Agentic application security company Checkmarx today unveiled Checkmarx One, a platform built for the age of agentic development. The platform embeds agentic, AI-driven security across code, dependencies, AI assets and runtime, which enables enterprises to have oversight and visibility into security right from the start. “Traditional AppSec was never built to deal with AI coding,” … continue reading
SAN FRANCISCO – Opsera, the leader in Agentic DevOps, today announced the launch of Opsera AI Agents for DevSecOps, a suite of intelligent, purpose-built agents designed to help enterprises transition from traditional software development lifecycle (SDLC) to an AI-driven software delivery lifecycle (AI-SDLC). The first release, Opsera AppSec Agents for AI Builders, introduces autonomous AI … continue reading
The number of security challenges companies are facing continue to grow, but organizations are beginning to display signs of “AppSec exhaustion,” or decreased engagement in security practices. This is according to Snyk’s new State of Open Source report, which found that dependency tracking and code ship frequency has remained largely unchanged since last year. There … continue reading
AppSec company Backslash Security has announced new capabilities to better detect security issues in applications. Backslash utilizes a number of security scanning capabilities to uncover potential issues, including SCA, SAST, SBOM, VEX, and secrets detection. It now integrates with GitHub Enterprise On-Premise, GitHub Enterprise Server, GitLab On-Premise, and Bitbucket On-Premise. By offering integration into more … continue reading
Developer productivity solution provider Snyk today released Snyk AppRisk Pro, which uses artificial intelligence (AI) and machine learning (ML) to help developers and security teams locate and remediate critical risks that can harm the business. Snyk AppRisk Pro gives AppSec teams context around risk issues to enable the teams to prioritize the riskiest issues and … continue reading
As companies across the globe race to fortify their cybersecurity defenses, they’re increasingly finding themselves navigating a complex maze when it comes to security testing. The past decade of innovation has produced an ecosystem now booming with countless tools, yet aligning these tools together, and avoiding tool sprawl, is proving to have its own set of … continue reading
Qualys is now allowing AppSec teams to leverage their risk management platform to assess, prioritize, and address the risks associated with first-party software and its embedded open-source components. In the digital transformation era, organizations develop their own software to run their businesses. However, first-party software often lacks the same level of disciplined vulnerability and configuration … continue reading
With a 742% average annual increase in software supply chain attacks reported by Sonatype, application security has become a top concern for businesses. Today Vaadin is excited to announce AppSec Kit, a new Acceleration Kit designed to enhance the security of your web applications built with Vaadin. AppSec Kit is currently available for Vaadin 7 and Vaadin … continue reading
The collaboration platform Stack Overflow for Teams is now free for up to 50 users and the Free plan includes ChatOps integrations to Slack and Microsoft Teams. “The open source ethos that is foundational to this network was an inspiration for our new free offering. We’re excited to enable those who are working towards a … continue reading
Traditional application security is different in two key ways from what has come to be known as DevSecOps. First, modern software companies are integrating application security into their DevOps pipelines, so security becomes part of the flow. Second, it’s also about DevOps being built into application security. Patrick Carey, who leads product strategy in the … continue reading
A majority of developers feel forced to sacrifice security for the speed that today’s development cycles require. A recent report from WhiteSource found 73% of security teams at organizations are forced to cut corners, and the AppSec tools they use are to check the box towards DevSecOps improvements and are not effectively used. “There are … continue reading
To understand an enterprise’s current state of software security risk, executives, security practitioners and development teams need information. Benchmarks provide useful information on performance and risk. However, ideas about which benchmarks are most important will differ depending upon the corporate stakeholder to whom you’re speaking. For example, a business decision-maker has to justify the expense … continue reading
