#threat-modeling

[ follow ]
#devsecops #software-security #architecture #security #zero-trust #ai-vulnerability-scanner #codex-security
Women in technology
fromInfoQ
1 week ago

Security and Architecture: To Betray One Is To Destroy Both

Architecture and security have evolved from separate entities to a deeply connected partnership focused on resilience and protection against threats.
Information security
fromSecurityWeek
3 weeks ago

OpenAI Rolls Out Codex Security Vulnerability Scanner

OpenAI launches Codex Security, an AI vulnerability scanner that identifies complex security issues and proposes patches, now available to ChatGPT Pro and Enterprise customers with free access for one month.
Information security
fromTechzine Global
3 weeks ago

OpenAI unveils Codex Security to detect vulnerabilities in AI code

OpenAI's Codex Security tool uses AI and agent-based analysis to detect code vulnerabilities with reduced false positives by understanding entire codebase context and prioritizing actual security risks.
fromInfoQ
2 months ago

What Testers Can Do to Ensure Software Security

A secure software development life cycle means baking security into plan, design, build, test, and maintenance, rather than sprinkling it on at the end, Sara Martinez said in her talk Ensuring Software Security at Online TestConf. Testers aren't bug finders but early defenders, building security and quality in from the first sprint. Culture first, automation second, continuous testing and monitoring all the way; that's how you make security a habit instead of a fire drill, she argued.
Software development
Artificial intelligence
fromInfoQ
3 months ago

Trustworthy Productivity: Securing AI Accelerated Development

Treat all inputs in an agent's context (prompts, RAG documents, tool outputs, memory) as untrusted; enforce provenance, scoping, and expiry to prevent poisoning attacks.
Information security
fromInfoWorld
5 months ago

OpenAI launches Aardvark to detect and patch hidden bugs in code

Aardvark integrates into development pipelines to provide continuous, automated vulnerability analysis, repository-wide threat modeling, and sandboxed exploit validation.
fromThe Hacker News
5 months ago

What AI Reveals About Web Applications- and Why It Matters

Before an attacker ever sends a payload, they've already done the work of understanding how your environment is built. They look at your login flows, your JavaScript files, your error messages, your API documentation, your GitHub repos. These are all clues that help them understand how your systems behave. AI is significantly accelerating reconnaissance and enabling attackers to map your environment with greater speed and precision.
Information security
Information security
fromDevOps.com
6 months ago

The DevSecOps Career Path: What No One Tells You About Getting Started - DevOps.com

DevOps teams must integrate security into every stage of rapid development, developing skills to balance delivery speed with robust threat-aware practices.
[ Load more ]