Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

armo

Tool Call Analysis for AI Attack Detection: Reading What Rides Inside the Call

May 30, 2026 By Yossi Ben Naim In ARMO
A compromised agent doesn’t make a single call it isn’t allowed to make. It queries a table it’s authorized to read, calls a tool it’s authorized to use, sends to a domain that’s on the allowlist. Every call is legal. The attack is in the values it passes, and your tool-call log records all of it as a clean day’s work. A tool call has two layers. Almost every tool you run reads the first one: the call itself: which tool, in what order, at what rate.
Read Post
armo

The AI Agent Attack Kill Chain: Which Stages You Can Actually Detect

May 30, 2026 By Shauli Rozen In ARMO
The early stages of an AI agent attack are silent. The poisoning, the hijacked intent, the reconnaissance: none of it executes, so none of it produces a runtime signal, and the kill-chain instinct every security team runs on says exactly the wrong thing here: break the earliest link. There is no early link to break. You cannot detect a stage that emits nothing.
Read Post
armo

Types of AI Agent Attacks: A Security Team's Taxonomy

May 30, 2026 By Ben Hirschberg In ARMO
A security team running agents in production can already list the ways those agents get attacked: prompt injection, memory poisoning, tool abuse, model tampering, agent-to-agent coercion. The list is not the problem. The problem is that a security architect can recite all five and still not know which ones their detection stack will catch, because the way the field catalogs these attacks says nothing about whether the attack is catchable.
Read Post
Cybersecurity Mistakes Accounting Firms Keep Making (And How to Fix Them)

Cybersecurity Mistakes Accounting Firms Keep Making (And How to Fix Them)

May 30, 2026 By SecuritySenses In SecuritySenses
Tax season brings a predictable surge in phishing emails targeting accounting professionals. The messages look like client requests, IRS notifications, or software update alerts. They are crafted specifically for firms that handle sensitive financial data under deadline pressure, because attackers know that pressure creates mistakes.
Read Post
Compliance and Regulation Heat Up in 2026: A New Phase of Scrutiny for Financial Services Organisations

Compliance and Regulation Heat Up in 2026: A New Phase of Scrutiny for Financial Services Organisations

May 29, 2026 By Sean Tilley, Senior Director of Sales EMEA In 11:11 Systems
The regulatory landscape facing financial services in 2026 is more complex, more demanding, and faster moving than at any point in the past decade. Across the UK, regulators are attempting to strike a delicate balance of stimulating economic growth while maintaining strong consumer protection and financial stability. This balancing act is unfolding against a backdrop of sluggish economic performance, geopolitical uncertainty, and political pressure for "pro-growth" regulation. The result is a regulatory environment where the pace, scope, and intensity of change is accelerating sharply.
Read Post
cyberhaven

MCP Security: How to Secure MCP Integrations

May 29, 2026 By Cyberhaven In Cyberhaven
AI agents are connecting to enterprise systems right now. Whether a developer wired up Claude to an internal Confluence instance, a vendor shipped an agentic workflow that calls the CRM, or an employee enabled a browser-based AI assistant that reads email, Model Context Protocol (MCP) is rapidly becoming the integration layer between large language models (LLMs) and corporate data. Most security teams have no visibility into any of it.
Read Post
CrowdStrike

Shadow AI: The Hidden Risk Expanding Across the Enterprise

May 29, 2026 By CrowdStrike In CrowdStrike
Companies and employees are racing to capture the value and efficiencies offered by AI, but security is often an afterthought. Employees are using unauthorized GenAI tools to summarize documents, draft emails, and analyze potentially sensitive or proprietary data. Developers are adding AI capabilities before security teams can review them. SaaS platforms are adding AI features that may process sensitive business data by default.
Read Post
Snyk

How Relay Network Adopted AI Coding Securely and Built the Foundation for Agentic Development

May 29, 2026 By Snyk Team In Snyk
Champion / Spokesperson(s): Brendan Putek, Director of DevOps, and Esaie Batoula, Security Engineer. Relay Network is the innovator behind a secure B2C communications platform that combines SMS with dynamic feed technology to help regulated enterprises deliver personalized, action-oriented mobile experiences for every customer. In an industry where trust, compliance, and data protection are paramount, security has always been central to how the company builds software.
Read Post
LimaCharlie

Building SecOps that improve with every frontier AI release

May 29, 2026 By Daniel Ballmer In LimaCharlie
CEO Maxime Lamothe-Brassard made an observation after the RSA conference that security vendors don't typically say out loud: "The frontier models are just better than anything people roll their own. There's no secret sauce these vendors are offering that is better than the latest frontier model release." That's a pointed claim that carries a significant implication buyers may not have fully considered.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.