Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Secrets in the Machine: Preventing Sensitive Data Leaks Through LLM APIs

Jan 6, 2026 By GitGuardian In GitGuardian
In this webinar, we break down a simple but increasingly common problem: secrets leak wherever text flows, and modern LLM apps and agentic workflows are built to move text fast. We walk through concrete demos showing how API keys and passwords can surface through RAG-based assistants when secrets accidentally live in knowledge bases (tickets, docs, internal wikis). We also show why “just harden the system prompt” isn’t a reliable fix, and how output-only redaction can be bypassed (for example by simple formatting/encoding tricks). Most importantly, we explore real-world agent architectures.
View Video
gitprotect

DevOps Pillars - Top 15 DevOps Principles for 2026

Jan 6, 2026 By Jakub Grodecki In GitProtect
DevOps has become an important practice for companies looking to efficiently meet customers’ expectations, accelerate software delivery, and optimize resources. Companies that embrace the DevOps culture can smoothly merge their development and operations teams, resulting in faster releases and better development.
Read Post
mend

Automated Red Teaming: Capabilities, Pros/Cons, and Latest Trends

Jan 6, 2026 By Tiffany Jennings In Mend
Automated red teaming uses software to simulate cyberattacks and test security defenses, helping organizations find and fix vulnerabilities more efficiently. It automates tasks like credential harvesting, system enumeration, and privilege escalation to test security posture in a continuous, scalable manner. Beyond traditional systems, automated red teaming can also be used for AI systems, where it tests for risks like data poisoning or prompt injection in generative models.
Read Post
Enterprise level infrastructure built for performance

Enterprise level infrastructure built for performance

Jan 6, 2026 By SecuritySenses In SecuritySenses
When uptime, speed and security are critical to your business success, managed dedicated hosting becomes more than just a service. It becomes the engine behind your operations. Hypernode.com offers high performance hosting with full isolation and expert support, allowing businesses to focus on growth while their infrastructure is taken care of by professionals.
Read Post
certkit

DNS-PERSIST-01 validates a domain once to get certificates forever

Jan 5, 2026 By Todd H. Gardner In CertKit
With the ACME protocol, to issue a certificate you have to prove you control the domain. The CA gives you a challenge, you complete it, and they issue your cert. The trouble is that every validation method has tradeoffs. And as certificate lifetimes get shorter, those tradeoffs will get more painful. DNS-PERSIST-01 is a new approach coming in 2026 that trades proof-of-freshness for easier operations.
Read Post

Honeytokens with ggshield: plant tripwires that alert on secret use

Jan 5, 2026 By GitGuardian In GitGuardian
In this video, we introduce ggshield honeytoken and why it’s one of the most powerful tools in the GitGuardian toolbox. A honeytoken is a decoy secret that alerts you the moment someone tries to use it or validate it. Think of it like a digital tripwire. In GitGuardian, honeytokens can be created through the dashboard or API, and they look like real AWS keys because they are valid credentials. The difference is they grant zero access and are isolated to an AWS account GitGuardian maintains specifically for this purpose.
View Video
armo

Best threat detection & response solutions for cloud-native applications in 2026

Jan 4, 2026 By Jonathan Kaftzan In ARMO
What is the best Threat Detection & Response for cloud-native applications? Traditional EDR isn’t enough for Kubernetes enviorments. Security teams need CADR (Cloud Application Detection and Response), which unifies application, container, Kubernetes, and cloud detection into a single platform that builds complete attack stories instead of siloed alerts. Why doesn’t traditional EDR work for Cloud-Native Applications?
Read Post
Best Odoo Hosting Providers in 2026

Best Odoo Hosting Providers in 2026

Jan 3, 2026 By SecuritySenses In SecuritySenses
Choosing the right hosting for your Odoo ERP system directly impacts your daily operations. Slow loading times frustrate users, unexpected downtime disrupts business, and poor hosting choices lead to escalating costs as you grow. This guide examines three distinct Odoo hosting approaches to help you find the right fit for your business needs and technical capabilities.
Read Post

Has My Secret Leaked (HMSL) with ggshield: check public GitHub exposure safely

Jan 2, 2026 By GitGuardian In GitGuardian
Since 2018, GitGuardian has been scanning for secrets added to GitHub public repositories. When a secret is found, GitGuardian hashes it and stores only a fingerprint of the secret. That fingerprint is what you can search against to verify whether any of your secrets have leaked in public repositories, gists, or issues on GitHub. This service is called Has My Secret Leaked, and in ggshield you’ll see it as the HMSL commands. There’s also a web interface, but in this section we stay in the terminal and use ggshield end to end.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.