SnowFROC 2026: Secure Defaults, Real Trust, and a Better Layer on Top
This year's Devner OWASP event showed why modern AppSec depends on secure defaults, stronger provenance, and security controls that appear where developers make decisions.
ATLSECCON 2026: Context, Identity, and Restraint in Modern Security
From AI agents to identity abuse, ATLSECCON 2026 focused on how security teams can reduce exposure, improve visibility, and make trust enforceable while moving ever faster.
The Future Of GitHub Actions Security And What You Can Do Right Now
GitHub is hardening Actions with deterministic dependencies, scoped secrets, and policy controls. Teams still need immediate detection and remediation for today’s risk.
BSides MKE 2026: Security Maturity in Changing Conditions
Security maturity was the thread running through BSides MKE 2026, from clearer business language to role clarity, AI governance, and non-human identity risk.
When We Use AI To Ship Fast, Secrets Spread Fast
The data from this year's State of Secrets Sprawl report shows that AI is not creating a new secrets problem; it is accelerating every condition that already made secrets dangerous.
NHI Governance Is the Outcome. GitGuardian Is How You Get There
Learn how GitGuardian supports NHI governance with a secrets-first model that improves visibility, reduces sprawl, and helps teams manage machine identity risk.
Between AI Urgency and AI Fatigue at RSAC 2026
AI was everywhere at RSAC 2026, but the real focus was operational security: managing agents, protecting secrets, and controlling trusted integrations at scale.
BSides SF 2026: Looking At Security Beyond The Next Big Bet
BSides SF 2026 explored how identity risk, production drift, and developer tooling are changing modern security strategy for defenders and platform teams.
Honeytokens on the Developer Workstation: When Cleanup Takes Time
Plaintext secrets on developer machines create real supply chain risk. Honeytokens provide early detection while stronger identity-based controls are rolled out.
Chainguard Assemble 2026 and the Security Factory Mindset
From golden images to agent governance, Chainguard Assemble 2026 focused on how teams can reduce risk by embedding trust, compliance, and security into delivery systems.
ConFoo 2026: Guardrails for Agentic AI, Prompts, and Supply Chains
Read the takeaways from ConFoo 2026, including putting guardrails where requests happen, auditing tool calls, treat dependency updates like production access.
Protecting Developers Means Protecting Their Secrets
Secrets don’t just leak from Git. They accumulate in filesystems, env vars, and agent memory. See how to find them, stop the bleed, and protect your whole supply chain
