Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

inetco

Why Kuwait's WAMD penalty framework demands real-time payment visibility and in-flight fraud prevention

May 27, 2026 By Joe Kitos In INETCO
When Kuwait launched the WAMD real-time payment rail in 2024, the goal was clear: Enable banks and financial institutions to add speed, convenience and resilience to the country’s national payment infrastructure. Facilitated by the KNET Payment Gateway under the supervision of the Central Bank of Kuwait (CBK), the service has become such a key part of the country’s digital banking ecosystem that the CBK is making it crystal clear that real-time must also mean reliable.
Read Post
persona

8 ways I use Graph to uncover fraud rings

May 27, 2026 By Ashley Fang In Persona
As a fraud analyst at Persona, I have to balance working on fraud escalations for specific customers and keeping an eye on cross-customer (and cross-industry and cross-region) fraud trends. The work naturally overlaps, as one escalation can turn into a trend as fraud rings move on to new targets. And, getting ahead of large trends helps us stop escalations. I have a lot of tools at my disposal, but I want to discuss Graph, Persona’s real-time link analysis product.
Read Post
persona

Introducing Persona's Workday Recruiting integration for candidate verification

May 27, 2026 By Jenna Kim In Persona
Imagine spending weeks moving a strong job candidate through a rigorous interview process. The hiring manager is excited for their new hire and collaborates with multiple teams to prepare for a smooth onboarding. But on day one, a completely different person shows up for the job. For too many companies, scenarios like this have become disturbingly common. Besides introducing serious security risks, fake job candidates waste valuable talent team resources.
Read Post
persona

Our comments to NIST: AI agent security starts with human identity verification

May 27, 2026 By Will Wilkinson In Persona
AI agents have developed advanced capabilities faster than most would have imagined. In enterprise contexts, workforces are delegating more and more tasks to them. While the promise of increased productivity is enticing, the shift from deterministic automated tools to agentic autonomous systems introduces security risks that most enterprises haven’t prepared for.
Read Post

Stop Talking Tech to the Boardroom. Start Talking ROI.

May 27, 2026 By One Identity In One Identity
The corporate firewall is dead. With cloud, remote work, and state-sponsored attacks reshaping the threat landscape, identity is now the security perimeter, and boards are paying attention to the price tag. One Identity CEO, Praerit Garg, shows CISOs how to ditch the technical jargon and make the case for identity security in the only language the boardroom understands: money, risk, and ROI.
View Video

Shadow AI Is Already In Your Company - What Can You Do About It?

May 27, 2026 By Cyberhaven In Cyberhaven
In this video, you will learn why static domain-blocking strategies fail against the modern Shadow AI ecosystem, how Generative AI wrappers, browser extensions, and personal accounts bypass corporate firewalls without triggering an alert, and why network-layer inspection cannot distinguish proprietary code from public Stack Overflow snippets. We break down the limitations of traditional DLP at the clipboard layer, explain how data lineage replaces application allow-lists, and show how the "Glass House" model lets enterprises enable AI productivity while strictly gating sensitive data movement.
View Video

Defending Against the Next Generation of Agentic Attacks

May 27, 2026 By Cato Networks In Cato Networks
The attack lifecycle is compressing. Frontier AI models like Anthropic’s Mythos and OpenAI’s GPT-5.5-Cyber can help bad actors research vulnerabilities, test approaches, adapt code, and change delivery methods at machine speed and scale. That reduces the time, skill, and coordination needed to move from vulnerability discovery to active attack. When attacks behave this way, security needs to operate in real time with full visibility and context across the attack path.
View Video
datadog

How to detect HTTP/2 abuse in Apache web server logs

May 27, 2026 By Mallory Mooney In Datadog
Apache HTTP Server is one of the most popular web servers in use today for engineering teams, and its prevalence naturally makes it a frequent target for attackers. In May 2026, the Apache Software Foundation patched CVE-2026-23918, a high-severity double-free vulnerability in Apache 2.4.66’s mod_http2 module. For teams not using Apache’s MPM prefork, the vulnerability would enable an attacker to crash worker processes or achieve remote code execution (RCE) in some specific cases.
Read Post
appsentinels

Agentic Identity Is Not NHI With a Brain

May 27, 2026 By AppSentinels In AppSentinels
The non-human identity (NHI) problem was always the same problem: too many service accounts, too few owners, too many secrets in too many places. They sat where we left them, quietly piling up privilege, outliving the engineer who created them. Eventually someone, an auditor, sometimes an attacker, went looking and found them. Agents are a different problem.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.