Nearly all developers use AI but few secure the code it generates
Monday, July 13, 2026 by Trey Abbe
Nearly all developers write code with AI, but fewer than one in five secure it as they go, citing limited use of AppSec tooling inside Integrated Developer Environments and difficulty integrating security into existing CI and CD pipelines. That gap is not a small nuisance. It is a structural flaw. If the code accelerates while the guardrails stand still, risk compounds ...
AI Executive Order aims to balance security and innovation
Monday, June 29, 2026 by Richard Harris
One of the biggest concerns people had when talk started about regulating AI was whether the government was going to require developers to get permission before releasing new models. This executive order takes a different approach. Instead of creating another layer of bureaucracy, it establishes a voluntary review process for the handful of AI models that are considered...
The identity system is failing under AI
Monday, May 25, 2026 by Brittany Hainzinger
The global cybersecurity crisis has entered a new and far more dangerous phase. Artificial intelligence has handed attackers the tools to automate credential theft at unprecedented speed, and the identity systems billions of people rely on every day including passwords, biometrics, and passkeys are failing one by one. Netlok, LLC, a California based cybersecurity innova...
NFT marketplace and gallery to launch from Trend Innovations
Wednesday, April 26, 2023 by Brittany Hainzinger
Trend Innovations Holding Inc. has recently announced that they will combine two recent acquisitions to upgrade and launch a more robust version of the company's newly acquired InstantFAME platform. InstantFAME is a mobile and web application, which operates in the multi-billion-dollar digital artwork marketplace for artists to securely publish and sell their d...
Zero trust policies for software releases could be key
Thursday, December 8, 2022 by Gopinath Rebala
Today’s integrated DevOps methodology offers businesses the promise of accelerating innovation by providing customers and employees with new application capabilities faster. However, this approach can also increase risks associated with cybercrime and the failure to comply with rapidly evolving privacy regulations. As a result, minimizing security risk during the ...
Mitigating API attacks in 2022
Wednesday, January 5, 2022 by Richard Harris
Nathanael Coffing, co-founder and CSO of Cloudentity, is also a board member. Nathanael has over 20 years of management and architecture experience across identity, security, microservices, and IT domains. Prior to founding Cloudentity, he founded OrchIS.io and helped build numerous technology startups leveraging his experience at Sun, Oracle, Imperva, Washington Mutual...
Low code platform Zenity lands $5M in funding
Wednesday, December 8, 2021 by Austin Harris
Zenity exited stealth mode with a $5 million seed funding round, led by Vertex Ventures and UpWest, and backed by top executives such as the former CISO of Google, Gerhard Eschelbeck, and former CIO of SuccessFactors, Tom Fisher. With Zenity, businesses can promote citizen development and adopt Low-Code/No-Code platforms while avoiding critical data exfiltration or disr...
Not all security vulnerabilities are created equal
Tuesday, May 25, 2021 by Jack Mannino
Applications are the heart of employee and user productivity. There are billions of applications each with a specific function, value and, unfortunately, they also provide one of the easiest openings for cybercriminals and hackers to gain access to critical IT infrastructure and information assets. While most IT security professionals implicitly understand the concept o...
Six areas of focus for continuous security
Friday, April 16, 2021 by Jack Mannino
Applications are the heart of employee and user productivity. There are billions of applications each with a specific function and value and, unfortunately, they also provide one of the easiest openings for cyber criminals and hackers to gain access to critical IT infrastructure and information assets. While most IT security professionals implicitly understand the conce...
IAST supports AppSec efficiencies while cutting costs and headaches
Monday, November 26, 2018 by Asma Zubair
It’s easy to feel passionate about interactive application security testing (IAST) in the world of application security. You see, IAST makes security testing almost invisible. It’s not something that requires a highly trained team to be brought in to carry out and analyze testing results. It doesn’t hold up other teams or processes from moving forward....
VASCO launches overlay detection in DIGIPASS
Thursday, June 22, 2017 by Richard Harris
VASCO Data Security International, Inc., a provider of identity, security and business productivity solutions, has announced its ability to help organizations detect and mitigate mobile application overlay attacks through added functionality in the DIGIPASS for Apps Runtime Application Self-Protection (RASP) module.Overlay attacks are increasingly being deployed to stea...
Tech decision makers double down on cloud adoption says new index
Tuesday, May 23, 2017 by Austin Harris
The large majority of technology decision makers (84 percent) say their organizations invested in cloud services in 2016. The adoption of cloud services in 2016 is a mirror image of the planned cloud investments expressed in last year’s report. According to Insight’s 2017 Intelligent Technology Index report, “As IT leaders make decisions and arrangements to straddl...
Checkmarx opens beta support for Scala programming language
Wednesday, February 1, 2017 by Richard Harris
Checkmarx, an application security testing company, has announced open beta support of the Scala programming language. The new capability adds the ability to analyze and remediate security risks and vulnerabilities exposed in projects written using Scala code.The added capability not only allows the detection of vulnerabilities within Scala code, but also the ability to...
SourceClear launches integrations across Atlassian stack
Thursday, October 13, 2016 by Austin Harris
SourceClear is launching integrations across the Atlassian stack, including Bitbucket Pipelines, JIRA Server, JIRA Cloud, and Bamboo adding a critical layer of security to Continuous Delivery. In addition to Atlassian, SourceClear will bring secure continuous delivery to Travis CI, CircleCI, and CodeShip as well.These new integrations bring automated security checks int...
IBM Security Channels Its Inner XMen with Launch of IBM XForce Red Security Division
Friday, August 5, 2016 by Stuart Parkerson
Someone in charge of naming divisions at IBM must have been a big Sci-Fi fan as is evidenced with IBM Security’s name for the a news security task force - IBM X-Force Red. Yep, that’s the name for a new group of IBM security professionals and ethical hackers whose goal is to help businesses discover vulnerabilities in their computer networks, hardware, and software...
Microsoft Provides Sample Features and APIs for Universal Windows Apps
Wednesday, September 30, 2015 by Stuart Parkerson
To help developers learn app development for the Universal Windows Platform (UWP), Microsoft has made available a growing samples collection on GitHub. These samples can be used to learn about specific UWP features and APIs and as a source of working code that can be copied and pasted into projects.The samples include API and feature demos as well as some small but comp...
Bomgar Platform Updates Secures Cloud Users Against Cyberattacks
Monday, September 14, 2015 by Richard Harris
Bomgar has released the latest version of its Privileged Access Management solution, which provides security professionals with the ability to control, monitor, and manage access to critical systems by privileged users and third-party vendors. Bomgar’s approach allows companies to enable controlled system access and defend against cyberattacks without requiring com...
FacebookConnected Apps Must Now Support Certificates Signed with SHA2
Monday, June 22, 2015 by Richard Harris
Facebook is updating its encryption requirements for Facebook-connected apps which means that apps that don't support SHA-2 certificate signatures will no longer be able to connect to Facebook starting on October 1, 2015.Facebook’s Adam Gross in a recent post on the Facebook developer blog:These changes are part of a broader shift in how browsers and web sites encrypt t...
Red Hat Releases Three Different Studies on Mobile Development, Digital Leadership and OpenStack Adoption
Friday, May 29, 2015 by Richard Harris
Red Hat has recently published three different studies focusing on: mobile development trends, OpenStack enterprise adoption, and digital leadership.Mobile Trends SurveyA new mobile trends survey by Red Hat shows that - while mobile plays a role for 73 percent of organizations - nearly half of the respondents identify security (45 percent) and back-end integration(43 pe...
Microsoft Announces a Number of Intelligent Cloud Services
Friday, May 8, 2015 by Richard Harris
At its Ignite Conference, Microsoft announced a number of Intelligent cloud services. Following is a highlight of these new services:In preview this summer, Microsoft Azure Stack brings the Azure user experience and both infrastructure and platform-as-a-service capabilities into customers’ datacenters. With Azure Stack IT teams can blend enterprise applications with mod...
Salesforce Launches Developer Pack for Apple Watch
Wednesday, March 11, 2015 by Richard Harris
On the heals of the announcement of the release date for the Apple Watch, Salesforce has announced three products for developers interested in leveraging the new technology. These include the Salesforce Analytics Cloud for Apple Watch, Salesforce1 for Apple Watch and Salesforce Wear Developer Pack for Apple Watch. Salesforce Analytics Cloud for Apple WatchSalesforc...
SEWORKS to Release AppSecu.re SaaS Security Service for Mobile Apps
Wednesday, February 25, 2015 by Richard Harris
SEWORKS is releasing AppSecu.re, a SaaS security service for mobile apps. An SDK-based version of AppSecu.re is available to iOS developers now; a cloud-based version is currently in production.With AppSecure, developers can track each individual install of an application to detect for tampering, unauthorized changes, or attempts at app piracy. AppSecure gives clear vis...
MetaIntelli and Arxan Technologies Partner to Identify and Mitigate Mobile Apps Security Threats
Sunday, November 16, 2014 by Stuart Parkerson
MetaIntelli and Arxan Technologies have partnered together to provide mobile app developers with a comprehensive approach to identify and mitigate mobile apps against security and privacy risks with nonstop protection. The two companies bring together complementary technologies that leverage MetaIntelli’s intelligent, autonomic cloud based mobile app risk identific...