Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The software security landscape is evolving faster than ever, and AI is accelerating this change. As generative and embedded AI become core to how software is developed, tested, and deployed, security must adapt to protect an entirely new layer of risk. At Mend.io, we’ve spent the past year reimagining what Application Security Testing (AST) looks like in this new reality.

As Kubernetes adoption accelerates, more organizations are running virtual machines (VMs) inside Kubernetes using platforms like OpenShift Virtualization, SUSE Virtualization, KubeVirt, Mirantis k0rdent Virtualization, and Spectro Cloud VMO. This hybrid approach consolidates container and VM workloads on a single infrastructure, improving flexibility—but it also introduces new challenges for backup and recovery.

For twenty years, Certificate Authorities ran the perfect protection racket. The CAs had a beautiful monopoly. Browsers needed them to keep users safe. Websites needed them to look legitimate. Everyone paid up, nobody asked too many questions. Then the cryptography of most certificates (SHA-1) got shattered, and the browsers realized they’d been played.

DevOpsDays Philadelphia 2025 showed how AI governance, secrets security, runtime traces, and ablative resilience work together to reduce operational risk.

Large language model (LLM) security refers to the strategies and practices that protect the confidentiality, integrity, and availability of AI systems that use large language models. These models, such as OpenAI’s GPT series, are trained on vast datasets and can generate, translate, summarize, and analyze text. However, like any complex software component, LLMs present unique attack surfaces because they can be influenced by the data they process and the prompts they receive from users.