News
Kong Acquires OpenMeter for API Metering and Billing
Mike Vizard | | AI agent API calls, AI-driven services, API cost management, API management in AI era, API metering and billing, API monetization, API security risks, Kong API strategy, Kong Konnect API management, LLM API costs, misconfigured APIs, OpenMeter open source, SaaS API billing, usage-based pricing APIsKong acquires OpenMeter to add usage-based API metering and billing to Kong Konnect—critical for managing AI, LLM, and cloud service costs securely ...
Malicious Nx Packages Used in Two Waves of Supply Chain Attack
The Nx build system was hit by a supply chain attack dubbed “s1ngularity,” leaking thousands of secrets and exploiting AI tools for data theft ...
Survey Surfaces Raft of AI Coding Issues Involving Embedded Systems
Mike Vizard | | AI coding assistants, AI security risks, AI-generated code vulnerabilities, Black Duck Software survey, C++ embedded programming, Censuswide research, cybersecurity for embedded systems, developer vs management perspectives., devsecops, embedded systems security, open source AI models, open source license compliance, Python in embedded systems, Software Bill of Materials (SBOM), software composition analysis (SCA)A new survey of 785 development and security professionals reveals that 89% of organizations are using AI coding assistants for embedded systems, but concerns over security, licensing risks, and governance remain. Python ...
System Initiative Adds AI Agents to Infrastructure Automation Platform
Mike Vizard | | Adam Jacob, AI agents, AI in DevOps, AI-powered DevOps, autonomous AI, cloud automation, compliance guardrails, devops automation, DevOps workflows, digital twin, infrastructure as code, infrastructure automation, infrastructure misconfigurations, infrastructure optimization, infrastructure resilience, IT infrastructure management, IT operations, knowledge graph, policy checks, System InitiativeSystem Initiative introduces autonomous AI agents to its infrastructure automation platform, using digital twins to help DevOps teams safely optimize and manage IT environments ...
Qwiet AI Extends Microsoft Support in Platform for Fixing Vulnerabilities
Mike Vizard | | AI agents, AI coding tools, application security, AutoFix, Azure Boards, Azure DevOps, devsecops, github, SARIF, SAST, software security, Swift, vulnerability remediationQwiet AI extends its AI-driven application security platform with deeper Microsoft DevOps integrations, enhanced automation, and expanded AutoFix capabilities to proactively remediate code vulnerabilities ...
Harness Delivers on AI Promise for DevOps
Mike Vizard | | AI agents, cloud cost optimization, devops automation, DevOps Innovation, Harness AI, knowledge graph, pipelines, sdlc, software delivery, testing automationHarness launches an AI-powered DevOps platform that uses knowledge graph–driven agents to automate pipelines, testing and operations across the software delivery lifecycle ...
Copado Extends AI Reach to Surface Relationships Between Salesforce Code
Mike Vizard | | AI in application development, citizen development, Copado AI, devops best practices, Org Intelligence, Salesforce change impact analysis, salesforce devops, Salesforce metadata, Salesforce object relationshipsCopado’s module maps Salesforce object relationships, cutting discovery time and boosting reuse, impact analysis, and DevOps best practices ...
Sentry Adds Tool for Monitoring MCP Servers to APM Platform
Sentry today added an ability to monitor Model Context Protocol (MCP) servers to its application performance monitoring (APM) platform ...
Survey Traces Large Amount of Breaches Back to Vulnerable Code
A survey of 1,519 application security stakeholders finds nearly all (98%) work for organizations that have experienced a security breach attributable to vulnerable code, with 81% acknowledging their organization has shipped code ...
Eclipse Foundation Publishes Toolkit to Simplify CRA Compliance
The Eclipse Foundation has launched the OCCTET project, offering open-source compliance tools to help smaller organizations meet the EU’s new Cyber Resilience Act requirements ...
Sonar Surfaces Multiple Caveats When Relying on LLMs to Write Code
New SonarSource research shows LLMs like GPT-4o, Claude Sonnet 4, and Llama-3.2 produce highly functional yet risky code — with frequent high-severity vulnerabilities, hard-coded credentials, and messy “code smells” that raise long-term ...
How Gemini CLI GitHub Actions is Changing Developer Workflows
Google's new Gemini CLI GitHub Actions transforms repository management with AI-powered automation for issue triage, code reviews and collaboration ...
