Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Nucleus: The Exploitability Gap: What Security Teams Can Know Before CISA KEV
What can (and should) security teams know before a vulnerability is added to CISA KEV? In this webinar, we'll share original research based on new entries to the CISA KEV catalog since Oct 2025, where 18% surfaced clear exploitability signals days and even weeks before KEV listing. We will share our deep dive into the 36% that were identified as exploited before KEV and the remaining 64% exploitable with no identified pre-KEV exploitation.
How ADAudit Plus eliminates auditing blind spots and provides granular visibility into your AD environment
Active Directory (AD) auditing focuses on topics such as who did what, when, and from where within your network. AD auditing and SIEM monitoring are closely related, yet they play two distinct roles in cybersecurity. SIEM monitoring shows you how a change is connected to an attack or incident. Together, they enable faster investigations, accurate root-cause analysis, and a stronger security posture.
Featured Post
Iranian Cyber Threats, Geopolitics and the New Cyber Reality
In recent weeks, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and the National Cyber Security Centre (NCSC) have all issued warnings about the growing risk of cyber activity attributed to Iranian-aligned actors. Their message is clear: the geopolitical situation is volatile, and organisations should assume they may be in scope for retaliation. The agencies all highlight similar weaknesses being repeatedly exploited: unpatched vulnerabilities, weak identity controls, and exposed remoteaccess services.
Add alert evidence from Armis to Drata controls
Automate compliance evidence collection from Armis to Drata in under 5 minutes. Manually gathering and uploading alert evidence for compliance audits is time-consuming and error-prone. In this video, we walk through a Tines story that automatically pulls unhandled alerts from Armis and uploads them as external evidence to the matching alert controls in Drata, complete with pagination handling so no data gets missed. The result is a fully automated compliance evidence pipeline that saves your team hours of repetitive work.
3 Reasons Your Security Can't Stop AI Attacks #shorts #ai
Is your SOC ready for the 10-minute attack? In 2026, traditional Security Operations Centers are failing to stop Agentic AI Attacks. Why? Because agents don't follow the rules of legacy software. In this Short, we break down the three reasons your current defense is obsolete. The 3 Reasons Your SOC is Too Slow.
April 13, 2026 Emerging Threats Weekly
This week’s briefing covers: Dive deeper.
Real-Time AI Security: Securing Autonomous Agents in 2026
Is your security stack ready for the agentic revolution? As we move into 2026, Real-Time AI Security has become the new frontier for enterprise protection. In this episode of AI on the Edge, Amar (CEO of Protecto) sits down with security veteran and investor Anand Tangiraja to discuss why traditional "shift left" strategies and legacy tools are failing in the face of autonomous agents.
The Security Fix That Costs Nothing
One of the biggest security problems is speed, not a lack of tools. Constant pressure, tired judgement and endless cognitive load make people more likely to miss phishing, mishandle data and make poor decisions, so slowing down becomes a practical security control.
I Tried 5 Prompt Injection Attacks (Here's What Happened)
In this video, we explore the growing security risk of prompt injection in large language model (LLM) applications. As AI becomes embedded in more products, new vulnerabilities emerge, especially through natural language manipulation. We break down how LLMs work, the importance of system prompts, and demonstrate five real-world prompt injection techniques used to extract sensitive information or bypass safeguards. You’ll see live examples using different models and learn why newer models are more resilient, but still not immune.
How to Detect and Prevent Lateral Movement Attacks
A few years ago, during a routine investigation after a phishing incident, the security team believed the damage was contained. During the attack, one employee’s laptop was compromised. The security team removed the malware and the password was reset. But the next morning, when analysts started reviewing authentication logs, something odd appeared. The same compromised account had logged into three internal servers overnight. Then a database server. Then a backup controller.