Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Secret Scanning For AI Coding Tools With ggshield

Apr 8, 2026 By GitGuardian In GitGuardian
Introducing ggshield AI hooks from GitGuardian to help stop AI coding assistants from leaking secrets. See how ggshield can scan prompts, tool calls, file reads, MCP calls, and tool output inside AI coding tools like Cursor, Claude Code, and VS Code with GitHub Copilot. When a secret is detected, ggshield can block the action before sensitive data is sent or exposed. You will also see how simple the setup is, with flexible install options for local or global use. This adds practical guardrails to AI-assisted development and helps teams move fast without increasing secret sprawl.
View Video
certkit

CertKit is out of beta

Apr 7, 2026 By Todd H. Gardner In CertKit
CertKit is officially out of beta. We started building CertKit a year ago, and since then over 600 people signed up, issued certificates, and deployed to their infrastructure. Several are running it as their production certificate management platform right now. We built a lot during the beta. Some of it we planned: SSO, team management, alerting. Other things, users had to beat into us. The Keystore came from enterprise security requirements to keep private keys in house.
Read Post
mend

Container Security Without Context Is Just More Noise

Apr 7, 2026 By Shannon Davis In Mend
Mend.io’s new Docker Hardened Images integration brings DHI intelligence directly into the AppSec workflow, giving a smarter, faster path to container security. Container scanning has a noise problem. Run a standard scan against any production image, and you’ll surface thousands of CVEs.
Read Post

Your AppSec Metrics Are Lying to You. Here's What Actually Matters

Apr 7, 2026 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video
CloudCasa

CloudCasa Launches in the NKP Partner Catalog, Expanding Data Protection and Mobility for NKP Users

Apr 7, 2026 By CloudCasa In CloudCasa
At Nutanix.NEXT, we’re excited to announce that CloudCasa is launching in the NKP Partner Catalog, giving Nutanix Kubernetes Platform (NKP) solution users an easier way to add Kubernetes-native backup, recovery, disaster recovery, and migration to their environments. This launch builds on CloudCasa’s existing Nutanix Ready foundation and extends that value even further by making CloudCasa available through the NKP Partner Catalog.
Read Post
How Minimal Container Images Are Reshaping the Fight Against CVE Exposure in Modern Cloud Environments

How Minimal Container Images Are Reshaping the Fight Against CVE Exposure in Modern Cloud Environments

Apr 6, 2026 By SecuritySenses In SecuritySenses
As the adoption of containers grows across Cloud infrastructure, Cybersecurity experts and DevSecOps leaders continue to deal with the persistent surge of publicly available software vulnerabilities. The National Vulnerability Database documented an alarming figure of 29,000 CVEs for 2023, and the numbers since then show no signs of slowing down. Research shows that the majority of production container images have known vulnerabilities. This article explores the relationship between container images and CVE vulnerabilities (exposure), the growing burden of compliance, and the target risk reduction of minimal-image strategies.
Read Post
teleport

CMMC Requirements for AI Systems: What Assessors Actually Look For

Apr 3, 2026 By Josh Rector In Teleport
Josh Rector is the Compliance Director, Public Sector at Ace of Cloud, a security and compliance consulting firm, certified CMMC Third-Party Assessor Organization (C3PAO), and Registered Provider Organization (RPO). With more than a decade of experience in cybersecurity compliance, he has worked both sides of the assessment table, leading internal and external assessments, serving as ISSO for systems at federal agencies, and guiding cloud service providers through the FedRAMP authorization process.
Read Post

The AI Compliance Gap No One's Talking About (ISO, NIST, EU AI Act)

Apr 2, 2026 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video
mend

AI Application Security: 6 Focus Areas and Critical Best Practices

Apr 2, 2026 By Tiffany Jennings In Mend
AI application security protects AI-powered apps, including those powered by large language models ( LLMs), from unique threats like prompt injection, data poisoning, and model theft. It achieves this by securing the entire lifecycle, including code, data, algorithms, and APIs, using specialized tools and processes that go beyond traditional security measures. It involves securing the AI model’s behavior, training data, and outputs.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.