#application-security

[ follow ]
#devsecops
Information security
fromHackernoon
1 year ago

From Repos to Risks: How Hardcoded Secrets in GitHub Source Code Create Security Risks | HackerNoon

Hardcoded secrets in source code expose organizations to significant security risks, necessitating greater awareness and secure practices in development environments.
fromDevOps.com
1 week ago
Artificial intelligence

Endor Labs Adds AI Agents to Automate Application Security Reviews - DevOps.com

Endor Labs introduces AI agents for advanced security defect identification and remediation in application architecture.
fromITPro
6 months ago
Information security

Optimizing AppSec in the financial services sector

Banking organizations must innovate rapidly while maintaining application security to meet customer demands.
fromDevOps.com
7 months ago
Information security

Survey Surfaces Steady Gains in DevSecOps Adoption - DevOps.com

Less than half of organizations employ best DevSecOps practices despite recognition of its importance in improving application security.
A clear trend is emerging in investing in security tools and practices among DevOps teams, signaling an increasing focus on security.
fromDevOps.com
3 days ago
Artificial intelligence

ArmorCode Makes Anya AI Agent Generally Available - DevOps.com

ArmorCode's new AI agent Anya enhances application security for DevSecOps teams by prioritizing risks and reducing false positives.
fromTechRepublic
1 month ago
beer

Agentic AI's Role in the Future of AppSec | TechRepublic

Agentic AI automates tedious tasks in application security, enabling faster remediation and more secure software.
Information security
fromHackernoon
1 year ago

From Repos to Risks: How Hardcoded Secrets in GitHub Source Code Create Security Risks | HackerNoon

Hardcoded secrets in source code expose organizations to significant security risks, necessitating greater awareness and secure practices in development environments.
fromDevOps.com
1 week ago
Artificial intelligence

Endor Labs Adds AI Agents to Automate Application Security Reviews - DevOps.com

Endor Labs introduces AI agents for advanced security defect identification and remediation in application architecture.
fromITPro
6 months ago
Information security

Optimizing AppSec in the financial services sector

Banking organizations must innovate rapidly while maintaining application security to meet customer demands.
fromDevOps.com
7 months ago
Information security

Survey Surfaces Steady Gains in DevSecOps Adoption - DevOps.com

Less than half of organizations employ best DevSecOps practices despite recognition of its importance in improving application security.
A clear trend is emerging in investing in security tools and practices among DevOps teams, signaling an increasing focus on security.
fromDevOps.com
3 days ago
Artificial intelligence

ArmorCode Makes Anya AI Agent Generally Available - DevOps.com

ArmorCode's new AI agent Anya enhances application security for DevSecOps teams by prioritizing risks and reducing false positives.
fromTechRepublic
1 month ago
beer

Agentic AI's Role in the Future of AppSec | TechRepublic

Agentic AI automates tedious tasks in application security, enabling faster remediation and more secure software.
more#devsecops
#security-tools
DevOps
fromDevOps.com
2 months ago

DevSec Relationship Status: It's Complicated (But Fixable) - DevOps.com

DevOps faces security integration challenges due to cultural divides and mismatched tools, requiring a paradigm shift for better collaboration.
Information security
fromThe Hacker News
4 days ago

New Research Reveals: 95% of AppSec Fixes Don't Reduce Risk

Most application security alerts are unnecessary, causing more harm than good for organizations.
Application security has become inefficient, with teams overwhelmed by irrelevant alerts.
Improving application security requires a shift from mere detection to meaningful context.
DevOps
fromDevOps.com
2 months ago

DevSec Relationship Status: It's Complicated (But Fixable) - DevOps.com

DevOps faces security integration challenges due to cultural divides and mismatched tools, requiring a paradigm shift for better collaboration.
Information security
fromThe Hacker News
4 days ago

New Research Reveals: 95% of AppSec Fixes Don't Reduce Risk

Most application security alerts are unnecessary, causing more harm than good for organizations.
Application security has become inefficient, with teams overwhelmed by irrelevant alerts.
Improving application security requires a shift from mere detection to meaningful context.
more#security-tools
NYC startup
fromTechzine Global
6 days ago

Upwind makes its M&A debut with Nyx acquisition

Upwind's acquisition of Nyx enhances real-time threat detection and integrates deeper application monitoring into its platform.
Artificial intelligence
fromIT Pro
1 week ago

Want to supercharge your vibe coding skills? Here are the best AI models developers can use to generate secure code

Vibe coding poses risks as AI-generated code often lacks adequate security measures, leading to vulnerabilities.
#cybersecurity
JavaScript
fromCSO Online
6 months ago

Open source package entry points could be used for command jacking

Threat actors exploit entry points in open source packages to execute malicious commands and compromise applications.
Developers are cautioned to carefully evaluate open source packages to mitigate risks of supply chain attacks.
fromHackernoon
1 year ago
Information security

Hackers Tapping into Company Systems to Test Security Features | HackerNoon

Implementing SAST best practices is vital for securing code and identifying vulnerabilities in an evolving digital landscape.
fromTechzine Global
3 months ago
Information security

Veracode strengthens software security with acquisition of Phylum technology

Veracode enhances application security by acquiring Phylum's technology for real-time analysis of malicious packages, addressing rising supply chain attack costs.
fromDevOps.com
3 months ago
Information security

Evolving Shift Left Security: A More Powerful Approach to Software Development Security - DevOps.com

Enterprises need to adopt a comprehensive security approach that goes beyond just shift left to ensure security throughout the development life cycle.
JavaScript
fromCSO Online
6 months ago

Open source package entry points could be used for command jacking

Threat actors exploit entry points in open source packages to execute malicious commands and compromise applications.
Developers are cautioned to carefully evaluate open source packages to mitigate risks of supply chain attacks.
fromHackernoon
1 year ago
Information security

Hackers Tapping into Company Systems to Test Security Features | HackerNoon

Implementing SAST best practices is vital for securing code and identifying vulnerabilities in an evolving digital landscape.
fromTechzine Global
3 months ago
Information security

Veracode strengthens software security with acquisition of Phylum technology

Veracode enhances application security by acquiring Phylum's technology for real-time analysis of malicious packages, addressing rising supply chain attack costs.
fromDevOps.com
3 months ago
Information security

Evolving Shift Left Security: A More Powerful Approach to Software Development Security - DevOps.com

Enterprises need to adopt a comprehensive security approach that goes beyond just shift left to ensure security throughout the development life cycle.
more#cybersecurity
#automation
Software development
fromHackernoon
7 months ago

Your Code Is a Hacker's Playground-Here's How to Lock It Down | HackerNoon

Application Security (AppSec) integrates security practices into software development to identify and mitigate vulnerabilities effectively.
fromDevOps.com
9 months ago
Information security

Report: High Risks to Software Supply Chains are Commonplace - DevOps.com

95% of organizations have critical risks in their software supply chain.
Software development
fromHackernoon
7 months ago

Your Code Is a Hacker's Playground-Here's How to Lock It Down | HackerNoon

Application Security (AppSec) integrates security practices into software development to identify and mitigate vulnerabilities effectively.
more#automation
Information security
fromDevOps.com
3 months ago

The State of Application Risk: Key Findings Reveal Widespread Security Vulnerabilities - DevOps.com

Enterprise software development environments are critically vulnerable, as all organizations face high security risks.
Traditional application security approaches are ineffective against modern threats, leaving organizations exposed.
Ruby on Rails
fromRubyflow
5 months ago

Ultimate Rails Security Guide: Best Practices for Ruby on Rails Applications in 2025

Building secure Ruby on Rails applications is essential, especially with the rise of Rails 8 allowing development for both web and mobile.
fromTechzine Global
5 months ago
Information security

Why are simple applications more vulnerable than complex ones?

Simpler applications tend to harbor critical security vulnerabilities, especially in under-secured sectors like finance.
Larger, more complex applications get patched faster and have fewer serious vulnerabilities.
JavaScript
fromSemaphore
8 months ago

Securing a Spring Boot Application with Cerbos - Semaphore

Cerbos centralizes authorization policies, simplifying access control management and enhancing application security.
Artificial intelligence
fromApp Developer Magazine
8 months ago

Generative AI in Application Security report from Checkmarx | App Developer Magazine

Checkmarx's report highlights the tension between leveraging generative AI benefits and establishing governance to mitigate emerging risks in enterprise application development.
Information security
fromInfoQ
9 months ago

Cloudflare Application Security Report Highlights Surge in DDoS Attacks and CVE Exploits

Increase in malicious traffic due to geopolitical events and voting seasons highlighted in Cloudflare's 2024 Application Security Report.
fromThe Hacker News
9 months ago
Information security

6 Types of Applications Security Testing You Must Know About

A proactive and holistic application security strategy is crucial to secure applications across different phases of development and deployment.
[ Load more ]