Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Unified IT Imperative: Simplifying Complexity and Future-Proofing Your Organization

Aug 14, 2025 By JumpCloud In JumpCloud
In this episode of the Make Work Happen podcast, we explore the strategic imperative of unified IT and how it helps leaders shape the future of their organizations. We draw on key findings from JumpCloud’s latest IT trends report to understand why IT fragmentation is a critical challenge for leaders worldwide. Joining us is JumpCloud customer Ricky Jordan, who provides a real-world case study on how a unified platform can simplify complex IT environments, address security risks, and drive strategic conversations.
View Video
cloudflare

MadeYouReset: An HTTP/2 vulnerability thwarted by Rapid Reset mitigations

Aug 14, 2025 By Alex Forster In Cloudflare
On August 13, security researchers at Tel Aviv University disclosed a new HTTP/2 denial-of-service (DoS) vulnerability that they are calling MadeYouReset (CVE-2025-8671). This vulnerability exists in a limited number of unpatched HTTP/2 server implementations that do not sufficiently enforce restrictions on the number of times a client may send malformed frames. If you’re using Cloudflare for HTTP DDoS mitigation, you’re already protected from MadeYouReset.
Read Post
wallarm

IBM 2025 Cost of a Data Breach Report: Lessons for API and AI Security

Aug 14, 2025 By Wallarm In Wallarm
IBM’s 2025 Cost of a Data Breach Report offers one of the clearest and most comprehensive views yet of how AI adoption is shaping the security landscape. While breach numbers are relatively low – only 13% of organizations reported breaches involving AI models or applications – the report reveals a troubling pattern: APIs and integrations are often the real entry point, and they’re frequently under-secured. At Wallarm, we’ve been banging this drum for a while.
Read Post
salt security

Beyond the Prompt: Securing the "Brain" of Your AI Agents

Aug 14, 2025 By Eric Schwake In Salt Security
Imagine an autonomous AI agent tasked with a simple job: generating a weekly sales report. It does this reliably every Monday. But one week, it doesn't just create the report. It also queries the customer database, exports every single record, and sends the file to an unknown external server. Your firewalls saw nothing wrong. Your API gateway logged a series of seemingly valid calls. So, what happened? The agent wasn't hacked. Its mind was changed.
Read Post
Tines

MCP security is non-negotiable for AI-driven organizations

Aug 14, 2025 By Thomas Kinsella In Tines
Model Context Protocol (MCP) is gaining traction because it enables LLMs to interact with live systems and enhance context by retrieving and managing relevant real-time information. LLMs can’t query Salesforce, trigger an Okta password reset, or fetch context from your SIEM, for example. MCP bridges that gap by connecting AI models to real-world APIs, powering AI applications like retrieval-augmented generation and multi-step agent workflows. They’re fast to deploy.
Read Post

Secure Cloud Access - CyberArk MCP Server

Aug 14, 2025 By CyberArk In CyberArk
Take control of cloud access for AI-driven workflows without slowing down your team. CyberArk SCA MCP Server is the latest innovation in identity security, purpose-built for the age of agentic AI. Now available in the AWS Marketplace, CyberArk SCA MCP Server empowers developers and AI agents to securely request elevated access directly from their IDE while enforcing Zero Standing Privileges across multi-cloud environments.
View Video

How to Hack a Cloud: Insider Threat

Aug 14, 2025 By CyberArk In CyberArk
In this episode of How to Hack a Cloud: Insider Threat, discover how standing administrative access in AWS can be exploited by a disgruntled employee. Follow Michael Scott’s story as he misuses his S3 admin privileges to silently delete critical data, leaving the company blindsided. Learn how CyberArk Secure Cloud Access enforces Zero Standing Privileges, ensuring time-bound, need-based access to prevent such malicious activity—all while maintaining seamless workflows for legitimate tasks. See how this solution strengthens identity security across multi-cloud environments.
View Video

How to Hack a Cloud Access Mismanagement

Aug 14, 2025 By CyberArk In CyberArk
Protect Your Cloud: Prevent Access Mismanagement with CyberArk Secure Cloud Access Discover how to safeguard your cloud environment from access mismanagement in this eye-opening episode of How to Hack a Cloud: Access Mismanagement. The video demonstrates how attackers exploit standing AWS IAM access keys, turning a common oversight into a major security breach.
View Video

The Two AI Licenses You Need to Know

Aug 14, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video
Torq

Hyper-AUTO-Mation: Why Carvana's CISO Bet on Agentic AI for 5x SOC Efficiency

Aug 14, 2025 By Patrick "PO" Orzechowski In Torq
CISOs everywhere are feeling the AI fatigue. Every vendor at Black Hat 2025 was hyping ‘AI agents for SecOps,’ so there’s rightfully a lot of skepticism about deploying AI in production, especially in enterprise environments. But the old way of running a SOC just isn’t working anymore. After all the time and money spent on traditional playbooks, we’re still wrestling with the same challenges: alert fatigue, burnout, tool sprawl, and inability to scale.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.