Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

armo

AI Agent Security Framework on GKE: Implementation Guide

Apr 23, 2026 By Ben Hirschberg In ARMO
Your platform team spent a week configuring the Agent Sandbox CRD on a gVisor-enabled node pool — the architecture Google positions as the recommended pattern for AI agent workloads on GKE. Workload Identity Federation with KSA principals is bound to every agent pod. Container Threat Detection is licensed and active in Security Command Center Premium. And the runtime behavioral sensor you budgeted for won’t install.
Read Post
armo

How Healthcare Platform Teams Should Secure AI Agents on Kubernetes

Apr 23, 2026 By Shauli Rozen In ARMO
The surgeon is thirty-two minutes into a procedure. The ambient scribe pod listening to the operating room is mid-encounter — transcribing, retrieving prior chart context, drafting the operative note for post-op sign-off. At the same moment, your SOC gets an alert: anomalous tool invocation from that pod, elevated egress volume, behavioral deviation from the agent’s baseline.
Read Post
armo

Detecting Threats in Multi-Agent Orchestration Systems: LangChain, CrewAI, and AutoGPT

Apr 23, 2026 By Yossi Ben Naim In ARMO
It’s Tuesday morning at a mid-size fintech. A customer-support workflow runs on CrewAI in production: a Triage agent reads tickets, a Records agent pulls customer history, a Remediation agent drafts and sends the reply. A user submits a ticket with a pasted error log containing an indirect prompt injection. Triage summarizes and delegates. Records, interpreting instructions embedded in the summary, pulls 2,400 customer records instead of one.
Read Post

GitGuardian Can Now Monitor Your Gerrit Repositories To Help You Fight Secrets Sprawl

Apr 23, 2026 By GitGuardian In GitGuardian
In this video, Romain Jouhannet, Product Manager at GitGuardian, talks with Dwayne McDaniel, Developer Advocate at GitGuardian about the platform's new native support for Gerrit as a VCS source. Gerrit is widely used for enterprise code review workflows, often hosting sensitive internal repositories. You can now connect your Gerrit instance to GitGuardian to detect secrets exposed across your repositories and commit histories, with the same experience as our other VCS integrations.
View Video
mend

A Poisoned Xinference Package Targets AI Inference Servers

Apr 22, 2026 By Tom Abai In Mend
Part 1 covered CanisterWorm. Part 2 covered the malicious LiteLLM package. Part 3 covered the Telnyx WAV steganography attack. This post covers the latest wave: three malicious versions of xinference on PyPI, carrying the same credential-stealing playbook and a plot twist. On April 22, 2026, Mend.io’s threat detection identified malicious versions of xinference on PyPI: 2.6.0, 2.6.1, and 2.6.2.
Read Post
armo

Implementing AI Agent Security on Azure AKS: A Practical Guide

Apr 22, 2026 By Ben Hirschberg In ARMO
Your platform team deployed eBPF-based runtime sensors on AKS last week. Defender for Containers is enabled. Azure Policy is enforcing pod security standards across your AI workload namespaces. And your Observe pillar is still blind — because nobody enabled the Diagnostic Setting that routes kube-audit logs to the Log Analytics workspace where your tooling can actually consume them.
Read Post
armo

AI Workload Discovery: How to Find Every AI Agent Running in Your Clusters

Apr 22, 2026 By Shauli Rozen In ARMO
A CISO at a mid-sized SaaS company pulls her platform lead aside after a board meeting. One question: “Do we have AI agents running in production?” The lead pauses. He knows the data science team has been experimenting with LangChain. He remembers a conversation about a customer-support pilot. He thinks there might be an inference server in staging that got promoted last quarter.
Read Post
armo

AI Workload Security for Healthcare: What CISOs Need to Prove Under HIPAA

Apr 22, 2026 By Yossi Ben Naim In ARMO
A patient calls your privacy office and requests an accounting of every disclosure of her PHI made outside treatment, payment, and healthcare operations over the past six years. This is her right under HIPAA. Your privacy officer pulls the EHR disclosure log. It is complete through the day your organization deployed its first production AI agent.
Read Post

GitGuardian Now Flags Overprivileged and Admin Secrets Across AWS, Entra, And Okta Identities

Apr 22, 2026 By GitGuardian In GitGuardian
GitGuardian NHI Governance will now automatically flag machine identities that carry admin access and have more privileges than they actually use. GitGuardian NHI Governance has been able to surface policy breaches for long-lived secrets, Duplicated Secrets, and, of course, if the secrets have been leaked publicly or internally.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.