Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

astra

Autonomous AI Agents for Penetration Testing: A Complete Guide

Jun 1, 2026 By Sanskriti Jain In Astra
Your last pentest probably took 2 weeks, cost 5 figures, and tested a fraction of your actual attack surface. Meanwhile, your team shipped 47 deployments in the same window, with each one almost completely untested for security. That gap between how fast you ship and how slowly you test is exactly where autonomous AI agents for penetration testing come in, especially with hackers getting smarter and faster each day (They are not using AI to summarize PDFs!).
Read Post
CrowdStrike

CrowdStrike Scales AI-Native Agents Across Falcon Exposure Management with NVIDIA

Jun 1, 2026 By Chase Midler In CrowdStrike
Security teams face a new imperative: act fast, or risk losing the vulnerability battle. The average enterprise faces thousands of vulnerabilities across a sprawling hybrid attack surface. Adversaries are using AI to discover and exploit weaknesses independently, at machine speed, making traditional disclosure timelines increasingly irrelevant. Scan-and-ticket workflows weren't built for this reality, and neither are the teams asked to execute them with finite headcount and growing board-level scrutiny.
Read Post
armo

Types of AI Agent Attacks: A Security Team's Taxonomy

May 30, 2026 By Ben Hirschberg In ARMO
A security team running agents in production can already list the ways those agents get attacked: prompt injection, memory poisoning, tool abuse, model tampering, agent-to-agent coercion. The list is not the problem. The problem is that a security architect can recite all five and still not know which ones their detection stack will catch, because the way the field catalogs these attacks says nothing about whether the attack is catchable.
Read Post
armo

The AI Agent Attack Kill Chain: Which Stages You Can Actually Detect

May 30, 2026 By Shauli Rozen In ARMO
The early stages of an AI agent attack are silent. The poisoning, the hijacked intent, the reconnaissance: none of it executes, so none of it produces a runtime signal, and the kill-chain instinct every security team runs on says exactly the wrong thing here: break the earliest link. There is no early link to break. You cannot detect a stage that emits nothing.
Read Post
armo

Tool Call Analysis for AI Attack Detection: Reading What Rides Inside the Call

May 30, 2026 By Yossi Ben Naim In ARMO
A compromised agent doesn’t make a single call it isn’t allowed to make. It queries a table it’s authorized to read, calls a tool it’s authorized to use, sends to a domain that’s on the allowlist. Every call is legal. The attack is in the values it passes, and your tool-call log records all of it as a clean day’s work. A tool call has two layers. Almost every tool you run reads the first one: the call itself: which tool, in what order, at what rate.
Read Post
armo

How to Tell If Your AI Agent Has Been Compromised (When Every Symptom Looks Normal)

May 30, 2026 By Ben Hirschberg In ARMO
Your AI agent just did something it has never done. It called a tool that is not in its usual set, or it opened a connection to a destination you do not recognize, or its output came back subtly wrong. So you do what anyone does: you search for what a compromised agent looks like, and you find a checklist. Unusual tool usage. Unexpected data access. Out-of-context responses. Elevated resource consumption.
Read Post
Compliance and Regulation Heat Up in 2026: A New Phase of Scrutiny for Financial Services Organisations

Compliance and Regulation Heat Up in 2026: A New Phase of Scrutiny for Financial Services Organisations

May 29, 2026 By Sean Tilley, Senior Director of Sales EMEA In 11:11 Systems
The regulatory landscape facing financial services in 2026 is more complex, more demanding, and faster moving than at any point in the past decade. Across the UK, regulators are attempting to strike a delicate balance of stimulating economic growth while maintaining strong consumer protection and financial stability. This balancing act is unfolding against a backdrop of sluggish economic performance, geopolitical uncertainty, and political pressure for "pro-growth" regulation. The result is a regulatory environment where the pace, scope, and intensity of change is accelerating sharply.
Read Post
LimaCharlie

Building SecOps that improve with every frontier AI release

May 29, 2026 By Daniel Ballmer In LimaCharlie
CEO Maxime Lamothe-Brassard made an observation after the RSA conference that security vendors don't typically say out loud: "The frontier models are just better than anything people roll their own. There's no secret sauce these vendors are offering that is better than the latest frontier model release." That's a pointed claim that carries a significant implication buyers may not have fully considered.
Read Post
Snyk

How Relay Network Adopted AI Coding Securely and Built the Foundation for Agentic Development

May 29, 2026 By Snyk Team In Snyk
Champion / Spokesperson(s): Brendan Putek, Director of DevOps, and Esaie Batoula, Security Engineer. Relay Network is the innovator behind a secure B2C communications platform that combines SMS with dynamic feed technology to help regulated enterprises deliver personalized, action-oriented mobile experiences for every customer. In an industry where trust, compliance, and data protection are paramount, security has always been central to how the company builds software.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.