%term

The Security Illusion: Why Your AI Security Tool Won't Save You (And Neither Will Your Traditional API Security)

May 27, 2026 By AppSentinels In AppSentinels

The enterprise security world is having two separate conversations that desperately need to collide. On one side, application security (AppSec) teams are scrambling to secure APIs – the connective tissue of every modern application. On the other, a new wave of “AI security” vendors promise to protect your LLMs from prompt injection, data leakage, and hallucinations. Both groups are solving real problems. Both are missing half the picture.

Read Post

AppSentinels

Read more about The Security Illusion: Why Your AI Security Tool Won't Save You (And Neither Will Your Traditional API Security)

Salt Cloud Connect for Github

May 22, 2026 By Salt Security In Salt Security

Your developers are shipping agents, MCP servers, and APIs faster than security can see them. GitHub Connect changes that. Salt scans your repositories and surfaces every agent, MCP server, and API hiding in your codebase, then maps them into the Agentic Security Graph. You see the agentic infrastructure forming in code, before it ever reaches production. No more waiting for runtime to find out what shipped. No more blind spots between dev and prod. Govern what's being built from day one.

View Video

Salt Security

Read more about Salt Cloud Connect for Github

Postman Workspace Exposure: When Your API Test Suite Becomes a Security Risk

May 22, 2026 By AppSentinels In AppSentinels

Let’s start with a scenario. This is illustrative, not a single reported incident. A developer shares a Postman collection in Slack to move faster. “Here’s the Postman collection for the payment API. It has live auth headers so you can test prod endpoints.” The team uses it, work gets done, and the link stays. What no one realizes is that the collection lives inside a public Postman workspace. Weeks later, it is indexed by search engines. The URL requires no login.

Read Post

AppSentinels

Read more about Postman Workspace Exposure: When Your API Test Suite Becomes a Security Risk

Improve API authentication detection with Datadog

May 22, 2026 By Matthieu Roux In Datadog

Many organizations have hundreds or thousands of API endpoints across their services, each of which handles authentication differently. For example, one service might rely on standard headers like Authorization: Bearer, while another uses an API key, and a third uses a custom JSON Web Token header with mechanisms or naming conventions specific to the team that built it.

Read Post

Datadog

Read more about Improve API authentication detection with Datadog

New Security Gap: Your WAF Has No Idea What Your AI Is Doing

May 21, 2026 By Wallarm In Wallarm

In this webcast, we get into why signature-based protection breaks down in AI-first environments, what behavioral detection and positive security models actually look like in production, and what it takes to evaluate whether your runtime tools are genuinely adapting to your environment or just adding noise to your stack.

View Video

Wallarm

Read more about New Security Gap: Your WAF Has No Idea What Your AI Is Doing

Next.js Vulnerability Exposes Credentials and Protected Data - Why Runtime API Security Matters

May 20, 2026 By AppSentinels In AppSentinels

A newly disclosed security issue, tracked as CVE-2026-44578, affecting Next.js applications is raising concerns across the developer and security communities after researchers identified multiple authorization bypass and middleware evasion paths that could expose protected application data and credentials. The vulnerabilities impact several versions of Next.js and allow attackers to bypass middleware-based authorization controls using crafted requests and route manipulation techniques.

Read Post

AppSentinels

Read more about Next.js Vulnerability Exposes Credentials and Protected Data - Why Runtime API Security Matters

The Agentic Security Graph: Get Visibility into your AI Security Risks

May 19, 2026 By Salt Security In Salt Security

As enterprises shift from conversational to agentic AI, the real risk moves from model outputs to the action layer; the MCP servers and APIs through which agents execute real-world tasks. The Agentic Security Graph frames this risk across three interconnected layers (LLM, MCP servers, APIs), showing how compromises at any layer can propagate and why existing LLM-focused controls leave the most consequential surface unmonitored.

View Video

Salt Security

Read more about The Agentic Security Graph: Get Visibility into your AI Security Risks

What Your Board Gets Wrong About AI Security

May 17, 2026 By Wallarm In Wallarm

Editor's note: This article was originally published by Craig Riddell on LinkedIn. It has been republished here with the author's permission. Boards are giving AI security more airtime than ever. What they're not giving is the right framing. A year or two ago, AI was mostly a question of experimentation risk. Today, it's tied directly to revenue, customer experience, operational efficiency, and competitive advantage. The urgency is real, and it's translating into aggressive deployment timelines.

Read Post

Wallarm

Read more about What Your Board Gets Wrong About AI Security

Salt Agentic Security Platform

May 15, 2026 By Salt Security In Salt Security

Most enterprise AI security investment is focused on the model layer—guardrails, output filtering, LLM governance. That's necessary. It's not sufficient. AI agents take actions: they call APIs, invoke MCP servers, access databases, and trigger downstream workflows. The Salt Security Agentic Security Platform was built to secure that action layer (the infrastructure your agents actually operate across).

View Video

Salt Security

Read more about Salt Agentic Security Platform

Salt Cloud Connect for AWS

May 15, 2026 By Salt Security In Salt Security

Zero wait. Agentless. With Salt Cloud Connect for AWS, organizations can instantly discover APIs, MCP servers, and agentic activity across AWS environments (without deploying sensors or routing traffic). Because in the agentic era, you can’t secure what you can’t see.

View Video