In today’s AI rush, I’ve seen even the most disciplined organizations find it almost impossible to apply the hard-won lessons of DevOps and DevSecOps onto AI adoption. These organizations often feel forced to choose between moving fast and staying in control. As a result, they develop a “wait and see” approach to AI usage and implementation, and it’s creating a new, more dangerous form of technical debt. I call it the AI Blind Spot Debt.
Compliance with data sovereignty regulations in New Zealand can be complex to navigate, especially for organisations operating hybrid or cloud deployments. Managed service providers (MSPs) and small and medium enterprises (SMEs) in New Zealand that want to take advantage of the benefits of the cloud must make sure they’re in compliance with regulations.
One of the most insidious security risks isn't a sophisticated attack, it's the endpoint that stops reporting. A sensor that appears enrolled but hasn't sent telemetry in hours or days represents a critical blind spot. Whether due to network issues, system shutdown, agent crash, or intentional tampering, these silent sensors deserve immediate attention.
Kubernetes applications often rely on Persistent Volume Claims (PVCs) to store critical data, from databases to user uploads. Losing this data due to cluster failures or accidents can be catastrophic for DevOps teams. In this post, we’ll walk through how to safeguard your Kubernetes PVCs using CloudCasa, a backup-as-a-service platform.
This video will demonstrate how Arctic Wolf Threat Intelligence enables customers to defend to against new and emerging threats through engaging content, actionable intelligence, IoC quicklinks and automated feeds.
Watch Claude Code generate production-ready Cobalt Strike detection rules in LimaCharlie. The agent defines detection requirements, creates rule logic for high-signal patterns, validates syntax, and deploys rules to the tenant. Named-pipe indicators and process-based signatures are tested against positive and negative controls to confirm accuracy. Security teams can operationalize threat-specific detections in minutes instead of hours.
In software, speed is great, but safety is critical. How do you get both? That's the "Sec" in. It’s why has gained popularity: moving from the end of the line to the very beginning. Instead of a final check, it becomes a "shared responsibility" for Dev, Sec, and Ops teams at every stage of software development and delivery.
How do AI models go from a cool idea to a reliable app feature? One answer:. It's the "#DevOps for" that helps teams build, deploy, and monitor models without breaking things.
This week on the podcast, we cover a Politico report detailing a security lapse at CISA in the United States involving sensitive data and a public version of ChatGPT. Next, we dive into a couple of recently resolved vulnerabilities in the SolarWinds Web Help Desk application. Finally, we end with some closure on a story about two Coalfire penetration testers who were arrested several years ago for completing a penetration test in Iowa.