Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Secure Cloud Access - CyberArk MCP Server

Aug 14, 2025 By CyberArk In CyberArk
Take control of cloud access for AI-driven workflows without slowing down your team. CyberArk SCA MCP Server is the latest innovation in identity security, purpose-built for the age of agentic AI. Now available in the AWS Marketplace, CyberArk SCA MCP Server empowers developers and AI agents to securely request elevated access directly from their IDE while enforcing Zero Standing Privileges across multi-cloud environments.
View Video

How to Hack a Cloud: Insider Threat

Aug 14, 2025 By CyberArk In CyberArk
In this episode of How to Hack a Cloud: Insider Threat, discover how standing administrative access in AWS can be exploited by a disgruntled employee. Follow Michael Scott’s story as he misuses his S3 admin privileges to silently delete critical data, leaving the company blindsided. Learn how CyberArk Secure Cloud Access enforces Zero Standing Privileges, ensuring time-bound, need-based access to prevent such malicious activity—all while maintaining seamless workflows for legitimate tasks. See how this solution strengthens identity security across multi-cloud environments.
View Video

How to Hack a Cloud Access Mismanagement

Aug 14, 2025 By CyberArk In CyberArk
Protect Your Cloud: Prevent Access Mismanagement with CyberArk Secure Cloud Access Discover how to safeguard your cloud environment from access mismanagement in this eye-opening episode of How to Hack a Cloud: Access Mismanagement. The video demonstrates how attackers exploit standing AWS IAM access keys, turning a common oversight into a major security breach.
View Video

The Two AI Licenses You Need to Know

Aug 14, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video

See Falcon Next-Gen Identity Security in Action

Aug 14, 2025 By CrowdStrike In CrowdStrike
Traditional identity and access management (IAM) and privileged access management (PAM) solutions are unprepared to face modern identity attacks. These solutions are primarily built to manage access — not secure it. Falcon Next-Gen Identity Security combines proactive prevention, modern secure privileged access, identity threat detection and response (ITDR), SaaS identity security, and agentic identity protection to stop identity-driven attacks.
View Video
elastic

Elastic joins AWS Zero Trust Accelerator for Government (ZTAG) program

Aug 14, 2025 By Marianna Jonsdottir, In Elastic
Strategic collaboration to advance security information and event management (SIEM) integration specifically tailored for the US federal government's Zero Trust architecture Elastic is proud to be officially recognized as an AWS Zero Trust for Government partner and for onboarding into the AWS Zero Trust Accelerator for Government (ZTAG) program in the US.
Read Post
Torq

Hyper-AUTO-Mation: Why Carvana's CISO Bet on Agentic AI for 5x SOC Efficiency

Aug 14, 2025 By Patrick "PO" Orzechowski In Torq
CISOs everywhere are feeling the AI fatigue. Every vendor at Black Hat 2025 was hyping ‘AI agents for SecOps,’ so there’s rightfully a lot of skepticism about deploying AI in production, especially in enterprise environments. But the old way of running a SOC just isn’t working anymore. After all the time and money spent on traditional playbooks, we’re still wrestling with the same challenges: alert fatigue, burnout, tool sprawl, and inability to scale.
Read Post
cyberark

Rethinking secondary accounts: How zero standing privileges (ZSP) reshape identity security

Aug 14, 2025 By Mark Szalkiewicz, Mike Bykat and Prashant Tyagi In CyberArk
For years, separating day-to-day user activity from administrative tasks through secondary accounts was considered a security best practice. But as identity threats grow more sophisticated and cloud environments become more dynamic, this static model is showing its age. Today, modern identity security demands a shift—one that zero standing privileges (ZSP) are designed to deliver.
Read Post
cyberark

Bridging runtime visibility and secrets management in Kubernetes with Sweet Security and CyberArk

Aug 14, 2025 By Niels van Bennekom In CyberArk
Secrets management is a foundational pillar of cloud security. It enables secure storage, rotation, and access control for application secrets. But in Kubernetes environments, secrets don’t just live in vaults; they move, execute, and often proliferate across clusters and containers. Without visibility into how secrets are used at runtime, organizations risk exposing sensitive data without realizing it.
Read Post
tripwire

Taming Shadow IT: What Security Teams Can Do About Unapproved Apps and Extensions

Aug 14, 2025 By Josh Breaker-Rolfe In Tripwire
Shadow IT is one of the most pressing issues in cybersecurity today. As more employees use unsanctioned browser extensions, productivity plugins, and generative AI tools, organizations are exposed to more risk. When these tools enter the environment without IT’s knowledge, they can create data exposure points, introduce new vulnerabilities, and make it easier for attackers to find privileged access paths. In many cases, the employee doesn’t even realize the risk they’ve introduced.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.