Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Common pitfalls when evaluating AI agents for the SOC

Jun 17, 2025 By LimaCharlie In LimaCharlie
When evaluating AI agents for your SOC, it's not just about capabilities—it’s about control, oversight, and integration. In this clip, Philippe Tchakovski breaks down the most common mistakes security teams make when adopting AI: from fragile API integrations to missing guardrails and a lack of audit trails. Don’t deploy blindly—understand the risks before automation goes live.
View Video

Security isn't a department.

Jun 17, 2025 By Cloudflare In Cloudflare
Security isn’t a department. It’s a shared responsibility. To move from reactive to preventive, every product team needs embedded cyber expertise. Ange Ferrari, SVP and CISO at Metro AG, explains how decentralizing security enables scale and forces organizations to treat security as everyone's job, not just IT's. If you want to "shift left" for real, this episode is your playbook.
View Video
1Password

All SSO security is not created equally

Jun 17, 2025 By Rachel Sudbeck In 1Password
This blog has been adapted from a section of 1Password’s ebook: Why SSO is not enough for identity security. To read the complete ebook, click here. Single sign-on (SSO) solutions integrate with a company’s identity provider (IdP) to allow users to authenticate to multiple applications via a single log-in. By reducing the number of access points and employee credentials, SSO reduces a company’s attack surface.
Read Post

What is a Web Browser Based Attack?

Jun 17, 2025 By Indusface In Indusface
Did you know 95% of undetectable malware spreads through your browser? From Cross-Site Scripting (XSS) and CSRF to Clickjacking and drive-by downloads—web browser-based attacks are more common and more dangerous than ever. In this video, we break down how these attacks work, what causes them, and what you can do to stay protected—both as a user and a website owner.
View Video
apono

API Gateway Security: The Essential InfoSec Guide

Jun 17, 2025 By The Apono Team In Apono
As the software world shifted toward microservices and distributed architectures, the volume and complexity of API traffic have skyrocketed. Unfortunately, so has the number of API-related breaches and cyber attacks. Last year, nearly 44% of all advanced bot traffic online targeted API endpoints, while traditional web applications received just 10% of the malicious traffic. It’s no surprise that 57% of organizations admit to having suffered API-related breaches in the past two years.
Read Post

Your Code Might Be Using Risky AI Models

Jun 17, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video
jit

New Unifying API and Product Security with Jit + Traceable: Accelerated Triage, Smarter Remediation

Jun 17, 2025 By Charlie Klein In Jit
As the Director of Product Marketing for Jit, Charlie is responsible for telling Jit's story to the developer and security communities. We’re excited to announce that Traceable is now integrated with Jit. Today’s security teams are overwhelmed — drowning in vulnerability alerts and disconnected tooling. Traceable delivers deep, contextual API and application security insights, automatically identifying vulnerabilities with rich runtime context and risk-based prioritization.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.