Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A Look At GitGuardian's ML-Powered Contextual EnrichmentAnd Incident Scoring

Apr 14, 2026 By GitGuardian In GitGuardian
In this quick introductory video, Mathieu Bellon, Senior Product Manager at GitGuardian, sits down with Dwayne McDaniel, Developer Advocate, to cover some of the advancements GitGuardian has made by integrating machine learning directly into the secrets security platform. Mathieu describes how engineers and responders can save serious time as by automating contextual analysis, geving the humans in the loop with the best information to be able to take an informed action when it comes to secrets leaks. They also discuss the security implications and where teams can look if they want to opt out or bring their own agents.
View Video
mend

Best Software Composition Analysis (SCA) Tools: Top Solutions in 2026

Apr 14, 2026 By Tiffany Jennings In Mend
Software Composition Analysis (SCA) tools expose the risks in open source dependencies by identifying vulnerabilities, outdated dependencies, and license issues in your codebase. Top solutions include Mend.io (best for automated remediation and proactive SCA), Sonatype Lifecycle (known for enterprise policy management), Snyk (known for developer experience), and Checkmarx SCA (known for comprehensive coverage).
Read Post

How GitGuardian and CyberArk MCP Servers Cut Secrets & Vault Sprawl with AI Automation

Apr 13, 2026 By GitGuardian In GitGuardian
Watch the teams of GitGuardian and CyberArk for a demo-first session on how MCP (Model Context Protocol) servers can help you tame secrets sprawl and vault sprawl by letting developers use AI to trigger the right actions, with far less cognitive load! What you’ll learn.
View Video

I Tried 5 Prompt Injection Attacks (Here's What Happened)

Apr 13, 2026 By Snyk In Snyk
In this video, we explore the growing security risk of prompt injection in large language model (LLM) applications. As AI becomes embedded in more products, new vulnerabilities emerge, especially through natural language manipulation. We break down how LLMs work, the importance of system prompts, and demonstrate five real-world prompt injection techniques used to extract sensitive information or bypass safeguards. You’ll see live examples using different models and learn why newer models are more resilient, but still not immune.
View Video

Auditing Agentic Behavior for FedRAMP Compliance | Teleport

Apr 10, 2026 By Teleport In Teleport
AI agents are tireless, highly capable, eager to please, but difficult to manage. George Chamales (CriticalSec) and Josh Rector (Ace of Cloud) unpack the identity and access challenges posed by agentic AI. How do you verify it was the right agent, doing the right action, approved by the right person? How do we bound, constrain, govern agentic behavior? Ultimately, the same frameworks built for human identity and access should be applied to agents.
View Video
armo

CVE-2026-0968: The libssh Heap Read That Isn't as Scary as Scanners Say

Apr 10, 2026 By Ben Hirschberg In ARMO
A missing null check in libssh’s SFTP directory listing code lets a malicious server crash clients, but real-world exploitability is extremely constrained. CVE-2026-0968 is an out-of-bounds heap read in sftp_parse_longname(), triggered when an SFTP client processes a crafted SSH_FXP_NAME response with a malformed longname field. Red Hat, which serves as the CNA (CVE Numbering Authority) for this vulnerability, scored it 3.1 (Low), while Amazon Linux independently scored it 4.2 (Medium).
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.