Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Meet GitGuardian's AI Assistant: Natural Language Queries Across All Your Incidents

May 7, 2026 By GitGuardian In GitGuardian
See how the GitGuardian Assistant helps teams investigate, understand, and remediate secret incidents directly from the GitGuardian workspace. In this preview, Mathieu and Dwayne walk through how the assistant uses incident context, workspace details, and GitGuardian documentation to answer questions, suggest next steps, and help manage incidents through natural language. It can explain threat patterns, assess scope and impact, recommend remediation steps, assign incidents, update tags, and propose changes to incidents.
View Video
sophos

How AI-accelerated threat discovery is reshaping network security

May 7, 2026 By Barbara Hudson In Sophos
How AI-accelerated threat discovery is reshaping network security As vulnerabilities are discovered faster than ever, organizations must rethink how they reduce exposure and contain risk at the network edge. Claude Mythos Preview has reignited debate about AI-driven cyber attacks, but the real shift isn’t what AI finds, it’s how quickly issues at the network edge can turn into impact. This post explores what’s changed and how network security must adapt to keep up.
Read Post
cyberhaven

Agentic AI Security: Visibility and Control for AI Agents at Work

May 7, 2026 By Kasi Annamalai In Cyberhaven
Security teams have spent years tracking what employees do with data. The harder problem now is tracking what agents do on their behalf. AI agents, whether running in an IDE, installed locally on a laptop, or connected to internal data through a model context protocol (MCP) server, operate with the permissions of the user who deployed them. They read files, query databases, call external APIs, and generate outputs. And in most enterprise environments, security teams have no reliable way to see any of it.
Read Post
armo

Privacy and Data Residency for AI Agents: What GDPR Requires That Static Controls Can't Show

May 7, 2026 By Yossi Ben Naim In ARMO
The residency evidence GDPR and the EU AI Act now expect lives in the runtime trajectory of every AI agent execution, not in the deployment configuration. Your residency compliance dashboard — every workload in eu-west-3, sovereign cloud configured, SCCs signed — cannot produce it. Your AI agent’s last thousand inferences crossed an external border, on average, eight times each. The translation API routed through us-east-1 when the EU endpoint hit capacity.
Read Post

AI: The hero's journey with Ken Westin

May 7, 2026 By LimaCharlie In LimaCharlie
Join us for this week's Defender Fridays as Ken Westin, Senior Solutions Engineer at LimaCharlie, shares his AI journey and what the hero's journey framework reveals about how security professionals can move from hesitation to genuine mastery of AI tools. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
View Video
armo

Why Editing IAM Policies Won't Fix Your AI Agent Identity Problem

May 7, 2026 By Ben Hirschberg In ARMO
Editing IAM policies cannot fix the most common architectural mistake in shipping AI agents on Kubernetes. It happens in thirty seconds: a platform engineer reuses an existing ServiceAccount with an IRSA annotation for Bedrock access because creating a new one takes thirty minutes plus a Terraform pull request. The new agent ships under the existing identity.
Read Post
armo

AI Agents in the Cloud: A Risk Management Framework for Security Leaders

May 7, 2026 By Shauli Rozen In ARMO
Your risk committee meets Thursday. The agenda has a new item: AI agent risk posture. You open the register. The fraud detection agent shipped in March is on it. So is the customer service agent. Neither row is useful — “likelihood: medium, impact: high, control: service account scoped via IAM.” Three months ago that was approximately right. Last week the platform team added two MCP connections, the model was upgraded, and the agent now touches data classes the entry never anticipated.
Read Post
jumpsec

What's happening to DevOps Security?

May 7, 2026 By Sean Moran In JUMPSEC
As 2026 rolls on, our capacity to prompt ourselves silly appears to be limitless. We’ve already seen the financial, legal, and reputational damage to Deloitte as they partly refunded the Australian government for a 237-page audit report containing LLM-generated hallucinations like fabricated academic references, fake footnotes, and a false quote attributed to a judge.
Read Post
protecto

Stop Blaming AI for Bad System Design | Fix MCP Security

May 7, 2026 By Amar Kanagaraj In Protecto
Every few weeks, a new story surfaces: an AI agent deletes a production database, an autonomous coding tool racks up a five-figure cloud bill, or a chatbot exfiltrates internal documents through a prompt injection attack. The reaction is predictable. “AI is dangerous.” “LLMs can’t be trusted.” “We need better guardrails on the model.” But if you look at the root cause of these incidents, the model is rarely the problem. The system around it is.
Read Post
inetco

Are banks ready for AI-powered cyber threats?

May 7, 2026 By Joe Kitos In INETCO
A recent American Banker article, “Knock on wood: Are banks doing enough to cope with Mythos?” raises a timely and uncomfortable question about advanced AI models like Anthropic’s Claude Mythos. As highlighted in the article, INETCO CEO Bijan Sanii points out a critical truth: The conversation is being fueled by the emergence of AI technology capable of identifying software vulnerabilities at a speed and scale that was previously unimaginable.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.