Application Security News and Articles
Traditional defenses like firewalls, standalone SIEMs, and endpoint-only protection are no longer enough. Security teams face a perfect storm—rising attack volumes, alert overload, limited staff, and complex hybrid environments spanning ...
Authors, Creators & Presenters: Justin Furuness (University of Connecticut), Cameron Morris (University of Connecticut), Reynaldo Morillo (University of Connecticut), Arvind Kasiliya (University of Connecticut), Bing Wang (University of ...
A survey of 2,000 senior security decision-makers published this week finds more than three quarters (78%) work for organizations that experienced an email security breach in the past 12 months. Conducted by the market research firm Vanson Bourne ...
For the past few years, the term “AI in cybersecurity” has been mostly marketing fluff. We’ve all sat through vendor presentations promising a magical AI black box that solves everything, only to find it’s just a fancier ...
via the comic artistry and dry wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘Skateboard’” appeared first on Security Boulevard.
ZEST Security announced its free remediation risk assessment. The industry is overflowing with tools to identify vulnerabilities, but these tools all fail to provide context that has real operational impact. ZEST is bridging that gap by offering ...
OpenAI is releasing a research preview of gpt-oss-safeguard, a set of open-weight reasoning models for safety classification. The models come in two sizes: gpt-oss-safeguard-120b and gpt-oss-safeguard-20b. Both are fine-tuned versions of the ...
Bringing frictionless implementation [Progressive Segmentation™ and EDR integration] and rapid value realization to an award-winning and peer-recognized technology platform demystifies, simplifies, and makes it extremely easy for our customers ...
If your software serves federal missions, you face twin pressures to move faster and prove exactly what's in your software.
The post Transforming Software Compliance with AI SBOM Management appeared first on Security Boulevard.
From ITDR to MCP, LASCON XV in Austin showed how AppSec must evolve to address identity threats, AI challenges, and the complexity of modern production systems.
The post LASCON XV: From AI Risk To Identity Security In AppSec appeared first on ...
Authors, Creators & Presenters: Mengying Wu (Fudan University), Geng Hong (Fudan University), Jinsong Chen (Fudan University), Qi Liu (Fudan University), Shujun Tang (QI-ANXIN Technology Research Institute; Tsinghua University), Youhao Li ...
Sanctions are one of the tools Western governments use when they want to hit back at state-sponsored cyber threat actors. But do they actually work? That’s the question a group of current and former cybersecurity officials, analysts, and ...
7 min readInstead of just trusting the token's signature, attestation-based identity adds an extra layer of security. It cryptographically verifies that the workload is running exactly where and how it's supposed to. It's proof of location and ...
Fortra announced the launch of its new Data Security Posture Management (DSPM) solution to enable organizations to discover, classify, and protect sensitive data across their hybrid cloud. Fortra DSPM strengthens the company’s security ...
Commvault introduced Data Rooms, a secure environment that enables enterprises to safely connect their trusted backup data to the AI platforms they rely on, or to their own AI initiatives, such as internal data lakes. By combining governed, ...
Sweet Security announced an extension of its Runtime CNAPP sensor to include Windows environments. With this launch, organizations can secure Windows workloads and applications in the cloud. The new capability brings the same visibility, ...
Discover the security risks in vibe-coded applications as we uncover over 2,000 vulnerabilities, exposed secrets, and PII
The post Methodology: How we discovered over 2k high-impact vulnerabilities in apps built with vibe coding platforms ...
Obsidian Security says it is creating a working group of security leaders to pressure SaaS vendors to adopt standards like the SSCF to make their online applications safer as the cyber threats against them escalate and the use of AI agents in ...
Rapid7 announced AI-generated risk intelligence as part of the Rapid7 Command Platform. Delivered through Remediation Hub, the new capability accelerates remediation by giving security teams a contextual, and actionable view of each exposure, ...
MITRE has unveiled the latest version of ATT&CK, with the most significant changes in the defensive part of the framework.
The post MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile, ICS appeared first on SecurityWeek.
