Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Dependency management tools: Key features and 6 tools to know in 2026

Dependency management tools are software solutions designed to automate and streamline the process of handling external libraries, modules, or packages that a project relies on. These tools help developers specify, install, update, and track dependencies, ensuring that all required components are present and compatible.

Certificate deployments just got an easy mode

The old deployment flow expected a lot from you. You had to know what format your certificate needed to be in. You had to know where it should be stored on the target system. Then you had to review and customize a deployment script in a code editor before anything ran. It turns out most of you don’t want to do that. And fair enough, staring at a script editor when you just want a certificate on your Exchange server is a little intimidating.

When AI Agents Call AWS, Who Does AWS Think They Are?

In Part 1, Your AI Agent Needs to Know Who You Are, we showed how Teleport JWTs give MCP tools a verified identity for every request. This post extends that pattern to AWS, specifically to Amazon Bedrock AgentCore, where the same identity gap exists but requires a different solution stack. You ask an AI agent to list your S3 buckets. The agent calls an MCP tool. The tool reaches out to AWS. However, CloudTrail records the action under something like agentcore-bot, but not your identity.

Why Project Glasswing Changes the Rules of AppSec

The old application security playbook is broken. With Anthropic’s Claude Mythos and the release of Project Glasswing, AI agents can now autonomously chain low-severity bugs into working zero-day exploits, collapsing the time between vulnerability discovery and active exploitation. In this video, Mend.io's Saoirse Hinksmon (Head of Product Marketing) and Daniel Wyrzykowski (Product Manager) break down the structural shifts in the threat landscape and what security teams must do to keep pace.

The ECB just gave banks four months to fix AI vulnerability gaps. Most of the work starts in the software supply chain.

On July 7, 2026, the European Central Bank sent a letter to the CEO of every bank it directly supervises with an unambiguous instruction: build a formal action plan against AI-enabled cyberattacks, and submit it to your supervisory team by October 31.

Server Hardening Checklist: 8 Weekly Checks to Reduce Configuration Drift

Summer is a good time to catch up on hardening work that gets postponed the rest of the year. Change freezes ease up, project calendars thin out, and the servers that quietly drifted out of spec during Q1 and Q2 finally get some attention. Over the next eight weeks, we’re publishing one practical hardening review each week. None of these require a project plan or a change advisory board meeting.

Kubernetes for Agentic AI: Best Practices for Identity and Access

In Part 1 of this series, we addressed 18 Kubernetes best practices spanning across container hardening, observability, availability, and fault tolerance. Those practices secure the containers that agents run in. But the CNCF AI Technical Community Group's cloud-native agentic standards go further, establishing that securing containers is only the beginning.

Best AI Governance Platforms for Enterprises: Top 6 in 2026

AI governance platforms provide enterprises with centralized oversight to manage AI risks, ensure regulatory compliance, and automate policy enforcement across the AI lifecycle. Leading solutions include security-oriented tools like Mend.io, HiddenLayer, and Prompt Security, as well as end-to-end governance platforms like IBM watsonx.governance and Microsoft Purview.