Application Security News and Articles
From ITDR to MCP, LASCON XV in Austin showed how AppSec must evolve to address identity threats, AI challenges, and the complexity of modern production systems.
The post LASCON XV: From AI Risk To Identity Security In AppSec appeared first on ...
Authors, Creators & Presenters: Mengying Wu (Fudan University), Geng Hong (Fudan University), Jinsong Chen (Fudan University), Qi Liu (Fudan University), Shujun Tang (QI-ANXIN Technology Research Institute; Tsinghua University), Youhao Li ...
Sanctions are one of the tools Western governments use when they want to hit back at state-sponsored cyber threat actors. But do they actually work? That’s the question a group of current and former cybersecurity officials, analysts, and ...
7 min readInstead of just trusting the token's signature, attestation-based identity adds an extra layer of security. It cryptographically verifies that the workload is running exactly where and how it's supposed to. It's proof of location and ...
Fortra announced the launch of its new Data Security Posture Management (DSPM) solution to enable organizations to discover, classify, and protect sensitive data across their hybrid cloud. Fortra DSPM strengthens the company’s security ...
Commvault introduced Data Rooms, a secure environment that enables enterprises to safely connect their trusted backup data to the AI platforms they rely on, or to their own AI initiatives, such as internal data lakes. By combining governed, ...
Sweet Security announced an extension of its Runtime CNAPP sensor to include Windows environments. With this launch, organizations can secure Windows workloads and applications in the cloud. The new capability brings the same visibility, ...
Discover the security risks in vibe-coded applications as we uncover over 2,000 vulnerabilities, exposed secrets, and PII
The post Methodology: How we discovered over 2k high-impact vulnerabilities in apps built with vibe coding platforms ...
Obsidian Security says it is creating a working group of security leaders to pressure SaaS vendors to adopt standards like the SSCF to make their online applications safer as the cyber threats against them escalate and the use of AI agents in ...
Rapid7 announced AI-generated risk intelligence as part of the Rapid7 Command Platform. Delivered through Remediation Hub, the new capability accelerates remediation by giving security teams a contextual, and actionable view of each exposure, ...
MITRE has unveiled the latest version of ATT&CK, with the most significant changes in the defensive part of the framework.
The post MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile, ICS appeared first on SecurityWeek.
Trellix announced Trellix Helix is now integrated with Trellix Hyperautomation, a no-code, drag-and-drop workflow builder that automates security processes. Trellix Helix provides customers with AI-powered context across all threat vectors and ...
Explore passkeys for mobile devices: what they are, how they work, their security advantages, and implementation strategies for developers.
The post What is a Passkey for Mobile Devices? appeared first on Security Boulevard.
A new Vanta survey of 3,500 IT and business leaders reveals that 72% believe cybersecurity risks have never been higher due to AI. While 79% are using or planning to use AI agents to defend against threats, many admit their understanding lags ...
StrongestLayer has launched AI Advisor, an advanced email protection tool powered by large language models (LLMs) that evaluates message provenance in real time to detect phishing attacks. By triangulating sender legitimacy and assigning dynamic ...
Zscaler unveiled new Zscaler Digital Experience (ZDX) innovations that help enterprises monitor and fix performance issues faster, achieving real-time insights across the internet and endpoint, cutting issue detection by 98%, and resolving issues ...
Acronis announced the launch of Acronis Cyber Protect Local, a solution that delivers natively integrated cyber resilience for on-premises, sovereign private cloud, and air-gapped IT and OT environments. Designed for organizations where cloud ...
The FCC has taken another step to keep Chinese telecom gear from being imported into the United States, voting 3-0 to block new approvals for products from those nine Chinese companies on its "Covered List" and considered potential national ...
Quantum computing is set to redefine data security, AI, and cloud infrastructure. This in-depth research explores how post-quantum cryptography, quantum AI acceleration, and hybrid quantum-cloud systems will reshape technology by 2035—and what ...
Polygraf AI has developed proprietary small language model (SLM) technology designed to help organizations mitigate AI risks.
The post AI Security Firm Polygraf Raises $9.5 Million in Seed Funding appeared first on SecurityWeek.
