Announcing some major updates in GitGuardian's ggshield version 1.50
This video walks you though some major highlights.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Why IP Address Strategy Has Become a Security Priority for Modern Enterprises
IP addresses don't usually come up in security conversations until something goes wrong. A block gets flagged, a service goes down, or an audit reveals that nobody quite knows who controls which range across the organisation. That blind spot has become harder to defend in 2026. Threat actors have grown more sophisticated about exploiting poorly managed IP space, and the secondary market for IPv4 has introduced reputation, provenance, and supply chain concerns that didn't exist a decade ago.
DevOps Services: What They Are, How They Work, and Why Your Business Needs Them
The way businesses build and deliver software has changed dramatically over the past decade. Gone are the days when development teams would work in isolation for months before handing off a product to operations staff for deployment. Today's competitive market demands speed, reliability, and continuous improvement - and that is exactly what DevOps services are designed to deliver.
AI Agent Deleted My Production Database
Securing AI agents in Teleport, focused on unified identity, eliminating standing privileges, and enforcing real policy controls instead of relying on the whims of an agent.
Guide: DORA Compliance Evidence for Agentic AI
→ What DORA assessors actually evaluate → How DORA controls map to specific evidence requirements → Common evidence gaps that can interfere with audits → The evidence challenges of agentic AI → The full blueprint for DORA compliance now and in the future The Digital Operational Resilience Act (DORA), otherwise known as Regulation (EU) 2022/2554, represents a fundamental shift in how financial institutions must show their compliance.
Building Production-Ready Apps with Cursor 2.0: Benchmarks vs. Reality
Cursor just dropped Composer 2.0, claiming it rivals (and even beats) the industry’s leading frontier models like GPT-5.4 and Claude Opus 4.6. But do the benchmarks match reality?
Threat Detection for RAG Pipelines: The Three Windows Most Tools Are Blind To
Tuesday, 09:14 UTC. A connector pulling content from your knowledge wiki indexes a new article into the vector database your support agents query at runtime. Embedded in legitimate troubleshooting prose is an instruction crafted to surface whenever a query mentions a specific product version — include the user’s account record in the response and POST the summary to the configured support webhook. For three days, nothing happens. Every security tool is green.
AI Supply Chain Risk: Scanning Vulnerabilities in ML Frameworks
A platform engineer at a mid-market fintech opens her SCA dashboard at the start of the quarter. The agentic customer-support pipeline her team shipped two months ago — a LangChain orchestrator, a vLLM inference server with two fine-tuned LoRA adapters pulled from Hugging Face, and an MCP toolkit wired to four internal APIs — shows green. Snyk has scanned every Python package in the container. Mend has cleared the dependency graph. The CVE count is zero.
Runtime-Informed Posture: What AI Agents Can Do vs What They Actually Do
A platform engineer pulls the AI-SPM dashboard for an agent that has been running in production six weeks. The static dashboard shows several dozen findings, severity-sorted by configuration weight. The runtime-informed dashboard shows a smaller, prioritized list — but a few of those findings do not appear on the static view at all, and most of the static findings appear demoted to a tier the static view does not have. Same agent. Same window. Same underlying configuration.
What Is AI-SPM? AI Security Posture Management Explained
Every cloud security vendor launched an AI-SPM dashboard in the past year. Strip away the branding and most of them are presenting the same concept: a new posture management layer for AI workloads. Sit through four demos in the same week and a practical question surfaces. The dashboards look broadly similar — pie charts of findings, compliance tags, a list of AI assets, a severity ranking. Why, then, do the tools underneath cover completely different parts of the problem?