application security

application security news search results

Developer news items we found relating to application security

35 results
Generative-AI-in-Application-Security-report-from-Checkmarx

Generative AI in Application Security report from Checkmarx


Monday, August 12, 2024 by

Checkmarx, the in-cloud-native application security provider, has published its Seven Steps to Safely Use Generative AI in Application Security report, which analyzes key concerns, usage patterns, and buying behaviors relating to the use of AI in enterprise application development. The global study exposed the tension between the need to empower both...


Veracode-acquires-Longbow-Security

Veracode acquires Longbow Security


Thursday, April 18, 2024 by

Veracode announced the acquisition of Longbow Security, a security risk management platform for cloud-native environments. The acquisition marks the next exciting phase of Veracode, underscoring the company’s commitment to help organizations effectively manage and reduce application risk across the growing attack surface. The integration of Longbow in...


Secure-software-development-insights-from-The-Linux-Foundation

Secure software development insights from The Linux Foundation


Monday, February 5, 2024 by

The Linux Foundation published a new report, Maintainer Perspectives on Open Source Software Security, based on a survey of OSS maintainers and core contributors, to understand perspectives on OSS security and the uptake and adoption of security best practices by maintainers, core contributors, end users, and other members of the OSS ecosystem. Maintainer Perspective...


ASPM-2024-report-from-Cycode

ASPM 2024 report from Cycode


Friday, December 15, 2023 by

Cycode announced the release of its inaugural State of ASPM 2024 report. The research found that AppSec chaos reigns, with 78% of CISOs responding that today’s AppSec attack surfaces are unmanageable and 90% of responders confirmed relationships between their security and development teams need to improve. Surprisingly, 77% of CISOs believe software supply ch...


Runtime-code-review-from-AppMap-enhances-productivity

Runtime code review from AppMap enhances productivity


Tuesday, November 14, 2023 by

AppMap has announced its innovative Runtime Code Review solution that will transform software quality and the developer experience. AppMap's mission is to deliver actionable insights to developers where they work, and AppMap continues to deliver on the promise with its latest release for the GitHub Marketplace. Unexpected runtime defects account fo...


App-security-threat-report-results-from-Digital-Ai

App security threat report results from Digital Ai


Thursday, October 19, 2023 by

Digital.ai announced the results of its 1st annual Application Security Threat Report, illuminating and quantifying the risks to applications in the wild. The results reveal that 57% of all monitored apps are under attack, with gaming (63%) and FinServ (62%) the most likely to be attacked. The study found no correlation between an app’s popularity and likelihood o...


App-security-training-enhancements-by-Security-Journey

App security training enhancements by Security Journey


Wednesday, July 19, 2023 by

Security Journey announced an acceleration of its secure coding training platform enhancements. Since combining HackEDU and Security Journey training offerings into one Platform, the company has added or refreshed almost 200 lessons and 25 languages, frameworks, and technologies; giving customers even more new training content to improve secure coding knowledge gain of ...


PCI-DSS-JavaScript-compliance-tool-free-from-Jscrambler

PCI DSS JavaScript compliance tool free from Jscrambler


Thursday, June 29, 2023 by

Jscrambler announced the launch and immediate availability of its free PCI DSS JavaScript Compliance Tool to ensure granular and flexible capacity to meet the stringent new requirements introduced by version 4.0 of the Payment Card Industry Data Security Standards (PCI DSS v4.0). This free assessment tool provides organizations of all sizes with clarity and si...


Oxeye-discovers-vulnerability-in-HashiCorp-Vault-Project

Oxeye discovers vulnerability in HashiCorp Vault Project


Tuesday, April 25, 2023 by

Oxeye announced the discovery of a new vulnerability in the HashiCorp Vault Project that has now been patched. HashiCorp Vault is a popular identity-based secret and encryption management system used to control access to API encryption keys, passwords, and certificates. The vulnerability was automatically discovered and reported by the Oxeye Platform during a deployment...


AppSec-2023-predictions-from-Oxeye-Security

AppSec 2023 predictions from Oxeye Security


Wednesday, February 8, 2023 by

Oxeye, the provider of award-winning cloud-native application security, announced five predictions expected to shape enterprise security spending in 2023. The predictions follow industry-wide research which shows the industry is shifting away from legacy software infrastructure and standardizing on cloud-native applications resulting in the need for new and more ef...


Open-Bug-Bounty-has-fixed-1-million-vulnerabilities

Open Bug Bounty has fixed 1 million vulnerabilities


Monday, November 7, 2022 by

Open Bug Bounty is an open, disintermediated, cost-free, and community-driven Bug Bounty platform for coordinated, responsible, and ISO 29147 compatible vulnerability disclosure. It passed the milestone on 27 October of fixing over 1,000,000 web security vulnerabilities. The Open Bug Bounty project enables website owners to receive advice and support from&n...


Traceable-AI-and-ArmorCode-integration

Traceable AI and ArmorCode integration


Wednesday, August 24, 2022 by

ArmorCode has announced an integration with Traceable AI which will bring its data into the ArmorCode platform and improve Application Security Posture from code to cloud. To move at the speed of business, modern applications are increasingly powered by APIs to deliver functionality. The challenge is that each new API must be secured and as the number of APIs in...


ImmuniWeb-Neuron-web-security-scanning

ImmuniWeb Neuron web security scanning


Friday, June 10, 2022 by

ImmuniWeb has announced the launch of ImmuniWeb Neuron, a web application and API web security scanning solution that is based on the award-winning ImmuniWeb AI Platform available. ImmuniWeb Neuron is designed to rapidly scan tens, hundreds, or even thousands of web applications and APIs for vulnerabilities, weaknesses, and misconfigurations. It c...


AppSecCon-2022-dates

AppSecCon 2022 dates


Monday, May 9, 2022 by

The Purple Book Community, a community of top security leaders, announced that AppSecCon 2022 will take place May 18-19, 2022. The virtual event is expected to host thousands of leading security professionals from around the world.0 AppSecCon 2022 dates When: May 18-19, 2022 from 9 a.m. to 2 p.m. (PT) each day Where: Virtual Conference, Register Today! Presenta...


App-security-testing-platform-lands-from-Oxeye

App security testing platform lands from Oxeye


Monday, January 3, 2022 by

Oxeye announced the company’s Cloud-Native Application Security Testing Platform (CNAST). The new platform identifies code vulnerabilities, open-source vulnerabilities, and secrets to highlight the most critical issues in the software development lifecycle, delivering clear guidance for fast and accurate remediation. App security testing platform CNAST Accor...


Oxeye-closes-a-$5.3-Million-seed-financing-round

Oxeye closes a $5.3 Million seed financing round


Thursday, November 4, 2021 by

Oxeye announced the closing of a $5.3 Million seed financing round led by MoreVC, a seed-stage venture capital fund in Israel. The latest round includes support from i3 Equity Partners, and other cybersecurity focused investors as the company prepares to protect the world’s most popular Web applications with next-generation cloud-native Application Security Testin...


Promon-partners-with-F5-to-simplify-mobile-SDK-integration

Promon partners with F5 to simplify mobile SDK integration


Wednesday, October 27, 2021 by

Promon, the Oslo-based app security company announced its partnership with F5, the multi-cloud application security and delivery company. This partnership now enables F5's customers to seamlessly implement the F5 Bot Defense Mobile SDK. The solution provides developers with the necessary tools to protect their applications from bot attacks utilizing Promon'...


Docker-desktop-for-Mac-is-now-available-from-Docker-Inc

Docker desktop for Mac is now available from Docker Inc


Thursday, April 15, 2021 by

Docker, Inc.™ announced general availability of its much-anticipated Docker Desktop for Mac, enabling developers to leverage the advantages of the latest Macs powered by the M1 chip and extending the reach of their Docker collaborative application development platform to a new architecture. “This is great news for the many developers who have been clamori...


Sonatype-implements-Applitools-to-ensure-app-quality

Sonatype implements Applitools to ensure app quality


Friday, March 12, 2021 by

Sonatype was in search of a solution to prevent visual bugs across the variety of operating systems and browsers supported by the Nexus platform. After implementing Applitools, the engineering team can solely focus on delivering value, while Applitools uncovers countless unexpected changes before code ever leaves development. Moving forward, Sonatype will deploy a...


Hybrid-cloud-services-general-availability-announced-by-IBM

Hybrid cloud services general availability announced by IBM


Tuesday, March 2, 2021 by

IBM announced that its hybrid cloud services are now generally available in any environment -- on any cloud, on premises or at the edge -- via IBM Cloud Satellite. Lumen Technologies and IBM have integrated IBM Cloud Satellite with the Lumen edge platform to enable clients to harness hybrid cloud services in near real-time and build innovative solutions at the edge. ...


CircleCI-brings-privacy-enhancements-for-teams-across-the-enterprise

CircleCI brings privacy enhancements for teams across the enterprise


Monday, February 22, 2021 by

CircleCI introduced new platform updates to increase the control, protection, privacy, and confidence of today’s engineering teams.   Business leaders are concerned with the growth of remote-only and its impact on security. In fact, research shows 28 percent of leaders in 2020 were anticipated to prioritize improving application security capabilities ...


LinearB-and-Clubhouse-partner-to-help-software-project-delivery

LinearB and Clubhouse partner to help software project delivery


Tuesday, February 16, 2021 by

LinearB and Clubhouse announced a partnership to help software development teams continuously improve project delivery by providing a complete picture of product and engineering lifecycles. Technical integration between the products will offer dev teams detailed project visibility and team-based metrics by correlating data across projects, code, Git activity and release...


Improving-security-posture-with-static-application-security-testing-

Improving security posture with static application security testing


Friday, February 12, 2021 by

Amid the worldwide pursuit of digital transformation, the software has seen a meteoric rise, and application security has become paramount. As more companies become software-centric, they publish more applications, increasing the risk vulnerable code will be released. To help reduce this risk, static application security testing (SAST) can help dev teams find and fix we...


5-mistakes-businesses-make-in-application-development

5 mistakes businesses make in application development


Friday, October 23, 2020 by

5 Mistakes Businesses Make While Prioritizing Speed Over Security in Application Development Earlier this year, the Democratic party in Iowa announced its plans to use a smartphone app to calculate and transmit their caucus results. One would think that by using technology to improve the speed of governance, what could possibly go wrong? A lot, apparently. The a...


GitLab-acquires-Peach-Tech-and-Fuzzit

GitLab acquires Peach Tech and Fuzzit


Friday, June 12, 2020 by

GitLab announced it has acquired Peach Tech and Fuzzit. These acquisitions will add fully-mature testing solutions including protocol fuzzing, API fuzzing, DAST API testing, and coverage-guided fuzz testing. This makes GitLab’s DevSecOps offering the first security solution to offer both coverage-guided and behavioral fuzz testing techniques as well as the fi...


Docker-and-Snyk-partner-to-deliver-container-vulnerability-scanning

Docker and Snyk partner to deliver container vulnerability scanning


Wednesday, May 20, 2020 by

Docker has partnered with Snyk to deliver native vulnerability scanning of container images in Docker. Together, Docker and Snyk will provide a streamlined workflow that makes the application development process more secure for millions of developers, allowing them to more quickly and confidently build secure applications as an automated part of their toolchain. ...


DevSecOps-7th-annual-Community-Survey-results

DevSecOps 7th annual Community Survey results


Wednesday, April 15, 2020 by

Sonatype published findings from its seventh annual DevSecOps Community Survey, based on responses from 5,045 software engineering professionals. The survey, developed and conducted in partnership with Carnegie Mellon’s Software Engineering Institute, CloudBees, DevOps Institute, DevOps.com, DevSecOps Days, NowSecure, Security Boulevard, Verica, and All Day DevOps...


Improve-DevOps-processes-with-API-catalog

Improve DevOps processes with API catalog


Thursday, March 26, 2020 by

One of the biggest trends in DevOps is the “shift left” approach when it comes to security, so much so that security conferences now host developer days, developer conferences host security days, and the two have melded into DevSecOps. But pragmatically, how do you implement security earlier into your development cycles? According to CloudVector VP of Engine...


Linux-and-LISH-release-census-for-open-source-security

Linux and LISH release census for open source security


Wednesday, February 19, 2020 by

The Linux Foundation’s Core Infrastructure Initiative (CII) and the Laboratory for Innovation Science at Harvard (LISH), announced the release of ‘Vulnerabilities in the Core,’ a Preliminary Report and Census II of Open Source Software. This Census II analysis and report represent important steps towards understanding and addressing structural and s...


Volterra-emerges-from-Stealth

Volterra emerges from Stealth


Friday, November 22, 2019 by

Volterra​ announced it has launched from two years of stealth operations with over $50 million in funding to date. Investors include top-tier venture capital firms Khosla Ventures, Mayfield and M12 (Microsoft’s venture fund), as well as a growing set of strategic investors/partners including Itochu Technology Ventures and Samsung NEXT. Volterra’s launch come...


Build-applications-at-speed-with-Cohesity-Agile-Dev

Build applications at speed with Cohesity Agile Dev


Thursday, September 12, 2019 by

Cohesity has announced the launch of Cohesity Agile Dev and Test, a new solution that addresses key bottlenecks organizations face in building applications at speed. It moves away from the request-fulfill model where developers request access to production-grade data and wait sometimes weeks for IT operations teams to provide the data needed to build...


Crowdsourced-security-and-bug-bounty-adoption-is-spreading

Crowdsourced security and bug bounty adoption is spreading


Monday, May 20, 2019 by

There continues to be a fundamental imbalance in cybersecurity. Attackers are finding new ways to penetrate cyber defenses as targets proliferate to the cloud, mobile, and connected devices. Defenders need to take a proactive security approach. The evolving threat landscape and the ever-widening security skills gap are giving rise to new approaches such as crowdsourc...


F5-Acquires-NGINX

F5 Acquires NGINX


Thursday, March 14, 2019 by

F5 Networks, Inc. and NGINX announced a definitive agreement under which F5 will acquire all issued and outstanding shares of privately held NGINX for a total enterprise value of approximately $670 million, subject to certain adjustments. “By bringing F5’s world-class application security and rich application services portfolio for improving per...


First-multiTEE-security-platform-for-mobile-app-developers-emerges

First multiTEE security platform for mobile app developers emerges


Tuesday, March 5, 2019 by

Trustonic says it will expand support to include Huawei’s Trusted Execution Environment (TEE) on its mobile application security platform, Trustonic Application Protection (TAP). Until now, TAP has enabled app developers to build apps secured by both strong application shielding for iOS and Android, and hardware-based protection for the 1.7 billion Android devices...


Prevoty-offers-new-Autonomous-Application-Protection-capabilities

Prevoty offers new Autonomous Application Protection capabilities


Friday, March 1, 2019 by

Imperva announced the expansion of its application security offerings with two new Autonomous Application Protection capabilities. The update extends customers’ visibility into how applications behave and how users interact with sensitive information. With this expanded view across their business assets, customers will have deeper insights to understand and mit...