Application Security

50% of financial orgs have high-severity security flaws in their apps

Application Security, code, cybersecurity, News, report, software, survey, Veracode /

50% of financial orgs have high-severity security flaws in their apps 2024-11-01 at 08:03 By Help Net Security Security debt, defined for this report as flaws that remain unfixed for longer than a year, exists in 76% of organizations in the financial services sector, with 50% of organizations carrying critical security debt, according to Veracode. […]

React to this headline:

Loading spinner

50% of financial orgs have high-severity security flaws in their apps Read More »

2024 Election Threats: Misinformation, Deepfakes, and Cybersecurity

Application Security, email security, Government, Threat Intelligence /

2024 Election Threats: Misinformation, Deepfakes, and Cybersecurity 2024-09-27 at 16:01 By Karl Sigler As the intensity of a critical election year builds, the greatest threat isn’t necessarily the security of ballot machines. Instead, it lies in misinformation, amplified by social media, biased algorithms, and the spread of fake news. During the 2020 U.S. presidential election,

React to this headline:

Loading spinner

2024 Election Threats: Misinformation, Deepfakes, and Cybersecurity Read More »

DefectDojo Raises $7 Million for Application Security Platform

Application Security, Cybersecurity Funding, DefectDojo, funding /

DefectDojo Raises $7 Million for Application Security Platform 2024-09-25 at 17:46 By Ionut Arghire Application security and vulnerability management platform DefectDojo has raised $7 million in Series A funding. The post DefectDojo Raises $7 Million for Application Security Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

DefectDojo Raises $7 Million for Application Security Platform Read More »

Software Security Firm RunSafe Raises $12 Million in Series B Funding

Application Security, Cybersecurity Funding, funding, RunSafe, supply chain /

Software Security Firm RunSafe Raises $12 Million in Series B Funding 2024-09-17 at 17:34 By Eduard Kovacs RunSafe Security has raised $12 million in a Series B funding round for a solution designed to help companies develop secure software. The post Software Security Firm RunSafe Raises $12 Million in Series B Funding appeared first on

React to this headline:

Loading spinner

Software Security Firm RunSafe Raises $12 Million in Series B Funding Read More »

Compliance frameworks and GenAI: The Wild West of security standards

Application Security, automation, Compliance, cybersecurity, Don't miss, Features, generative AI, Hot stuff, News, opinion, penetration testing, regulation, software, SplxAI /

Compliance frameworks and GenAI: The Wild West of security standards 2024-09-16 at 07:01 By Mirko Zorz In this Help Net Security interview, Kristian Kamber, CEO at SplxAI, discusses how security challenges for GenAI differ from traditional software. Unlike predictable software, GenAI introduces dynamic, evolving threats, requiring new strategies for defense and compliance. Kamber highlights the

React to this headline:

Loading spinner

Compliance frameworks and GenAI: The Wild West of security standards Read More »

Operant AI Lands $10M Investment to Boost Runtime Protection for Cloud and AI

AI, Application Security, Funding/M&A, Operant AI, Series A /

Operant AI Lands $10M Investment to Boost Runtime Protection for Cloud and AI 2024-09-12 at 20:31 By Ryan Naraine Operant AI, a startup specializing in runtime protection for cloud applications, APIs, and AI systems, secures new $10 million investment. The post Operant AI Lands $10M Investment to Boost Runtime Protection for Cloud and AI appeared

React to this headline:

Loading spinner

Operant AI Lands $10M Investment to Boost Runtime Protection for Cloud and AI Read More »

When Convenience Costs: CISOs Struggle With SaaS Security Oversight

Application Security, CISO, CISO Strategy, cloud security, SaaS /

When Convenience Costs: CISOs Struggle With SaaS Security Oversight 2024-08-27 at 16:31 By Kevin Townsend SaaS applications are so easy to use, the decision, and the deployment, is sometimes undertaken by the business unit user with little reference to, nor oversight from, the security team. The post When Convenience Costs: CISOs Struggle With SaaS Security

React to this headline:

Loading spinner

When Convenience Costs: CISOs Struggle With SaaS Security Oversight Read More »

How Exceptional CISOs Are Igniting the Security Fire in Their Development Team

Application Security, CISO, CISO Strategy, DevSecOps, Vulnerabilities /

How Exceptional CISOs Are Igniting the Security Fire in Their Development Team 2024-08-20 at 14:16 By Matias Madou For years, many CISOs have struggled to influence their development cohort on the importance of putting security first. The post How Exceptional CISOs Are Igniting the Security Fire in Their Development Team appeared first on SecurityWeek. This

React to this headline:

Loading spinner

How Exceptional CISOs Are Igniting the Security Fire in Their Development Team Read More »

AI for application security: Balancing automation with human oversight

AlgoSec, Application Security, CISO, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, strategy, tips /

AI for application security: Balancing automation with human oversight 2024-08-20 at 07:01 By Mirko Zorz In this Help Net Security interview, Kyle Wickert, Worldwide Strategic Architect at AlgoSec, discusses the role of AI in application security, exploring how it’s transforming threat detection and response. Wickert talks about integrating security testing throughout the development lifecycle, the

React to this headline:

Loading spinner

AI for application security: Balancing automation with human oversight Read More »

GitHub Makes Copilot Autofix Generally Available

Application Security, Copilot, GitHub, vulnerability /

GitHub Makes Copilot Autofix Generally Available 2024-08-15 at 12:16 By Ionut Arghire GitHub has made AI-powered Copilot Autofix generally available to help developers fix code vulnerabilities faster. The post GitHub Makes Copilot Autofix Generally Available appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

GitHub Makes Copilot Autofix Generally Available Read More »

Homebrew Security Audit Finds 25 Vulnerabilities

Application Security, audit, Homebrew, Vulnerabilities, vulnerability /

Homebrew Security Audit Finds 25 Vulnerabilities 2024-08-01 at 15:16 By Ionut Arghire Vulnerabilities in Homebrew could have allowed attackers to load executable code and modify binary builds, security audit finds. The post Homebrew Security Audit Finds 25 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Homebrew Security Audit Finds 25 Vulnerabilities Read More »

Millions of Websites Susceptible XSS Attack via OAuth Implementation Flaw

Application Security, Featured, OAuth, Vulnerabilities, XSS /

Millions of Websites Susceptible XSS Attack via OAuth Implementation Flaw 2024-07-29 at 15:16 By Kevin Townsend Researchers discovered and published details of an XSS attack that could potentially impact millions of websites around the world. The post Millions of Websites Susceptible XSS Attack via OAuth Implementation Flaw appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Millions of Websites Susceptible XSS Attack via OAuth Implementation Flaw Read More »

Application Security Startup Heeler Raises $8.5 Million in Seed Funding

Application Security, Cybersecurity Funding, funding, seed funding /

Application Security Startup Heeler Raises $8.5 Million in Seed Funding 2024-07-22 at 15:01 By Ionut Arghire Heeler Security has raised $8.5 million in seed funding for its ProductDNA application security technology. The post Application Security Startup Heeler Raises $8.5 Million in Seed Funding appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Application Security Startup Heeler Raises $8.5 Million in Seed Funding Read More »

Judge Dismisses Major SEC Charges Against SolarWinds and CISO 

Application Security, CISO, CISO Strategy, Nation-State, SolarWinds, SUNBURST, Supply Chain Security /

Judge Dismisses Major SEC Charges Against SolarWinds and CISO  2024-07-20 at 00:31 By Ryan Naraine Judge dismissed SEC lawsuit charging SolarWinds and CISO Timothy Brown with hiding security problems before and after the SUNBURST supply chain compromise. The post Judge Dismisses Major SEC Charges Against SolarWinds and CISO  appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Judge Dismisses Major SEC Charges Against SolarWinds and CISO  Read More »

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency

Application Security, attack surface management, CISA, Government, Incident Response, red team, spear-phishing /

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency 2024-07-12 at 17:31 By Ionut Arghire CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization. The post CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency appeared first on SecurityWeek.

React to this headline:

Loading spinner

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency Read More »

SAP Patches High-Severity Vulnerabilities in PDCE, Commerce

Application Security, Patch Tuesday, SAP, Vulnerabilities /

SAP Patches High-Severity Vulnerabilities in PDCE, Commerce 2024-07-09 at 20:22 By Ionut Arghire Patch Tuesday: Enterprise software vendor SAP releases patches for high-severity vulnerabilities in multiple products and tools. The post SAP Patches High-Severity Vulnerabilities in PDCE, Commerce appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

SAP Patches High-Severity Vulnerabilities in PDCE, Commerce Read More »

Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks 

Application Security, Vulnerabilities, vulnerability /

Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks  2024-07-02 at 16:31 By Ionut Arghire EVA Information Security has shared details on three CocoaPods vulnerabilities impacting millions of macOS and iOS applications. The post Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks  appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks  Read More »

PortSwigger Scores Hefty $112 Million Investment

Application Security, Brighton Park, Burp Suite, Funding/M&A, penetration testing, PortSwigger /

PortSwigger Scores Hefty $112 Million Investment 2024-07-01 at 21:46 By SecurityWeek News The British company behind the popular Burp Suite pen-test utilities has banked a massive $112 million investment from Brighton Park Capital. The post PortSwigger Scores Hefty $112 Million Investment appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

PortSwigger Scores Hefty $112 Million Investment Read More »

US, Allies Warn of Memory Unsafety Risks in Open Source Software

Application Security, CISA, guidance, open source, source code /

US, Allies Warn of Memory Unsafety Risks in Open Source Software 2024-06-27 at 17:01 By Ionut Arghire Most critical open source software contains code written in a memory unsafe language, US, Australian, and Canadian government agencies warn. The post US, Allies Warn of Memory Unsafety Risks in Open Source Software appeared first on SecurityWeek. This

React to this headline:

Loading spinner

US, Allies Warn of Memory Unsafety Risks in Open Source Software Read More »

‘Phantom’ Source Code Secrets Haunt Major Organizations

Application Security, Data leak, source code /

‘Phantom’ Source Code Secrets Haunt Major Organizations 2024-06-27 at 13:01 By Ionut Arghire Aqua Security shows that code in repositories remains accessible even after being deleted or overwritten, continuing to leak secrets. The post ‘Phantom’ Source Code Secrets Haunt Major Organizations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

‘Phantom’ Source Code Secrets Haunt Major Organizations Read More »

Scroll to Top