app security

app security news search results

Developer news items we found relating to app security

35 results
Veracode-acquires-Longbow-Security

Veracode acquires Longbow Security


Thursday, April 18, 2024 by

Veracode announced the acquisition of Longbow Security, a security risk management platform for cloud-native environments. The acquisition marks the next exciting phase of Veracode, underscoring the company’s commitment to help organizations effectively manage and reduce application risk across the growing attack surface. The integration of Longbow in...


App-developers-urged-by-ICO-to-protect-user-data

App developers urged by ICO to protect user data


Thursday, February 15, 2024 by

The Information Commissioner’s Office (ICO) is reminding all app developers to ensure they protect users’ privacy, following the regulator’s review of period and fertility apps. Last year, the ICO looked closely at period and fertility apps to understand how they process personal data and identify whether there is any negative impact on users as a r...


Secure-software-development-insights-from-The-Linux-Foundation

Secure software development insights from The Linux Foundation


Monday, February 5, 2024 by

The Linux Foundation published a new report, Maintainer Perspectives on Open Source Software Security, based on a survey of OSS maintainers and core contributors, to understand perspectives on OSS security and the uptake and adoption of security best practices by maintainers, core contributors, end users, and other members of the OSS ecosystem. Maintainer Perspective...


ASPM-2024-report-from-Cycode

ASPM 2024 report from Cycode


Friday, December 15, 2023 by

Cycode announced the release of its inaugural State of ASPM 2024 report. The research found that AppSec chaos reigns, with 78% of CISOs responding that today’s AppSec attack surfaces are unmanageable and 90% of responders confirmed relationships between their security and development teams need to improve. Surprisingly, 77% of CISOs believe software supply ch...


API-security-risks-report-exposes-Netflix-and-Wordpress

API security risks report exposes Netflix and Wordpress


Monday, November 27, 2023 by

Wallarm, the end-to-end API and app security company, announced the release of its Q3-2023 Wallarm API ThreatStats report. The quarterly report details the surge in threats centered around APIs and uncovers critical vulnerabilities, like injections and API data leaks, that have recently impacted leading firms, including Netflix, VMware, and SAP. The new report i...


Runtime-code-review-from-AppMap-enhances-productivity

Runtime code review from AppMap enhances productivity


Tuesday, November 14, 2023 by

AppMap has announced its innovative Runtime Code Review solution that will transform software quality and the developer experience. AppMap's mission is to deliver actionable insights to developers where they work, and AppMap continues to deliver on the promise with its latest release for the GitHub Marketplace. Unexpected runtime defects account fo...


App-security-threat-report-results-from-Digital-Ai

App security threat report results from Digital Ai


Thursday, October 19, 2023 by

Digital.ai announced the results of its 1st annual Application Security Threat Report, illuminating and quantifying the risks to applications in the wild. The results reveal that 57% of all monitored apps are under attack, with gaming (63%) and FinServ (62%) the most likely to be attacked. The study found no correlation between an app’s popularity and likelihood o...


Network-based-cybersecurity-threat-detection-SDK-launches

Network-based cybersecurity threat detection SDK launches


Monday, October 16, 2023 by

Enea has launched the Enea Qosmos Threat Detection SDK. This revolutionary threat detection system has the potential to double performance in network-based cybersecurity solutions. The Qosmos Threat Detection SDK enables the integration of Enea's flagship deep packet inspection (DPI) engine, Qosmos ixEngine, with core IDS capabilities drawn from Suricata, the wid...


App-security-training-enhancements-by-Security-Journey

App security training enhancements by Security Journey


Wednesday, July 19, 2023 by

Security Journey announced an acceleration of its secure coding training platform enhancements. Since combining HackEDU and Security Journey training offerings into one Platform, the company has added or refreshed almost 200 lessons and 25 languages, frameworks, and technologies; giving customers even more new training content to improve secure coding knowledge gain of ...


PCI-DSS-JavaScript-compliance-tool-free-from-Jscrambler

PCI DSS JavaScript compliance tool free from Jscrambler


Thursday, June 29, 2023 by

Jscrambler announced the launch and immediate availability of its free PCI DSS JavaScript Compliance Tool to ensure granular and flexible capacity to meet the stringent new requirements introduced by version 4.0 of the Payment Card Industry Data Security Standards (PCI DSS v4.0). This free assessment tool provides organizations of all sizes with clarity and si...


Oxeye-discovers-vulnerability-in-HashiCorp-Vault-Project

Oxeye discovers vulnerability in HashiCorp Vault Project


Tuesday, April 25, 2023 by

Oxeye announced the discovery of a new vulnerability in the HashiCorp Vault Project that has now been patched. HashiCorp Vault is a popular identity-based secret and encryption management system used to control access to API encryption keys, passwords, and certificates. The vulnerability was automatically discovered and reported by the Oxeye Platform during a deployment...


AppSec-2023-predictions-from-Oxeye-Security

AppSec 2023 predictions from Oxeye Security


Wednesday, February 8, 2023 by

Oxeye, the provider of award-winning cloud-native application security, announced five predictions expected to shape enterprise security spending in 2023. The predictions follow industry-wide research which shows the industry is shifting away from legacy software infrastructure and standardizing on cloud-native applications resulting in the need for new and more ef...


Developers-and-brands-must-make-mobile-apps-far-more-secure

Developers and brands must make mobile apps far more secure


Tuesday, January 17, 2023 by

The bad guys are still breaking digital windows and kicking down digital doors, so to speak, and will continue well into 2023 and beyond! Consumers through experience or gut instinct will demand that their mobile app providers deliver key security features including trying to stop the increasingly prevalent "man-in-the-middle" attacks. The latest techn...


Open-Bug-Bounty-has-fixed-1-million-vulnerabilities

Open Bug Bounty has fixed 1 million vulnerabilities


Monday, November 7, 2022 by

Open Bug Bounty is an open, disintermediated, cost-free, and community-driven Bug Bounty platform for coordinated, responsible, and ISO 29147 compatible vulnerability disclosure. It passed the milestone on 27 October of fixing over 1,000,000 web security vulnerabilities. The Open Bug Bounty project enables website owners to receive advice and support from&n...


Traceable-AI-and-ArmorCode-integration

Traceable AI and ArmorCode integration


Wednesday, August 24, 2022 by

ArmorCode has announced an integration with Traceable AI which will bring its data into the ArmorCode platform and improve Application Security Posture from code to cloud. To move at the speed of business, modern applications are increasingly powered by APIs to deliver functionality. The challenge is that each new API must be secured and as the number of APIs in...


ImmuniWeb-Neuron-web-security-scanning

ImmuniWeb Neuron web security scanning


Friday, June 10, 2022 by

ImmuniWeb has announced the launch of ImmuniWeb Neuron, a web application and API web security scanning solution that is based on the award-winning ImmuniWeb AI Platform available. ImmuniWeb Neuron is designed to rapidly scan tens, hundreds, or even thousands of web applications and APIs for vulnerabilities, weaknesses, and misconfigurations. It c...


AppSecCon-2022-dates

AppSecCon 2022 dates


Monday, May 9, 2022 by

The Purple Book Community, a community of top security leaders, announced that AppSecCon 2022 will take place May 18-19, 2022. The virtual event is expected to host thousands of leading security professionals from around the world.0 AppSecCon 2022 dates When: May 18-19, 2022 from 9 a.m. to 2 p.m. (PT) each day Where: Virtual Conference, Register Today! Presenta...


App-modernization-in-2022

App modernization in 2022


Monday, January 10, 2022 by

Ajay Patel is the General Manager for VMware’s Modern Applications & Management Business with the mission to be the leader in application modernization, cloud-native application development, and multi-cloud management through VMware Tanzu and vRealize portfolio. Ajay has over 30 years of enterprise software expertise. Ajay previously served as the Treasurer...


Increase-developer-productivity-in-2022

Increase developer productivity in 2022


Sunday, January 9, 2022 by

Patrick Jean is the CTO at OutSystems, where he's focused on building a great engineering culture where motivated people are free to unleash their passion doing meaningful work. With more than 20 years of engineering leadership experience, he has led multiple high-stakes, cloud transformation initiatives at SaaS providers, blending customer focus, inspired developme...


Cloud-provider-trends-in-2022

Cloud provider trends in 2022


Thursday, January 6, 2022 by

Amir Rapson co-founded vFunction and serves as its CTO, overseeing technology, product, and engineering. Prior to co-founding vFunction in 2017, Amir was GM and VP R&D at WatchDox until its acquisition by Blackberry, where Amir served as a VP of R&D. Prior to WatchDox, Amir held R&D positions at CTERA Networks and at SofaWare (Acquired by Check Point). Amir ...


Cloud-and-cyber-asset-management-trends-for-2022

Cloud and cyber asset management trends for 2022


Thursday, January 6, 2022 by

Companies have been racing to mature their technologies and pursue digital transformations in the last few years, as a way to gain or maintain competitive advantage and resilience. This has led to an emerging area of focus: cyber asset management. Organizations are now taking inventory of their IT infrastructure and prioritizing more agile cyber asset management process...


Software-industry-predictions-in-2022-from-Infragistics

Software industry predictions in 2022 from Infragistics


Tuesday, January 4, 2022 by

The Infragistics experts Jason Beres, Tobias Komischke, and Dean Guida share their 2022 software industry predictions about Low-Code/No-Code, App Builders, Big Data/Embedded Analytics, UI/UX Design, Data Catalogs, and Digital Transformations. “The biggest DevOps trend for 2022 will be low-code no-code tools that save developers time and money. Rather than being...


5G-2022-predictions-from-EdgeQ

5G 2022 predictions from EdgeQ


Tuesday, January 4, 2022 by

Vinay Ravuri, CEO at EdgeQ shares his predictions for 2022 about the cloudification of 5G, the death of Moore's law, 5G & AI convergence, and more. 5G will become an essential utility and assumed “natural resource” of infrastructure. Supplying the digital “pipeline” and harnessing data currency will become a focal point of national sec...


App-security-testing-platform-lands-from-Oxeye

App security testing platform lands from Oxeye


Monday, January 3, 2022 by

Oxeye announced the company’s Cloud-Native Application Security Testing Platform (CNAST). The new platform identifies code vulnerabilities, open-source vulnerabilities, and secrets to highlight the most critical issues in the software development lifecycle, delivering clear guidance for fast and accurate remediation. App security testing platform CNAST Accor...


Oxeye-closes-a-$5.3-Million-seed-financing-round

Oxeye closes a $5.3 Million seed financing round


Thursday, November 4, 2021 by

Oxeye announced the closing of a $5.3 Million seed financing round led by MoreVC, a seed-stage venture capital fund in Israel. The latest round includes support from i3 Equity Partners, and other cybersecurity focused investors as the company prepares to protect the world’s most popular Web applications with next-generation cloud-native Application Security Testin...


Promon-partners-with-F5-to-simplify-mobile-SDK-integration

Promon partners with F5 to simplify mobile SDK integration


Wednesday, October 27, 2021 by

Promon, the Oslo-based app security company announced its partnership with F5, the multi-cloud application security and delivery company. This partnership now enables F5's customers to seamlessly implement the F5 Bot Defense Mobile SDK. The solution provides developers with the necessary tools to protect their applications from bot attacks utilizing Promon'...


Compliance-automation-will-take-center-stage-this-year

Compliance automation will take center stage this year


Wednesday, May 26, 2021 by

Compliance automation uses artificial intelligence features and technology to make compliance procedures easier - according to most sources on the web, about the meaning of compliance automation.  Progress Software CEO Yogesh Gupta says with smart companies turning to a compliance-as-code approach to keep infrastructure, apps, and end-user devices secure and com...


Docker-desktop-for-Mac-is-now-available-from-Docker-Inc

Docker desktop for Mac is now available from Docker Inc


Thursday, April 15, 2021 by

Docker, Inc.™ announced general availability of its much-anticipated Docker Desktop for Mac, enabling developers to leverage the advantages of the latest Macs powered by the M1 chip and extending the reach of their Docker collaborative application development platform to a new architecture. “This is great news for the many developers who have been clamori...


Sonatype-implements-Applitools-to-ensure-app-quality

Sonatype implements Applitools to ensure app quality


Friday, March 12, 2021 by

Sonatype was in search of a solution to prevent visual bugs across the variety of operating systems and browsers supported by the Nexus platform. After implementing Applitools, the engineering team can solely focus on delivering value, while Applitools uncovers countless unexpected changes before code ever leaves development. Moving forward, Sonatype will deploy a...


Hybrid-cloud-services-general-availability-announced-by-IBM

Hybrid cloud services general availability announced by IBM


Tuesday, March 2, 2021 by

IBM announced that its hybrid cloud services are now generally available in any environment -- on any cloud, on premises or at the edge -- via IBM Cloud Satellite. Lumen Technologies and IBM have integrated IBM Cloud Satellite with the Lumen edge platform to enable clients to harness hybrid cloud services in near real-time and build innovative solutions at the edge. ...


CircleCI-brings-privacy-enhancements-for-teams-across-the-enterprise

CircleCI brings privacy enhancements for teams across the enterprise


Monday, February 22, 2021 by

CircleCI introduced new platform updates to increase the control, protection, privacy, and confidence of today’s engineering teams.   Business leaders are concerned with the growth of remote-only and its impact on security. In fact, research shows 28 percent of leaders in 2020 were anticipated to prioritize improving application security capabilities ...


LinearB-and-Clubhouse-partner-to-help-software-project-delivery

LinearB and Clubhouse partner to help software project delivery


Tuesday, February 16, 2021 by

LinearB and Clubhouse announced a partnership to help software development teams continuously improve project delivery by providing a complete picture of product and engineering lifecycles. Technical integration between the products will offer dev teams detailed project visibility and team-based metrics by correlating data across projects, code, Git activity and release...


Improving-security-posture-with-static-application-security-testing-

Improving security posture with static application security testing


Friday, February 12, 2021 by

Amid the worldwide pursuit of digital transformation, the software has seen a meteoric rise, and application security has become paramount. As more companies become software-centric, they publish more applications, increasing the risk vulnerable code will be released. To help reduce this risk, static application security testing (SAST) can help dev teams find and fix we...


DevSecOps-will-go-mainstream-this-year

DevSecOps will go mainstream this year


Tuesday, January 26, 2021 by

Cybercriminals love Shadow Code exploits because hacking a commonly used library or service can place the malicious code on hundreds or thousands of websites. For example, the widely used jQuery JavaScript library has been breached multiple times, leading to digital skimming attacks broadly across the e-commerce sector. Adding jQuery to an application without ...


API-sprawl-security-concern-predictions-of-2021-from-Volterra

API sprawl security concern predictions of 2021 from Volterra


Wednesday, January 6, 2021 by

As organizations continue to digitally transform business processes, they are increasingly transitioning from legacy applications to modern, cloud-native apps. These intricate modern apps feature far more APIs than their predecessors including API sprawl. Since these apps are built with extensive microservices, many of these APIs are deeply embedded and hidden. Th...