anchoreAnchore SBOM Score = CVSS + EPSS + KEV status 📊
Because not all vulnerabilities are created equal ⚠️
https://anchore.com/platform/sbom/
#SoftwareSupplyChain #SBOM #CyberSecurity #Compliance #DevSecOps
Fact: Security teams are drastically outnumbered by developers.
When the next zero-day hits, will your team be ready? Join Josh Bressers & a great lineup at Open Source SecurityCon on March 23 to talk tactical prep rather than panic. https://sched.co/2DY3p
Sharp Cheddar GoblinWhelp, here we go. New AI-driven initiative in my area of expertise at work. I'm gonna get so fired. Or ragequit. Seems like equal odds of either happening this year. I'm so fucked.
arcofaiBuilding LLM-powered apps? You need guardrails. 🛡️
At #ArcOfAI, Eyal Wirsansky walks through a practical architecture for screening inputs, handling risk, and protecting AI systems before they break.
🔗 https://www.arcofai.com/speaker/3fe39c72c61548b794d38a763fc6d057
🎟 Get tickets: https://arcofai.com
#AI #Security #AISecurity #AIEngineering #GenAI #LLM #MachineLearning #CyberSecurity #AppSec #AgenticAI #SoftwareEngineering #DevSecOps #DataSecurity #TechConference
amazee.ioOpen source dependencies change fast, and new vulnerabilities can pop up at any time. ⚡
Join our April 8 webinar to see how Dependency-Track helps keep your software supply chain secure.
• Spot real threats with EPSS
• Cut false alarms with VEX
• Automate SBOM uploads from CI/CD
👉 Sign up:
https://www.amazee.io/blog/post/live-uncover-hidden-vulnerabilities-with-dependency-track
Nick Stocksmistaike.ai is live — a security layer for AI agents.
One MCP endpoint between your agents and the tools they call.
→ Bidirectional DLP: secrets, PII, prompt injection. 50+ credential types.
→ Memory Vault: portable context across Claude, Gemini, Cursor.
→ 8.6M coding patterns from 6,219 OSS projects.
→ Auth, circuit breaking, health checks built in.
Free tier. Self-serve.
mistaike.ai
#MCPSecurity #AIAgents #DLP #DevSecOps #InfoSec #BuildInPublic #DevTools
Nick Stocksmistaike.ai is live — a security layer for AI agents.
One MCP endpoint between your agents and the tools they call.
→ Bidirectional DLP: secrets, PII, prompt injection. 50+ credential types.
→ Memory Vault: portable context across Claude, Gemini, Cursor.
→ 8.6M coding patterns from 6,219 OSS projects.
→ Auth, circuit breaking, health checks built in.
Free tier. Self-serve.
mistaike.ai
#MCPSecurity #AIAgents #DLP #DevSecOps #InfoSec #BuildInPublic #DevTools
HabrАтаки на цепочку поставки ПО: виды угроз и как с ними бороться
Атаки на цепочку поставки – одна из самых устойчивых угроз для разработки программного обеспечения. По итогам OWASP Top Ten, в 2025 году проблемы с цепочкой поставки заняли третью позицию в рейтинге наиболее критических рисков безопасности веб-приложений . В случае с атаками в open source злоумышленники эксплуатируют доверие к публичным репозиториям, человеческий фактор и сложность зависимостей, внедряя вредоносный код в тысячи проектов одновременно. Последствия варьируются от единичной кражи секретов до компрометации целых экосистем с глобальными экономическими потерями. Только за 2025 год они оцениваются в $60 млрд и прогнозируются на уровне $138 млрд в ближайшие годы.
https://habr.com/ru/companies/codescoring/articles/1011358/
#open_source #supply_chain_attack #devsecops #typosquatting #malware
ActiveStateYour developers need speed while your security team needs control. 🛡️
The new ActiveState Curated Catalog gives you both. Ground your AI generators in secure components from the world's largest secure open source library and stop security risks before they ever enter production.
Eliminate the manual work and build with confidence at scale. 🚀
sayzardCursor (@cursor_ai)
커스텀 보안 에이전트 구축에 관한 추가 정보를 제공한다는 안내입니다. 맞춤형 보안 에이전트 설계·구현 가이드나 문서로 연결되는 링크/자료 안내로 해석됩니다.
