on the presumption of trust from accounts and individuals that can be compromised. To protect controlled unclassified information and other sensitive data, the presumption of zero trust is necessary to eliminate many common threats.
Read Post
Snyk

The Next Era of AppSec: Why AI-Generated Code Needs Offensive Dynamic Testing

Mar 20, 2026 By Nuno Loureiro In Snyk
My colleague Manoj Nair recently wrote about the growing gap between what AI builds and what security teams actually test. He made the case that the speed of AI-driven development has fundamentally outpaced validation, and that the response can't be to slow down, but to change what testing means. I agree with every word.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.