Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

protecto

Why AI Privacy is a Competitive Advantage (Not Just Compliance)

Dec 10, 2025 By Anwita In Protecto
In most startups building or using AI, privacy often gets treated like a checkbox that legal or security will “handle later.” That mindset quietly kills deals, scares off enterprise buyers, and limits your access to the very data your models need. Here is the truth that more founders and CTOs are embracing. Privacy makes your product easier to buy, models better to train, and business more valuable.
Read Post

CISO Workshop on API Threat Modeling: How to Use STRIDE to Predict, Prevent, and Protect

Dec 10, 2025 By Wallarm In Wallarm
Threat modeling is a critical function for effective cybersecurity and threat models must adapt to emerging threats. As API deployments grow across organizations, cybersecurity teams need to extend their threat modeling to include the API attack surface. In this webinar, we'll examine threat modeling best practices for APIs, focusing on the STRIDE methodology. Attendees will learn.
View Video

How Insurity Cut Manual Security Work by 81%

Dec 10, 2025 By Reach Security In Reach Security
95 hours back. Every. Single. Month. One of the many outcomes from our ZTA journey with Insurity. They didn’t just deploy Zero Trust — they operationalized it. Reach unified controls, automated remediation, and eliminated the manual effort slowing progress. Results:︎ 81% less manual work︎ 95 hours saved per employee per month︎ Months → days for rollout︎ Zero Trust that sticks.
View Video
aikido

OWASP Top 10 for Agentic Applications (2026): What Developers and Security Teams Need to Know

Dec 10, 2025 By Sooraj Shah In Aikido
Agentic AI is moving into production in CI/CD pipelines, internal copilots, customer support workflows, and infrastructure automation. These systems no longer just call a model. They plan, decide, delegate, and take actions on behalf of users and other systems. This creates new attack surfaces that do not map cleanly to traditional application security or even the OWASP Top 10 2025.
Read Post
salt security

React2Shell: The Frontend Vulnerability That Unlocks Your Internal APIs

Dec 10, 2025 By Eric Schwake In Salt Security
The cybersecurity world is currently buzzing about React2Shell (CVE-2025-55182), a critical remote code execution (RCE) vulnerability affecting React and Next.js. The scale of the threat is massive: researchers have already identified over 77,000 vulnerable IP addresses exposed to the internet, and confirmed that state-sponsored actors and opportunistic crypto miners have already breached at least 30 organizations. But if you look closely, this isn't really a story about React.
Read Post
Zenity

The OWASP Top 10 for Agentic Applications: A Milestone for the Future of AI Security

Dec 10, 2025 By Kayla Underkoffler In Zenity
The OWASP GenAI Security Project has officially released its Top 10 for Agentic Applications, the first industry-standard framework focused on the operational risks created by autonomous and semi-autonomous AI systems. AI has evolved in a way that directly changes how enterprises need to think about security. We started with machine learning systems designed to classify and predict.
Read Post

AI, Creators & Agentic Commerce - A Conversation with Cloudflare CSO Stephanie Cohen

Dec 10, 2025 By Cloudflare In Cloudflare
In this episode of This Week in NET, host João Tomé sits down with Stephanie Cohen, Cloudflare’s Chief Strategy Officer, for a candid conversation about AI, content creators, financial services, partnerships, and the future of the Internet. Stephanie shares how Cloudflare is helping keep the Internet open and resilient — from giving creators transparency and control over AI scraping, to enabling new models of agentic commerce through partnerships with Visa and Mastercard, to empowering organizations of all sizes through Cloudflare’s global network.
View Video
cato networks

Mitigating Credential Phishing in the Age of AI and Cloud Convergence

Dec 10, 2025 By Dr. Guy Waizel In Cato Networks
Phishing remains one of the most effective methods for stealing credentials and breaching enterprise environments. Despite advanced email and browser protections, attackers now leverage AI, and automation to outpace traditional defenses. The Verizon 2024 Data Breach Investigations Report found that 68% of breaches involve the human element, often triggered within seconds of a phishing lure, just 21 seconds to click and 28 seconds to submit credentials.
Read Post

Charlotte AI - 2025 MITRE ATT&CK Enterprise Evaluations

Dec 10, 2025 By CrowdStrike In CrowdStrike
The 2025 MITRE ATT&CK Enterprise Evaluations featured sophisticated cross-domain attacks from Scattered Spider, and CrowdStrike's Charlotte AI proved essential in delivering 100% detection and protection with zero false positives. Charlotte AI accelerated every stage of security operations with Agentic Detection Triage for instant verdicts, Agentic Response that investigates alerts like expert analysts, and command-line analysis in plain language.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.