Policy-as-Code for Exemption Tickets
See how to configure Harness so that OPA policies are evaluated in your infrastructure.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
HAProxy Enterprise WAF protects against Drupal core SA-CORE-2026-004 SQL Injection (CVE-2026-9082)
On May 20th, 2026, the Drupal Security Team published a new advisory disclosing a security vulnerability report in the database driver of the Drupal content management system. The issue affects installations configured to use PostgreSQL as their database, leading to a possible SQL Injection.
SIEM alerts: everything you need to know
Let's walk through setting up SIEM (Security Information and Event Management) alerts to monitor security threats in applications. We will explain what SIEM alerts are, why they're relevant with regard to application security, and provide practical examples of common alerts a developer could implement. We will show how to configure simple alerts with Honeybadger Insights.
When System Misuse Triggers Corporate Fraud Charges
IT administrators manage massive levels of infrastructure control daily. A simple configuration change or data export can look suspicious to external auditors. IT teams often find themselves caught in the middle of corporate investigations when data goes missing.
Introducing Atatus Sensitive Data Classifier
Your logs know too much. Every debug statement, every traced request, every APM span can carry the risk of capturing something they shouldn't. A customer email. A JWT token. A credit card number. An API key that was never meant to leave your payment service. It doesn't look like a breach. There's no alert. Your observability platform just quietly accumulates sensitive data like indexed, replicated, and accessible to every engineer with log query access.
Certificate Audit logs are live
Certificate automation does a lot of work on your behalf. Agents running on your servers, talking to certificate authorities, deploying certs to your infrastructure. At some point someone (your CISO, your auditor, or your own brain at 3am) is going to ask: what exactly happened, and when? Today we’re shipping audit logs. Every action taken in CertKit is now recorded: logins, invitations, certificates added, issued, renewed, revoked, and deployed. Agent registrations, approvals, and config changes.
Mini Shai-Hulud Explained: How the TanStack and RubyGems Supply Chain Attacks Worked | Harness Blog
Shai-Hulud is back - this time being lighter, faster and more automated than before. This new wave, termed as Mini Shai-Hulud, has affected a number of packages from tanstack, uipath, opensearch-project and mistralai among others over the past few weeks, with the latest series of major compromises coming on 19th May, 2026 on major organizations openclaw-cn and antv. Check an extensive list of affected packages here.
The 2026 Automotive Security Testing Companies List
Modern vehicles ship with more software than a small airliner. A single mid-range car can run 100 million lines of code across dozens of electronic control units, talking over CAN, Ethernet, Bluetooth, Wi-Fi, cellular and increasingly UWB. From a cybersecurity point of view every one of those interfaces is a potential attack vector and every OEM, Tier 1 and fleet operator on the planet now has to prove, on paper, that they have tested their vehicle from a hackers perspective.
AI Governance: Why Businesses Need Control Over AI Systems and Data
As artificial intelligence becomes embedded in everyday business operations, the conversation is shifting from adoption to control. Companies are no longer asking whether to use AI-they are asking how to use it safely. This is where ai governance becomes critical. Organizations looking to protect sensitive data and ensure responsible AI usage are turning to advanced ai security solutions like iDox.ai, which help monitor, manage, and secure how data interacts with AI systems.
Blancco Report: Cybersecurity Anxiety is Driving Organizations Toward Costly Data Protection Measures
IT leaders survey finds that despite rising hardware costs and sustainability goals, 1/3 of mobiles, laptops and drives destroyed to protect data still function.