Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

armo

Commercial vs Open Source AI Attack Detection Tools: A Buyer's Guide

May 29, 2026 By Shauli Rozen In ARMO
If you’re weighing open source against commercial tools for detecting attacks on your AI agents, you’re probably trying to answer a single question. Can we build this ourselves, or should we buy it? It’s a fair question, and the existing content on it isn’t much help. Most comparisons line up tools side by side and tally features. That tells you which tool is better at one slice of the problem. It doesn’t tell you whether you have a working detection program.
Read Post
teleport

What SPIFFE Answers for Workload Identity and What It Doesn't

May 29, 2026 By Rob Cobbins In Teleport
On workload identity, a spec the industry has already started building around, and what the next layer looks like. I don't have a better answer than SPIFFE (Secure Production Identity Framework for Everyone) for workload identity, and that's where I want to start, because what follows is going to sound like I do.
Read Post
DevOps Vulnerabilities Hit 236, With 59% Rated High or Critical Severity

DevOps Vulnerabilities Hit 236, With 59% Rated High or Critical Severity

May 28, 2026 By GitProtect In GitProtect
Major DevOps platforms patched 236 vulnerabilities in 2025, with nearly 60% classified as high or critical severity. According to the latest "DevOps Threats Unwrapped Report," critical flaws surged by 76% ifrom Q1 to Q4, signaling growing pressure on software supply chain security.
Read Post
teleport

Remote Access That Works Behind NAT, CGNAT, and Uncontrolled Firewalls

May 28, 2026 By Steven Martin In Teleport
A device in your fleet encounters an issue. You try to SSH in only to discover that the IP changed overnight, the customer's firewall blocks inbound connections, and the VPN they set up six months ago stopped working when the device switched from Wi-Fi to cellular. The next several hours disappear into a Slack thread with the customer's IT team trying to get a port opened. Every engineer who has shipped hardware into a customer's environment has a version of this story.
Read Post

New in ggshield 1.51: Codex Hooks, MCP Discovery, and SLSA Provenance

May 28, 2026 By GitGuardian In GitGuardian
ggshield 1.51 is here with better support for AI-powered development and browser-less environments. This release adds Codex hook support, MCP server detection across Claude and Cursor, and `ggshield auth login --method oob` for SSH sessions and headless servers. It also strengthens trust in the ggshield supply chain with GitHub Artifact Attestations for release binaries, improves plugin management through your authenticated GitGuardian instance, adds a `vscode` alias for Copilot hook installation, and shows workspace ID in `ggshield api-status`.
View Video
certkit

You probably don't need private PKI for internal infrastructure

May 26, 2026 By Todd H. Gardner In CertKit
Running your own certificate authority sounds like the responsible choice for internal infrastructure. Distribute your root cert to every machine and issue certs internally. In practice, you spend the next six months chasing down every device, contractor laptop, and vendor console that didn’t get root installed. The warnings come back. And when they do, people click through them, because they always have. There’s a simpler path, and most teams don’t know it exists.
Read Post

Developers Are Installing AI Agent Skills Too Fast

May 25, 2026 By Snyk In Snyk
235,000 installs per week. That’s how quickly developers are downloading AI agent skills — packages that give AI coding agents new capabilities like shell access, file system operations, cloud access, and deployment permissions. But unlike traditional npm packages, agent skills introduce a completely new security problem: natural language instructions that AI agents can interpret and execute autonomously.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.