Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest posts

aikido

How Engineering and Security Teams Can Meet DORA's Technical Requirements

Jan 5, 2026 By Sooraj Shah In Aikido
Every financial entity operating in the European Union must comply with the Digital Operational Resilience Act (DORA). DORA focuses on whether systems can withstand, respond to, and recover from ICT-related disruptions and whether this can be demonstrated with evidence. For engineering, security, and risk teams, this introduces a practical requirement. Operational resilience must be observable in live systems, continuously tested, and traceable over time.
Read Post
device authority

Agentless IoT Security: How to Secure Devices You Can't Touch in 2026

Jan 5, 2026 By Claire Tennant In Device Authority
As IoT and operational technology environments expand, organisations are discovering that a large portion of their device estate simply cannot be secured using traditional methods. Many devices cannot run agents, cannot be patched regularly, or cannot tolerate downtime. In 2025, this reality is no longer the exception—it is the norm.
Read Post

Honeytokens with ggshield: plant tripwires that alert on secret use

Jan 5, 2026 By GitGuardian In GitGuardian
In this video, we introduce ggshield honeytoken and why it’s one of the most powerful tools in the GitGuardian toolbox. A honeytoken is a decoy secret that alerts you the moment someone tries to use it or validate it. Think of it like a digital tripwire. In GitGuardian, honeytokens can be created through the dashboard or API, and they look like real AWS keys because they are valid credentials. The difference is they grant zero access and are isolated to an AWS account GitGuardian maintains specifically for this purpose.
View Video

Microsoft E3 vs E5: Understanding the Security Coverage You Already Own

Jan 5, 2026 By Reach Security In Reach Security
Assessing Microsoft E3 and E5 is less about the license tier and more about understanding the security coverage you already own. In our conversation, Todd and Garrett break down what often gets missed in the E3 → E5 journey: Organizations move to E5 without clearly understanding:⇢ what coverage they already have with E3⇢ what incremental capabilities E5 actually adds⇢ and whether those capabilities are being adopted at all.
View Video

Eliminate AppSec Noise: Jit's AI Agents Find Real Exploitable Risks

Jan 5, 2026 By Jit In Jit
Application security scanners generate endless alerts, but most don’t translate into real risk. Meet Sera, Jit’s AI-powered Security Evaluation and Remediation Agent. Sera automatically connects scanner findings, uncovers toxic combinations, and explains exploitable attack paths—saving AppSec teams hours of manual investigation. See how AI Agents eliminate noise, automate investigations, and deliver clarity so your team can focus on what matters.
View Video
protecto

Unlocking AI Data Security: Strategic Solutions

Jan 5, 2026 By Anwita In Protecto
AI systems are no longer experimental. They sit at the center of product experiences, internal workflows, and customer-facing automation. As soon as an AI feature ships, it starts handling real data. Customer messages. Internal documents. Support tickets. Logs. Training samples. That’s when AI data security stops being an abstract concern and becomes a product requirement.
Read Post
keeper

How the Model Context Protocol Is Redefining Zero Trust for AI Agents

Jan 5, 2026 By Ashley D'Andrea In Keeper
As Artificial Intelligence (AI) agents become more autonomous by accessing critical systems and acting without real-time human oversight, they are evolving from productivity tools into active Non-Human Identities (NHIs) like service accounts or API keys that require the same oversight and controls as human users. This shift expands organizational attack surfaces, introducing new security risks related to overprivileged access and lateral movement of NHIs across cloud infrastructure.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.