The rise of DAST 2.0 in 2025 2025-03-18 at 18:02 By Help Net Security Static Application Security Testing (SAST) found favor among security teams as an easy way to deploy security testing without really engaging developers. With the ability to analyze source code early in the software delivery lifecycle, SAST solutions offered a more proactive […]
React to this headline:
The rise of DAST 2.0 in 2025 Read More »
Google Releases Major Update for Open Source Vulnerability Scanner 2025-03-18 at 18:02 By Ionut Arghire Google has integrated OSV-SCALIBR features into OSV-Scanner, its free vulnerability scanner for open source developers. The post Google Releases Major Update for Open Source Vulnerability Scanner appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
React to this headline:
Google Releases Major Update for Open Source Vulnerability Scanner Read More »
Popular GitHub Action Targeted in Supply Chain Attack 2025-03-17 at 12:04 By Eduard Kovacs The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack. The post Popular GitHub Action Targeted in Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
React to this headline:
Popular GitHub Action Targeted in Supply Chain Attack Read More »
Sola Security Deposits Hefty $30M Seed Funding 2025-03-11 at 14:08 By SecurityWeek News The financing was provided by S Capital and investor Mike Moritz, S32, Glilot Capital Partners, and several angel investors. The post Sola Security Deposits Hefty $30M Seed Funding appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
React to this headline:
Sola Security Deposits Hefty $30M Seed Funding Read More »
OpenSSF Releases Security Baseline for Open Source Projects 2025-02-26 at 13:45 By Eduard Kovacs The Open Source Security Foundation (OpenSSF) has created a structured set of security requirements for open source projects. The post OpenSSF Releases Security Baseline for Open Source Projects appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
React to this headline:
OpenSSF Releases Security Baseline for Open Source Projects Read More »
MirrorTab Raises $8.5M Seed Round to Take on Browser-Based Attacks 2025-02-18 at 19:03 By Ryan Naraine San Francisco startup secures $8.5 million in seed funding led by Valley Capital Partners to tackle browser-based malware attacks. The post MirrorTab Raises $8.5M Seed Round to Take on Browser-Based Attacks appeared first on SecurityWeek. This article is an
React to this headline:
MirrorTab Raises $8.5M Seed Round to Take on Browser-Based Attacks Read More »
Semgrep Raises $100M for AI-Powered Code Security Platform 2025-02-06 at 00:03 By SecurityWeek News San Francisco application security startup raises $100 million in a Series D funding round led by Menlo Ventures. The post Semgrep Raises $100M for AI-Powered Code Security Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
React to this headline:
Semgrep Raises $100M for AI-Powered Code Security Platform Read More »
How Agentic AI will be Weaponized for Social Engineering Attacks 2025-02-05 at 18:30 By Stu Sjouwerman With each passing year, social engineering attacks are becoming bigger and bolder thanks to rapid advancements in artificial intelligence. The post How Agentic AI will be Weaponized for Social Engineering Attacks appeared first on SecurityWeek. This article is an
React to this headline:
How Agentic AI will be Weaponized for Social Engineering Attacks Read More »
Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms 2025-02-05 at 14:50 By Eduard Kovacs 150 abandoned Amazon S3 buckets could have been leveraged to deliver malware or backdoors to governments and Fortune companies. The post Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms appeared first on SecurityWeek. This article is an
React to this headline:
Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms Read More »
Oligo Raises $50M to Tackle Application Detection and Response 2025-01-29 at 17:35 By Ionut Arghire Oligo Security has raised $50 million in Series B funding for its application detection and response (ADR) platform. The post Oligo Raises $50M to Tackle Application Detection and Response appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
React to this headline:
Oligo Raises $50M to Tackle Application Detection and Response Read More »
Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST 2025-01-27 at 17:20 By Kevin Townsend Opengrep is a new consortium-backed fork of Semgrep, intended to be and remain a true genuine OSS SAST tool. The post Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST appeared first on SecurityWeek. This article
React to this headline:
Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST Read More »
CISOs don’t invest enough in code security 2025-01-02 at 06:34 By Help Net Security 72% of security leaders agree that the age of AI necessitates a complete reset of how organizations approach application security, according to Cycode. This urgency is reinforced by the fact that 93 billion lines of code were generated in the past
React to this headline:
CISOs don’t invest enough in code security Read More »
Tackling software vulnerabilities with smarter developer strategies 2024-12-13 at 07:03 By Mirko Zorz In this Help Net Security interview, Karl Mattson, CISO at Endor Labs, discusses strategies for enhancing secure software development. Mattson covers how developers can address vulnerabilities in complex systems, ways organizations can better support secure coding practices, and the role of languages
React to this headline:
Tackling software vulnerabilities with smarter developer strategies Read More »
Choosing the right secure messaging app for your organization 2024-11-27 at 07:18 By Mirko Zorz In this Help Net Security interview, Liad Shnell, CTO at Rakuten Viber, discusses what organizations should look for in secure messaging apps, including encryption, privacy standards, and ease of integration. Shnell also covers the need for a multi-layered approach to
React to this headline:
Choosing the right secure messaging app for your organization Read More »
Microsoft announces new and improved Windows 11 security features 2024-11-19 at 21:04 By Zeljka Zorz Microsoft has implemented some and is working on delivering several other security-related features and improvements for Windows 11. Administrator protection will allow users to make system changes on their PCs without having administrator rights (that can be abused by attackers
React to this headline:
Microsoft announces new and improved Windows 11 security features Read More »
Transforming code scanning and threat detection with GenAI 2024-11-18 at 07:33 By Mirko Zorz In this Help Net Security interview, Stuart McClure, CEO of Qwiet AI, discusses the evolution of code scanning practices, highlighting the shift from reactive fixes to proactive risk management. McClure also shares his perspective on the future of AI-driven code scanning,
React to this headline:
Transforming code scanning and threat detection with GenAI Read More »
Critical vulnerabilities persist in high-risk sectors 2024-11-15 at 06:38 By Help Net Security Finance and insurance sectors found to have the highest number of critical vulnerabilities, according to Black Duck. Finance and insurance industry faces highest vulnerabilities The report, which analyzes data from over 200,000 dynamic application security testing (DAST) scans conducted by Black Duck
React to this headline:
Critical vulnerabilities persist in high-risk sectors Read More »
Google launches on-device AI to alert Android users of scam calls in real-time 2024-11-14 at 15:04 By Anamarija Pogorelec Google has announced new security features for Android that provide real-time protection against scams and harmful apps. These features, powered by advanced on-device AI, enhance user safety without compromising privacy. These new security features are available
React to this headline:
Google launches on-device AI to alert Android users of scam calls in real-time Read More »
Evaluating your organization’s application risk management journey 2024-11-12 at 07:33 By Mirko Zorz In this Help Net Security interview, Chris Wysopal, Chief Security Evangelist at Veracode, discusses strategies for CISOs to quantify application risk in financial terms. Wysopal outlines the need for continuous risk management practices and robust strategies to manage third-party software dependencies, ensuring
React to this headline:
Evaluating your organization’s application risk management journey Read More »
AI learning mechanisms may lead to increase in codebase leaks 2024-11-05 at 06:03 By Help Net Security The proliferation of non-human identities and the complexity of modern application architectures has created significant security challenges, particularly in managing sensitive credentials, according to GitGuardian. Based on a survey of 1,000 IT decision-makers in organizations with over 500
React to this headline:
AI learning mechanisms may lead to increase in codebase leaks Read More »