Technology

Common pitfalls when evaluating AI agents for the SOC

Jun 17, 2025 By LimaCharlie In LimaCharlie

When evaluating AI agents for your SOC, it's not just about capabilities—it’s about control, oversight, and integration. In this clip, Philippe Tchakovski breaks down the most common mistakes security teams make when adopting AI: from fragile API integrations to missing guardrails and a lack of audit trails. Don’t deploy blindly—understand the risks before automation goes live.

View Video

LimaCharlie

Read more about Common pitfalls when evaluating AI agents for the SOC

Defending AI on the Edge with David Weston

Jun 17, 2025 By LimaCharlie In LimaCharlie

David Weston, Corp Vice President of OS Security at Microsoft, joined us for Defender Fridays! He covered how we protect AI data and models on Windows devices outside of the data center, and how we use AI to find vulnerabilities in Windows.

View Video

LimaCharlie

Read more about Defending AI on the Edge with David Weston

Security isn't a department.

Jun 17, 2025 By Cloudflare In Cloudflare

Security isn’t a department. It’s a shared responsibility. To move from reactive to preventive, every product team needs embedded cyber expertise. Ange Ferrari, SVP and CISO at Metro AG, explains how decentralizing security enables scale and forces organizations to treat security as everyone's job, not just IT's. If you want to "shift left" for real, this episode is your playbook.

View Video

Cloudflare

Read more about Security isn't a department.

What Is an API Gateway-and Does It Really Secure Your APIs?

Jun 17, 2025 By Indusface In Indusface

API Gateways are a critical first line of defense in securing APIs—but can you rely on them alone? In this video, we break down how API Gateways work, what security features they offer, and why they’re not a complete solution.

View Video

Indusface

API
Security

Read more about What Is an API Gateway-and Does It Really Secure Your APIs?

API Gateway Security: The Essential InfoSec Guide

Jun 17, 2025 By The Apono Team In Apono

As the software world shifted toward microservices and distributed architectures, the volume and complexity of API traffic have skyrocketed. Unfortunately, so has the number of API-related breaches and cyber attacks. Last year, nearly 44% of all advanced bot traffic online targeted API endpoints, while traditional web applications received just 10% of the malicious traffic. It’s no surprise that 57% of organizations admit to having suffered API-related breaches in the past two years.

Read Post

Apono

Read more about API Gateway Security: The Essential InfoSec Guide

Your Code Might Be Using Risky AI Models

Jun 17, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Your Code Might Be Using Risky AI Models

Catch Bugs Faster: Cursor's BugBot for AI Code Review

Jun 17, 2025 By Snyk In Snyk

In this video we dive into Cursor's 1.0 release, focusing on their new BugBot feature. This AI-powered tool integrates with your GitHub workflow to automatically review pull requests and identify potential bugs. We'll show you how to set up BugBot, trigger it on a pull request, and analyze the issues it finds, including a real-world example of it catching errors in AI-generated code from Google's Jules tool.

View Video

Snyk

Read more about Catch Bugs Faster: Cursor's BugBot for AI Code Review

The New Threat Landscape: AI-Native Apps and Agentic Workflows

Jun 17, 2025 By Snyk Team In Snyk

Businesses are moving beyond AI experiments and proofs of concept. As we approach what IDC is predicting will be the “AI pivot years” of 2025-2026, organizations are prioritizing, planning, and building for scale. This shift includes AI agents — self-directed tools that automate tasks — as technology providers strive to simplify development workflows. Under the surface, AI systems expose an expanded threat landscape that spans the software development lifecycle (SDLC).

Read Post

Snyk

Read more about The New Threat Landscape: AI-Native Apps and Agentic Workflows

Why we moved our ECS services from Fargate to EC2

Jun 17, 2025 By Nico Waissbluth In Tines

At Tines, we rely heavily on AWS Elastic Container Service (ECS) to power our workflow automation platform. For a couple of years, we used Fargate as our default compute layer – offering simplicity and removing the need to manage underlying hosts. However, as we scaled, we started hitting the edges of what Fargate could reliably offer. This is the story of why we migrated our backend services to an EC2-backed ECS Capacity Provider and what we learned along the way.

Read Post

Tines

Read more about Why we moved our ECS services from Fargate to EC2

AWS KMS Embraces the Quantum Era with ML-DSA Digital Signature Support

Jun 17, 2025 By SignMyCode In SignMyCode

As quantum computing creeps closer, the cryptographic mechanisms on which today’s digital world relies are becoming more and more fragile. In a prescient move, AWS Key Management Service (KMS) now supports ML-DSA, one of the first post-quantum digital signatures, which has become a standard under FIPS 203. This is an important step in AWS’s broader efforts to prepare customers for the post-quantum secure future.

Read Post