Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

How to Secure AI in Your App: Mend AI for AppSec Teams

Jun 9, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video
CalCom

Securing SSH on RHEL: 5 Essential Configuration Steps

Jun 9, 2025 By Jonny Gold In CalCom
Linux distributions, such as Red Hat Enterprise Linux (RHEL), dominate the enterprise and cloud computing sectors. One of the many reasons for the success and popularity of Linux is its support of convenient and straightforward remote access protocols, such as Secure Shell (SSH). In the right hands, SSH’s ability to securely access remote servers enables access to any Linux server, regardless of the environment. The problem is that, in the wrong hands, SSH can be a security nightmare.
Read Post
Is Your Rented Server Safe Enough?

Is Your Rented Server Safe Enough?

Jun 9, 2025 By SecuritySenses In SecuritySenses
We get it-you've rented a server. Whether it's for your business, your app, your game, or just that brilliant startup idea you're nurturing, renting a server feels like leveling up. It's exciting, empowering... and terrifying. Because the moment that server is online, it's visible to the entire internet. Including the bad guys. Hackers, bots, DDoS armies, and other digital troublemakers don't care that it's "just a test project." If it's online, it's fair game. So, how do you protect it?
Read Post
teleport

Workload Identity Meets Supply Chain Security: Teleport's Sigstore Integration

Jun 5, 2025 By Dan Upton In Teleport
It’s no secret that the software development life cycle is becoming more complex. With a plethora of libraries, frameworks, and now AI coding agents and assistants, we can build far more ambitious software in a fraction of the time. This is fantastic! But with it come greater opportunities for accidental or malicious security bugs and vulnerabilities to sneak in undetected, with potentially devastating consequences for your users and their trust in your company.
Read Post
mend

Best SAST Tools: Top 10 Solutions Compared

Jun 5, 2025 By Mend.io Communications In Mend
SAST tools automatically scan the source code of an application. The goal is to identify vulnerabilities before deployment. SAST tools perform white-box testing, which involves analyzing the code based on inside knowledge of the application. SAST offers granularity in detecting vulnerabilities, providing an assessment down to the line of code.
Read Post
teleport

Your Infrastructure Has a Non-Human Trust Problem

Jun 4, 2025 By Jack Pitts In Teleport
Modern infrastructure is increasingly run by automated systems, not people. Bots push code. Runners deploy to prod. Agents orchestrate cloud resources. And increasingly, AI models trigger actions directly through prompt-driven automation. Welcome to the era of non-human identities (NHIs): the invisible workforce operating behind modern digital systems.
Read Post

Pen Testing: The "Aha" Moment That Changed Everything! #cybersecurity

Jun 4, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video
teleport

Security Benchmarking Authorization Policy Engines: Rego, Cedar, OpenFGA & Teleport ACD

Jun 4, 2025 By Mohamed Ouad, Doyensec In Teleport
Back in 2024, Amazon Web Services (AWS) engaged Trail of Bits (ToB) to perform a comparative assessment between several authorization and access management policy languages. If you're unfamiliar with the concept of a policy engine, it's essentially a fully-featured engine that offloads authorization decisions in an application.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.