Systems | Development | Analytics | API | Testing

speedscale

Beware of PII in Testing Data: The Security Iceberg and Where PII Actually Hides

Jun 19, 2026 By Speedscale Team In Speedscale
If you run a platform tools or security team, you have likely heard this request from developers: “I just need a copy of the production database for staging so I can run realistic load and integration tests.” It is a completely reasonable request. Production traffic and data contain the actual request shapes, real-world value distributions, long-tail anomalies, and timing patterns that make tests useful.
Read Post
nodesource

Blocking Install Scripts Is Not a Silver Bullet

Jun 19, 2026 By Ulises Gascon In NodeSource
npm v12 finally turns off automatic install scripts. That closes one door and leaves another wide open. I have spent years on the security side of the Node.js ecosystem, more recently as the primary contact for the OpenJS Foundation CNA, and now as the Node.js AI Security Engineer in Residence, a role supported by Alpha-Omega. Almost all of that work comes down to one question: can you trust the code you install? So I will say this plainly.
Read Post
speedscale

We won't train on your data is not a security architecture

Jun 10, 2026 By Ken Ahrens In Speedscale
Every enterprise contract I’ve signed in the last two years has the same clause. “Vendor will not use Customer Data to train machine learning models.” Sometimes it’s a paragraph. Sometimes it’s a whole section. The language varies but the intent is identical: don’t feed our production data into your AI. I get it. I sign the same clause as a vendor. But here’s what’s been bothering me: that clause is a promise, not an architecture.
Read Post

Set the Foundation for Trusted AI and Data with Snowflake AI Security

Jun 5, 2026 By Snowflake Inc. In Snowflake
Safely deploy autonomous workflows and agents across your organization in minutes instead of months with Snowflake AI Security. Discover how to new features like use Agent Identity, Data Movement Policies, and the Snowflake Trust Center to effortlessly block data exfiltration, enforce runtime masking, and neutralize threats before they execute.
View Video
nodesource

Security at Scale: How NodeSource Remediated 21 Vulnerabilities Across Enterprise Node.js Environments

Jun 4, 2026 By NodeSource In NodeSource
Security vulnerabilities in production environments rarely arrive one at a time. Recently, one of our enterprise Node.js support customers identified a collection of security advisories affecting their Node.js infrastructure. The affected environments were running Node.js v20 and v22 and included vulnerabilities not only within runtime-adjacent tooling but also in components distributed alongside Node.js deployments.
Read Post

Zscaler Revolutionizes Cybersecurity Data with Snowflake

May 26, 2026 By Snowflake Inc. In Snowflake
Zscaler's Tiffany Blakeney shares how her team replaced fragmented tools and months-long development cycles with Snowflake's all-in-one AI platform. By consolidating all data, APIs, and AI models in one secure platform, Zscaler reduced campaign creation from months to minutes—and more importantly, gained the trustworthy, governed AI foundation a cybersecurity company demands. Learn how they're using Snowflake's integrated AI capabilities to move from POC to production faster than ever while maintaining the security posture critical to their industry.
View Video

CopyFail, Local Privilege Escalation, and what Bitrise customers should know

May 22, 2026 By Bitrise In Bitrise
With all the online chatter about Copy Fail, DirtyFrag, and Fragnesia, we prepared this simple explainer about what these local privilege escalation vulnerabilities are and how they affect Bitrise customers. Bitrise provides a full-stack, vertically integrated mobile DevOps solution that unites the tools, processes and testing frameworks engineering teams need to build best-in-class mobile experiences. Over 400,000 developers use Bitrise’s products: Bitrise CI, Build Cache, Release Management, and Insights.
View Video
bugraptors

GitHub Investigates Internal Repository Breach Following TeamPCP Supply Chain Incident

May 21, 2026 By Tushar Kashyap In BugRaptors
The tech world woke up to a major shock when a notorious hacking group, TeamPCP, claimed it had broken into GitHu b’s internal systems. The group is currently selling access to roughly 4,000 of GitHu b's private code repositories on cybercrime forums, demanding a massive $50,000 ransom. If GitHub, the platform holding the code for 100 million developers worldwide, can get hacked through a single employee's workstation, what does that mean for your business?
Read Post
ClearML

Enterprise AI Security with ClearML: A Complete Series Summary

May 20, 2026 By Adam Wolf & Damian Erangey In ClearML
Over a seven-part series of posts and videos, ClearML’s Enterprise AI Security series covered every layer of securing an AI platform in production, from who gets in to what gets recorded. This post brings it all together in one place: what each layer does, why it matters, and how the layers connect.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.