Snyk's MCP Server in ACTION! (Windsurf)
Snyk's MCP Server in ACTION! (Windsurf)
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
How to Install an MCP Server in Windsurf
How to Install an MCP Server in Windsurf.
Why VM Backups Are Not Enough in Tanzu
Running Kubernetes on VMware Tanzu gives you flexibility, scalability, and strong enterprise integration. But when it comes to protecting applications and data, many teams still rely on traditional VM backups. At first glance, it seems logical: if you back up the VM that hosts your cluster, you should be safe. Unfortunately, that’s a dangerous assumption. VM backups capture the virtual machine state—but they don’t understand Kubernetes.
Recovering Tanzu Kubernetes Clusters After VM Loss: Step-by-Step Guide
When a VM hosting your Tanzu Kubernetes cluster crashes, your recovery strategy can make or break application availability. Traditional VM backups often miss Kubernetes-specific data, leading to incomplete or inconsistent restores. This guide walks you through a reliable recovery process using CloudCasa, ensuring you restore both infrastructure and application state with confidence.
Zero Trust in DevSecOps Pipelines: Securing CI/CD Pipelines
Your CI/CD pipeline may also be the rocket that propels your business, but it can also be the silent killer that will blow up all that you have created. Think about it. You have automated code builds, testing, and deployments. Your people are driving features at light speed. Customers are happy. Revenue is growing. But beneath the surface? A single crack will cause the entire system.
Building Strong Container Security for Modern Applications
Containers have transformed how modern applications are built and deployed. They’re lightweight, portable, and allow teams to move software from development to production faster than ever before. But as adoption has accelerated, so have security concerns. From vulnerable base images to exposed Kubernetes clusters, container security has become a top priority for AppSec and DevSecOps professionals.
Why Security Can Be Stricter: A Zero Trust Approach to AppSec with AI | Mend.io
Is AI making application security easier or harder? We spoke to Amit Chita, Field CTO at Mend.io, the rise of AI agents in the Software Development Lifecycle (SDLC) presents a unique opportunity for security teams to be stricter than ever before. As developers increasingly use AI agents and integrate LLMs into applications, the attack surface is evolving in ways traditional security can't handle. The only way forward is a Zero Trust approach to your own AI models. Join Ashish Rajan and Amit Chita as they discuss the new threats introduced by AI and how to build a resilient security program for this new era.
Securing AI Applications in the Cloud: Shadow AI, RAG & Real Risks | Mend.io
What does it take to secure AI-based applications in the cloud? In this episode, host Ashish Rajan sits down with Bar-el Tayouri, Head of Mend AI at Mend.io, to dive deep into the evolving world of AI security. From uncovering the hidden dangers of shadow AI to understanding the layers of an AI Bill of Materials (AIBOM), Bar-el breaks down the complexities of securing AI-driven systems. Learn about the risks of malicious models, the importance of red teaming, and how to balance innovation with security in a dynamic AI landscape. What is an AIBOM and why it matters The stages of AI adoption.
Kubernetes Consulting Strategies for Scalable Applications
If there's one platform that has gradually wrestled its way to the top and become one of the most popular platforms when it comes to managing cloud-native applications, it's Kubernetes for sure. And this shouldn't come as a surprise, since it enables businesses to manage, deploy, and scale containers, allowing them to be a lot more effective, and, concurrently, retain a competitive edge. Although there's no denying that Kubernetes can be of massive help, to be honest, it's not very easy to comprehend and manage, and that's all due to its complexity, which many companies struggle with.
Code Scanning in 2025: Why, How & the Role of Scanning in AI Security
Code scanning is the process of automatically analyzing source code to identify potential security vulnerabilities, bugs, and other code quality issues. It’s a crucial part of secure application development, helping teams detect and fix problems early in the software development lifecycle. Code scanning tools mainly use static analysis methods (examining code without running it), in contrast to dynamic analysis tools which analyze applications while they are running.