#application-security
#application-security

Artificial intelligence

Cycode Brings Generative AI to App Security Posture Management - DevOps.com

Cycode adds generative AI to ASPM platform for root cause analysis

New features include plugins for IDEs and connectors to security tools [ more ]

DevOps.com

OX Security Optimizes DevSecOps to Improve Application Security - DevOps.com

OX Security's ASPM platform helps DevSecOps teams identify potentially exploitable code in production environments.

The platform reduces the number of alerts generated by 99%, allowing teams to focus on actual risks and prioritize their resources. [ more ]

DevOps.com

Software development

Mobb Extends DevSecOps Reach of Tool to Generate Patches - DevOps.com

Mobb now provides instant patches for vulnerabilities during a DevSecOps workflow.

The Mobb platform combines AI and security research to automatically create patches for vulnerabilities. [ more ]

New Relic

Identify vulnerabilities across application environments

Securing application environments is essential for operational security, compliance, and customer trust, requiring identification and mitigation of vulnerabilities through detailed understanding and effective strategies. [ more ]

DevOps.com

Privacy professionals

Survey: Cyberattacks Aimed at Software Supply Chains are Pervasive - DevOps.com

91% of organizations have experienced a software supply chain incident in the past year

Zero-day exploits and misconfigured cloud services are the most common attack vectors [ more ]

DevOps.com

Software development

Legit Security Applies AI to Detect Vulnerable Application Secrets - DevOps.com

Legit Security has expanded its ASPM platform to use AI for more accurate discovery of secrets in applications that cybercriminals can exploit.

The platform applies a large language model, prompt engineering techniques, and heuristics to reduce alert noise and correctly identify access keys, passwords, API keys, and PII that shouldn't be exposed. [ more ]

morecybersecurity

generative-ai

DevOps.com

Artificial intelligence

Cycode Acquires Bearer to Extend ASPM Platform - DevOps.com

Cycode acquires Bearer, enhancing DevSecOps capabilities with generative AI tools for application security.

Bearer's tools for security testing integrate with Cycode's ASPM platform for better risk assessment. [ more ]

InfoWorld

Web development

Mobb unveils vulnerability fixer for GitHub users

Mobb Fixer provides developers with code fixes for security alerts in GitHub pull requests.

Mobb's remediation technology combines security research and traditional semantic analysis with generative AI to enhance code coverage. [ more ]

moregenerative-ai

Medium

Privacy professionals

Frontend Application Security: Tips and Tricks

Data breaches are becoming more common, with the average cost reaching $4.45 million.

Frontend application security is crucial for businesses to protect against modern-day attackers. [ more ]

DevOps.com

1 week ago

Snyk Adds Second ASPM Tool to Portfolio - DevOps.com

Snyk AppRisk Pro leverages AI and ML for deeper insights into application construction, prioritizing remediation efforts, and detecting secrets in code. [ more ]

DevOps.com

Veracode Report Shines Spotlight on Massive Application Security Debt - DevOps.com

42% of applications have unfixed flaws for over a year

46% of organizations have critical security debt [ more ]

DevOps.com

Security Across the SDLC - DevOps.com

Application and infrastructure security are becoming increasingly blurred.

DevOps now views security as a crucial part of the development process. [ more ]

Theregister

4 months ago

One in four apps remain exposed to Log4Shell

Approximately one in four applications are still dependent on outdated Log4j libraries, leaving them vulnerable to exploitation.

Only a small minority of developers updated their Log4j libraries after the vulnerability was disclosed, with the majority never updating third-party libraries in general. [ more ]

TechRepublic

5 months ago

Google Workspace Marketplace: 4 Tips for Choosing the Best Apps

The Independent Security Verification badge indicates that an application in the Google Workspace Marketplace has undergone a third-party security review.

Applications with the badge should be prioritized when evaluating options in the Marketplace. [ more ]

SecurityWeek

5 months ago

Application Security Startup Aikido Security Raises 5 Million

Aikido Security has raised â¬5 million in seed funding.

The Belgium-based startup aims to provide SaaS businesses with an all-in-one platform for application security.

The new investment will help Aikido enhance its platform and expand its international presence. [ more ]

Amazic

1 month ago

DevOps

Recap KubeCon + CloudNativeCon Europe 2024 with OX Security - Amazic

Cloud-native architectures and Kubernetes complexity

Application security best practices and compliance strategies [ more ]

Marcin Wanago Blog - JavaScript, both frontend and backend