Application Security - Security Ticks

Manifest Raises $15 Million for SBOM Management Platform

Application Security, Cybersecurity Funding, funding, Manifest, SBOM, supply chain / SecurityTicks

Manifest Raises $15 Million for SBOM Management Platform 2025-04-25 at 15:18 By Ionut Arghire Software and AI supply chain transparency firm Manifest has raised $15 million in a Series A funding round led by Ensemble VC. The post Manifest Raises $15 Million for SBOM Management Platform appeared first on SecurityWeek. This article is an excerpt […]

React to this headline:

Manifest Raises $15 Million for SBOM Management Platform Read More »

Endor Labs Raises $93 Million for AppSec Platform

Application Security, appsec, Cybersecurity Funding, Endor Labs, funding / SecurityTicks

Endor Labs Raises $93 Million for AppSec Platform 2025-04-23 at 17:20 By Eduard Kovacs Endor Labs has raised $93 million in a Series B funding round and announced a major expansion of its AppSec platform. The post Endor Labs Raises $93 Million for AppSec Platform appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Endor Labs Raises $93 Million for AppSec Platform Read More »

Miggo Security Banks $17M Series A for ADR Technology

Application Security, Funding/M&A, Miggo Security, Series A, SYN Ventures, YL Ventures / SecurityTicks

Miggo Security Banks $17M Series A for ADR Technology 2025-04-23 at 15:22 By SecurityWeek News Israeli runtime application security startups closes a $17 million Series A round led by Florida‑based SYN Ventures and YL Ventures. The post Miggo Security Banks $17M Series A for ADR Technology appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Miggo Security Banks $17M Series A for ADR Technology Read More »

Open Source Security Firm Hopper Emerges From Stealth With $7.6M in Funding

Application Security, Cybersecurity Funding, funding, Hopper, open source, OSS, seed funding / SecurityTicks

Open Source Security Firm Hopper Emerges From Stealth With $7.6M in Funding 2025-04-22 at 15:48 By Eduard Kovacs Hopper has emerged from stealth mode with a solution designed to help organizations manage open source software risk. The post Open Source Security Firm Hopper Emerges From Stealth With $7.6M in Funding appeared first on SecurityWeek. This

React to this headline:

Open Source Security Firm Hopper Emerges From Stealth With $7.6M in Funding Read More »

GitHub Announces General Availability of Security Campaigns

Application Security, GitHub, security campaigns, source code / SecurityTicks

GitHub Announces General Availability of Security Campaigns 2025-04-10 at 14:21 By Eduard Kovacs GitHub security campaigns make it easier for developers and security teams to collaborate on fixing vulnerabilities in their applications. The post GitHub Announces General Availability of Security Campaigns appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

GitHub Announces General Availability of Security Campaigns Read More »

Call Records of Millions Exposed by Verizon App Vulnerability

Application Security, call records, Featured, Mobile & Wireless, Verizon, vulnerability / SecurityTicks

Call Records of Millions Exposed by Verizon App Vulnerability 2025-04-04 at 19:00 By Eduard Kovacs A patch has been released for a serious information disclosure vulnerability affecting a Verizon call filtering application. The post Call Records of Millions Exposed by Verizon App Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Call Records of Millions Exposed by Verizon App Vulnerability Read More »

Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack

Application Security, GitHub actions, supply chain, Supply Chain Security / SecurityTicks

Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack 2025-04-04 at 12:49 By Ionut Arghire Evidence shows a SpotBugs token compromised in December 2024 was used in the March 2025 GitHub Actions supply chain attack. The post Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack appeared first on SecurityWeek. This article is

React to this headline:

Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack Read More »

Only 2-5% of application security alerts require immediate action

Application Security, cybersecurity, Don't miss, News, Ox Security, report, survey, vulnerability management / SecurityTicks

Only 2-5% of application security alerts require immediate action 2025-03-31 at 07:51 By Help Net Security The large volume of security alerts, many created by automated tools, is overwhelming security and development teams, according to the 2025 Application Security Benchmark report by Ox Security. The report is based on an analysis of over 101 million

React to this headline:

Only 2-5% of application security alerts require immediate action Read More »

The rise of DAST 2.0 in 2025

Application Security, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, security testing, StackHawk / SecurityTicks

The rise of DAST 2.0 in 2025 2025-03-18 at 18:02 By Help Net Security Static Application Security Testing (SAST) found favor among security teams as an easy way to deploy security testing without really engaging developers. With the ability to analyze source code early in the software delivery lifecycle, SAST solutions offered a more proactive

React to this headline:

The rise of DAST 2.0 in 2025 Read More »

Google Releases Major Update for Open Source Vulnerability Scanner

Application Security, Google, open source, OSV-Scanner, scanner / SecurityTicks

Google Releases Major Update for Open Source Vulnerability Scanner 2025-03-18 at 18:02 By Ionut Arghire Google has integrated OSV-SCALIBR features into OSV-Scanner, its free vulnerability scanner for open source developers. The post Google Releases Major Update for Open Source Vulnerability Scanner appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Google Releases Major Update for Open Source Vulnerability Scanner Read More »

Popular GitHub Action Targeted in Supply Chain Attack

Application Security, Featured, GitHub, GitHub actions, supply chain, Supply Chain Security / SecurityTicks

Popular GitHub Action Targeted in Supply Chain Attack 2025-03-17 at 12:04 By Eduard Kovacs The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack. The post Popular GitHub Action Targeted in Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Sola Security Deposits Hefty $30M Seed Funding

Application Security, DevSecOps, Funding/M&A, nocode, seed funding, Sola Security / SecurityTicks

Sola Security Deposits Hefty $30M Seed Funding 2025-03-11 at 14:08 By SecurityWeek News The financing was provided by S Capital and investor Mike Moritz, S32, Glilot Capital Partners, and several angel investors. The post Sola Security Deposits Hefty $30M Seed Funding appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Sola Security Deposits Hefty $30M Seed Funding Read More »

OpenSSF Releases Security Baseline for Open Source Projects

Application Security, open source, OpenSSF, OSPS Baseline / SecurityTicks

OpenSSF Releases Security Baseline for Open Source Projects 2025-02-26 at 13:45 By Eduard Kovacs The Open Source Security Foundation (OpenSSF) has created a structured set of security requirements for open source projects. The post OpenSSF Releases Security Baseline for Open Source Projects appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

OpenSSF Releases Security Baseline for Open Source Projects Read More »

MirrorTab Raises $8.5M Seed Round to Take on Browser-Based Attacks

Application Security, botnet, Enterprise Browser, Fraud Detection, Funding/M&A, MirrorTab, seed-stage / SecurityTicks

MirrorTab Raises $8.5M Seed Round to Take on Browser-Based Attacks 2025-02-18 at 19:03 By Ryan Naraine San Francisco startup secures $8.5 million in seed funding led by Valley Capital Partners to tackle browser-based malware attacks. The post MirrorTab Raises $8.5M Seed Round to Take on Browser-Based Attacks appeared first on SecurityWeek. This article is an

React to this headline:

MirrorTab Raises $8.5M Seed Round to Take on Browser-Based Attacks Read More »

Semgrep Raises $100M for AI-Powered Code Security Platform

Application Security, Funding/M&A, Menlo Ventures, Opengrep, Semgrep / SecurityTicks

Semgrep Raises $100M for AI-Powered Code Security Platform 2025-02-06 at 00:03 By SecurityWeek News San Francisco application security startup raises $100 million in a Series D funding round led by Menlo Ventures. The post Semgrep Raises $100M for AI-Powered Code Security Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Semgrep Raises $100M for AI-Powered Code Security Platform Read More »

How Agentic AI will be Weaponized for Social Engineering Attacks

agentic AI, Application Security, artificial inteligence, cybercrime / SecurityTicks

How Agentic AI will be Weaponized for Social Engineering Attacks 2025-02-05 at 18:30 By Stu Sjouwerman With each passing year, social engineering attacks are becoming bigger and bolder thanks to rapid advancements in artificial intelligence. The post How Agentic AI will be Weaponized for Social Engineering Attacks appeared first on SecurityWeek. This article is an

React to this headline:

How Agentic AI will be Weaponized for Social Engineering Attacks Read More »

Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms

abandoned domains, Application Security, AWS, WatchTowr / SecurityTicks

Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms 2025-02-05 at 14:50 By Eduard Kovacs 150 abandoned Amazon S3 buckets could have been leveraged to deliver malware or backdoors to governments and Fortune companies. The post Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms appeared first on SecurityWeek. This article is an

React to this headline:

Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms Read More »

Oligo Raises $50M to Tackle Application Detection and Response

Application Security, appsec, Funding/M&A, Greenfield Partners, Israel, Oligo, Series B / SecurityTicks

Oligo Raises $50M to Tackle Application Detection and Response 2025-01-29 at 17:35 By Ionut Arghire Oligo Security has raised $50 million in Series B funding for its application detection and response (ADR) platform. The post Oligo Raises $50M to Tackle Application Detection and Response appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Oligo Raises $50M to Tackle Application Detection and Response Read More »

Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST

Application Security, open source, Opengrep, Supply Chain Security / SecurityTicks

Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST 2025-01-27 at 17:20 By Kevin Townsend Opengrep is a new consortium-backed fork of Semgrep, intended to be and remain a true genuine OSS SAST tool. The post Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST appeared first on SecurityWeek. This article

React to this headline:

Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST Read More »

CISOs don’t invest enough in code security

Application Security, code, cybersecurity, Cycode, generative AI, News, report, survey / SecurityTicks

CISOs don’t invest enough in code security 2025-01-02 at 06:34 By Help Net Security 72% of security leaders agree that the age of AI necessitates a complete reset of how organizations approach application security, according to Cycode. This urgency is reinforced by the fact that 93 billion lines of code were generated in the past

React to this headline:

CISOs don’t invest enough in code security Read More »