Why AI and cloud-native are security game-changers
Yesterday's security practices can't tackle today's risks, a new CSA guide notes — making updating tooling essential.
John P. Mello Jr.
Freelance technology writer. John's work has appeared in the The Boston Globe and Boston Herald, as well as CFO, CIO, CSO, and Inc. magazines. He is a former managing editor of the Boston Business Journal and Boston Phoenix, as well as a staff writer for Government Security News.
Posts from John P. Mello Jr.
Why AI and cloud-native are security game-changers
OWASP Top 10 tackles supply chain risk
The Open Worldwide Application Security Project’s widely used AppSec priority list is expanding to cover systemic risk.
CTEM advances vulnerability management
Gartner's Continuous Threat Exposure Management model represents an evolution from CVSS. Here’s what you need to know.
New AI security tool lays out key exposures
Risk Rubric gives assessments for LLM transparency, security and more. But it's only one tool in your AI security toolbox.
AI is ramping up coding velocity — and risk
AI is producing code up to four times faster — but with 10 times more AppSec lapses. Here’s what you need to know.
MCP credential weakness raises red flags
More than half of Model Context Protocol servers were found to rely on static, long-lived credentials. With AI agents on the rise, that’s a problem.
5 vibe coding security lessons
Vibe-coded apps that make it to production can be a minefield for security teams. Here are key takeaways for your AppSec team.
ASM and the attack surface: 10 key risk factors
Attack surface management (ASM) isn’t just another buzzword. It represents a fundamental shift in security strategy with risk on the rise.
The Postmark MCP server attack: 5 key takeaways
A malicious Model Context Protocol package was found in the wild last week. Here are lessons from the compromise of the AI interface tool.