Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

astra

Continuous DAST in CI/CD Pipelines: A Practical Guide

Jul 30, 2025 By Sanskriti Jain In Astra
Every pipeline shift introduces a new blind spot. SAST catches coding flaws, and SCA catches dependency risks; however, as delivery moves to CI/CD, new risks have emerged, not in the code itself, but in how it is executed. From broken access controls and authentication drift to logic flaws behind feature flags, these threats show up in production. Continuous DAST in CI/CD pipelines isn’t just “another layer” but a runtime check that’s most likely to catch what gets exploited.
Read Post
mend

What is AI system prompt hardening?

Jul 30, 2025 By Mend.io Team In Mend
As generative AI tools like ChatGPT, Claude, and others become increasingly integrated into enterprise workflows, a new security imperative has emerged: system prompt hardening. A system prompt is a set of instructions given to an AI model that defines its role, behavior, tone, and constraints for a session. It sets the foundation for how the model responds to user input and remains active throughout the conversation.
Read Post

Real-Time Image Switching: Upgrade Without Downtime! Tech Tip #podcast #tech

Jul 30, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video

The 2-Minute Investigation: How Teleport Identity Security Sees What Your SIEM Can't

Jul 30, 2025 By Teleport In Teleport
Your SIEM collects millions of events. Your CNAPP monitors cloud configurations. But can either tell you how a developer's Okta group membership led to unexpected production access through three different systems? Can they instantly trace an API key's journey from GitHub to your crown jewel databases?
View Video

AI Voice Mimicry: How to Protect Yourself From Scams #appsec #cybersecurity

Jul 29, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video

What We Found with OpenAI's Codex CLI Tool

Jul 28, 2025 By Snyk In Snyk
In this video, I explore OpenAI’s Codex CLI tool to see how powerful it really is for coding with AI. But things quickly go off the rails… what started as a simple test ended with a surprise identity verification request. Apparently, to continue using the tool, I need to submit a government-issued ID and a photo of myself—something I didn’t expect at all. I talk through the process, show the error I ran into, and share my honest thoughts on this level of access and how invasive it feels for a developer tool.
View Video

Kubernetes Backup Made Simple: Meet CloudCasa for Cloud-Native Protection

Jul 28, 2025 By CloudCasa In CloudCasa
Kubernetes and cloud-native platforms are transforming how we build and run applications—but traditional backup tools just can’t keep up. They’re complex, slow, and expensive. Enter CloudCasa: The backup and recovery solution built specifically for Kubernetes and cloud-native environments. Key Benefits: Kubernetes backup doesn’t have to be complicated. CloudCasa makes it simple, secure, and cost-effective—whether you're protecting clusters, pods, or VMs. What’s your biggest challenge with Kubernetes backup and recovery? Drop your thoughts below—we’d love to hear from you!
View Video
gitprotect

The Power of Scheduled Automated Backups for DevOps and SaaS

Jul 28, 2025 By Wojciech Andryszek In GitProtect
In 2020, a DevOps team at a mid-sized fintech startup almost lost its entire source code. A failed container update caused a cascading failure in their self-hosted GitLab instance. The backup was… somewhere. No one checked it in weeks. The recovery process took three days. The cost was around $70,000 in downtime and customer compensation. The event wasn’t a matter of not having a backup strategy. It was a matter of assuming someone, somewhere, had run the proper function at the right time.
Read Post

Fixing 4,000 Vulnerabilities? Quick Ways to Eliminate Security Issues! #podcast #infosec

Jul 28, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.