Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The term "AI Agent" is failing us. #cybersecurity #ai #technews

Jan 20, 2026 By Teleport In Teleport
The term "AI Agent" is failing us. In Prediction, Ev warns that our vocabulary is lagging behind the technology. Calling everything an "AI Agent" is like calling everything "software." It’s too broad to be useful. A browser plugin has a completely different architecture than a microservice or a factory robot. They have different identities, different risks, and different security needs. You can't secure what you can't specifically identify.
View Video
certkit

Delegated DNS validation: proving domain ownership without exposing credentials

Jan 20, 2026 By Todd H. Gardner In CertKit
It seems like every service wants proof you control your domain. Certificate authorities need it to issue certificates. Email platforms need it to authorize sending. Analytics needs it to gather data. Just add this magic TXT record to your DNS, wait for propagation, click verify. It works fine when it’s a one-time setup, but certificate lifetimes are dropping to 47 days, and you won’t be able to keep up on that schedule.
Read Post
mend

Introducing Mend.io's AI Security Maturity Survey + Compliance Checklist available today

Jan 20, 2026 By Tiffany Jennings In Mend
Today, we’re excited to launch two practical tools to help teams quickly understand their AI maturity, quantify AI risk, and gather the evidence executives will ask for in 2026: an interactive AI Security Maturity Survey (with a personalized score and mapped recommendations) and a companion AI Security Compliance Checklist. Both are aligned to industry standards and built to be immediately useful in discovery, audits, and planning.
Read Post

What is Vibe Coding? #vibecoding #aisecurity #coding

Jan 20, 2026 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video

Testing MiniMax M2.1 for AI Coding: The Results Might Surprise You

Jan 19, 2026 By Snyk In Snyk
Can "lesser-known" AI models actually keep up with the giants like Google, OpenAI, and Anthropic? In today’s video, we put MiniMax M2.1 to the ultimate test: building a production-ready, secure Node.js note-taking application from a single prompt. We’ll explore how to access MiniMax natively in the Windsurf IDE, walk through the debugging process for common errors (like environment variables and OS-specific dependencies), and perform a deep-dive security audit using Snyk. Stick around until the end to learn how to integrate MiniMax M2.1 into VS Code using OpenRouter.
View Video
miniorange

What is Secrets Management: An Essential Guide to Securing Credentials in Modern DevOps

Jan 19, 2026 By Chaitali Avadhani In miniOrange
We are surrounded by generative AI tools, cloud-based solutions, and AI assistants that often perform functions for us. We tend to share data with them for smoother operations and to automate our work for enhanced productivity. The non-human tools are a playground for cybercriminals to access the data and damage critical infrastructures. So, it is paramount for us, especially organizations, to protect the shared information, along with the access rights of the non-human entities.
Read Post

Cybersecurity is no longer just an IT problem. It's an Engineering problem. #ainews #engineering

Jan 16, 2026 By Teleport In Teleport
Cybersecurity is no longer just an IT problem. It’s an Engineering problem. In his second prediction for the year, Ev argues that the traditional IT model is shifting, and the role of engineers is expanding. Traditionally, securing infrastructure belonged to the IT department. The rise of AI identities adds a layer of complexity that traditional IT tools just weren't built for. As Ev explains in this clip, if you want to protect your system from misbehaving AI, you need the people who built the system in the first place.
View Video

Save Time With GitGuardian's ML-Powered Similar Incident Grouping

Jan 16, 2026 By GitGuardian In GitGuardian
GitGuardian is excited to introduce Machine Learning Powered Similar Incident Grouping, which cuts through the noise by identifying incident-specific patterns across your inventory and clustering incidents that belong together, so you can handle repetitive cases efficiently and reduce incident response toil.
View Video
armo

What Is the Best Security for NGINX in Kubernetes? (Beyond Configuration)

Jan 15, 2026 By Jonathan Kaftzan In ARMO
The best security combines configuration controls (TLS, headers, network policies, pod security) with runtime behavioral monitoring that detects anomalies your configuration can’t see. Configuration creates the baseline—it defines what should happen. Runtime protection catches what gets through—it shows what is happening. You need both, but most teams only have the first.
Read Post
armo

Best Cloud Workload Protection Solutions: A Runtime-First Evaluation Guide

Jan 15, 2026 By Jonathan Kaftzan In ARMO
What is a cloud workload protection platform (CWPP)? Security for the workloads actually running in your cloud—VMs, containers, and serverless functions doing real work. Unlike posture management (CSPM) that checks configurations, CWPPs monitor processes, network connections, and application behavior to catch threats as they happen. What’s the difference between CSPM, CWPP, CNAPP, and CADR? CSPM scans cloud settings for misconfigurations. CWPP protects running workloads.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.