Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Introducing The GitGuardian IDE Extension for VS Code, Cursor, Antigravity, And Windsurf

Nov 20, 2025 By GitGuardian In GitGuardian
Ship fewer secrets with your code. In this video we walk you through installing and using the GitGuardian IDE extension in Visual Studio Code, Cursor, Antigravity, Windsurf, and any VS Code compatible editor. You will see how the extension uses ggshield, the GitGuardian command line tool, to scan for 500+ types of secrets and catch plaintext credentials as soon as you save a file, long before they can be committed.
View Video
certkit

Searching Certificate Transparency Logs (Part 2)

Nov 20, 2025 By Eric Brandes In CertKit
In the last post we discussed why we’re building our own Certificate Transparency (CT) search tool. There’s good background on the CT ecosystem in that post, so check it out if you haven’t. This post assumes a certain understanding of terminology covered previously. Now that we know where the CT logs live, and the different kinds of logs, we need to start reading them.
Read Post

How to Build AI Agents That Don't Break: Design, Risk & Defense Explained #aiagents #AISecurity

Nov 19, 2025 By Mend In Mend
Agentic AI is evolving fast — but building agents that are *both* effective and secure is still a major gap for most teams. In this webinar, Mend.io’s Bar-El Tayouri and AI21 Labs’ Yehoshua “Shuki” Cohen share a practical, deeply technical walkthrough of what it really takes to design and defend AI agents. You’ll learn: This is a tactical, no-fluff guide for anyone building AI agents in production engineers, security leaders, and innovators shaping the next wave of AI systems.
View Video
mend

Best SAST tools: Top 10 solutions in 2025

Nov 19, 2025 By Tiffany Jennings In Mend
SAST (Static Application Security Testing) tools analyze an application’s source code to identify potential security vulnerabilities without executing the code. They are crucial for finding security flaws early in the development lifecycle, helping developers address issues before they become more costly and difficult to fix. Unlike dynamic analysis techniques, SAST operates without executing the program, focusing entirely on the static codebase.
Read Post
Building Secure Customer Journeys with Modern Data Infrastructure

Building Secure Customer Journeys with Modern Data Infrastructure

Nov 19, 2025 By SecuritySenses In SecuritySenses
Organizations today want experiences that feel personal without exposing customers to unnecessary risk. I believe that goal requires a clear strategy that treats data as a business asset rather than a technical afterthought. Secure customer journeys depend on a modern data infrastructure that captures behavioral signals, processes them responsibly, and protects them through every stage of analysis and activation. The companies that achieve this balance earn durable trust and raise their competitive ceiling. A small detail often makes the biggest difference, and as the idiom says, a chain is only as strong as its weakest link.
Read Post
mend

AppSec metrics fail, Mend.io's Risk Reduction Dashboard fixes it

Nov 18, 2025 By Tiffany Jennings In Mend
Today, we’re introducing our Risk Reduction Dashboard. This is a new way for security leaders to quantify their AppSec program’s impact, prioritize high-value fixes, and prove ROI with data-backed insights that go beyond raw vulnerability counts.
Read Post
Proven Server Monitoring Strategies for High-Growth Infrastructure

Proven Server Monitoring Strategies for High-Growth Infrastructure

Nov 18, 2025 By SecuritySenses In SecuritySenses
Businesses spend billions each year on troubleshooting and incident response-resources that could support more advanced solutions. This is why monitoring strategies matter for modern infrastructure teams. Many organizations juggle up to 30 monitoring tools, yet those with a strong approach see impressive returns, with 41% gaining over $1 million in yearly value.
Read Post
certkit

Searching Certificate Transparency Logs (Part 1)

Nov 17, 2025 By Eric Brandes In CertKit
Every TLS certificate issued by a root Certificate Authority (CA) ends up in one more more publicly accessible logs. These logs, collectively, make up the Certificate Transparency (CT) ecosystem. Unfortunately the logs are not very searchable. You can’t easily type in a domain and find all associated certificates. At CertKit we’re building CT monitoring capabilities to notify our customers when a new certificate is issued.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.