Application Security

OpenSSF Releases Security Baseline for Open Source Projects

Application Security, open source, OpenSSF, OSPS Baseline /

OpenSSF Releases Security Baseline for Open Source Projects 2025-02-26 at 13:45 By Eduard Kovacs The Open Source Security Foundation (OpenSSF) has created a structured set of security requirements for open source projects. The post OpenSSF Releases Security Baseline for Open Source Projects appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original […]

React to this headline:

Loading spinner

OpenSSF Releases Security Baseline for Open Source Projects Read More »

MirrorTab Raises $8.5M Seed Round to Take on Browser-Based Attacks

Application Security, botnet, Enterprise Browser, Fraud Detection, Funding/M&A, MirrorTab, seed-stage /

MirrorTab Raises $8.5M Seed Round to Take on Browser-Based Attacks 2025-02-18 at 19:03 By Ryan Naraine San Francisco startup secures $8.5 million in seed funding led by Valley Capital Partners to tackle browser-based malware attacks. The post MirrorTab Raises $8.5M Seed Round to Take on Browser-Based Attacks appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

MirrorTab Raises $8.5M Seed Round to Take on Browser-Based Attacks Read More »

Semgrep Raises $100M for AI-Powered Code Security Platform

Application Security, Funding/M&A, Menlo Ventures, Opengrep, Semgrep /

Semgrep Raises $100M for AI-Powered Code Security Platform 2025-02-06 at 00:03 By SecurityWeek News San Francisco application security startup raises $100 million in a Series D funding round led by Menlo Ventures.  The post Semgrep Raises $100M for AI-Powered Code Security Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Semgrep Raises $100M for AI-Powered Code Security Platform Read More »

How Agentic AI will be Weaponized for Social Engineering Attacks

agentic AI, Application Security, artificial inteligence, cybercrime /

How Agentic AI will be Weaponized for Social Engineering Attacks 2025-02-05 at 18:30 By Stu Sjouwerman With each passing year, social engineering attacks are becoming bigger and bolder thanks to rapid advancements in artificial intelligence. The post How Agentic AI will be Weaponized for Social Engineering Attacks appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

How Agentic AI will be Weaponized for Social Engineering Attacks Read More »

Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms

abandoned domains, Application Security, AWS, WatchTowr /

Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms 2025-02-05 at 14:50 By Eduard Kovacs 150 abandoned Amazon S3 buckets could have been leveraged to deliver malware or backdoors to governments and Fortune companies. The post Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms Read More »

Oligo Raises $50M to Tackle Application Detection and Response

Application Security, appsec, Funding/M&A, Greenfield Partners, Israel, Oligo, Series B /

Oligo Raises $50M to Tackle Application Detection and Response 2025-01-29 at 17:35 By Ionut Arghire Oligo Security has raised $50 million in Series B funding for its application detection and response (ADR) platform. The post Oligo Raises $50M to Tackle Application Detection and Response appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Oligo Raises $50M to Tackle Application Detection and Response Read More »

Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST

Application Security, open source, Opengrep, Supply Chain Security /

Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST 2025-01-27 at 17:20 By Kevin Townsend Opengrep is a new consortium-backed fork of Semgrep, intended to be and remain a true genuine OSS SAST tool. The post Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST Read More »

CISOs don’t invest enough in code security

Application Security, code, cybersecurity, Cycode, generative AI, News, report, survey /

CISOs don’t invest enough in code security 2025-01-02 at 06:34 By Help Net Security 72% of security leaders agree that the age of AI necessitates a complete reset of how organizations approach application security, according to Cycode. This urgency is reinforced by the fact that 93 billion lines of code were generated in the past

React to this headline:

Loading spinner

CISOs don’t invest enough in code security Read More »

Tackling software vulnerabilities with smarter developer strategies

Application Security, code, cybersecurity, Don't miss, Endor Labs, Features, Hot stuff, News, opinion, software, web application security /

Tackling software vulnerabilities with smarter developer strategies 2024-12-13 at 07:03 By Mirko Zorz In this Help Net Security interview, Karl Mattson, CISO at Endor Labs, discusses strategies for enhancing secure software development. Mattson covers how developers can address vulnerabilities in complex systems, ways organizations can better support secure coding practices, and the role of languages

React to this headline:

Loading spinner

Tackling software vulnerabilities with smarter developer strategies Read More »

Choosing the right secure messaging app for your organization

Application Security, Artificial Intelligence, attacks, automation, cybersecurity, Don't miss, Encryption, Features, Hot stuff, messaging, News, opinion, Rakuten Viber /

Choosing the right secure messaging app for your organization 2024-11-27 at 07:18 By Mirko Zorz In this Help Net Security interview, Liad Shnell, CTO at Rakuten Viber, discusses what organizations should look for in secure messaging apps, including encryption, privacy standards, and ease of integration. Shnell also covers the need for a multi-layered approach to

React to this headline:

Loading spinner

Choosing the right secure messaging app for your organization Read More »

Microsoft announces new and improved Windows 11 security features

Application Security, Data Protection, Don't miss, Hot stuff, Microsoft, News, privileged accounts, Windows /

Microsoft announces new and improved Windows 11 security features 2024-11-19 at 21:04 By Zeljka Zorz Microsoft has implemented some and is working on delivering several other security-related features and improvements for Windows 11. Administrator protection will allow users to make system changes on their PCs without having administrator rights (that can be abused by attackers

React to this headline:

Loading spinner

Microsoft announces new and improved Windows 11 security features Read More »

Transforming code scanning and threat detection with GenAI

Application Security, Artificial Intelligence, code, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Qwiet AI, scanning /

Transforming code scanning and threat detection with GenAI 2024-11-18 at 07:33 By Mirko Zorz In this Help Net Security interview, Stuart McClure, CEO of Qwiet AI, discusses the evolution of code scanning practices, highlighting the shift from reactive fixes to proactive risk management. McClure also shares his perspective on the future of AI-driven code scanning,

React to this headline:

Loading spinner

Transforming code scanning and threat detection with GenAI Read More »

Critical vulnerabilities persist in high-risk sectors

Application Security, Black Duck, News, report, software, survey, vulnerability assessment /

Critical vulnerabilities persist in high-risk sectors 2024-11-15 at 06:38 By Help Net Security Finance and insurance sectors found to have the highest number of critical vulnerabilities, according to Black Duck. Finance and insurance industry faces highest vulnerabilities The report, which analyzes data from over 200,000 dynamic application security testing (DAST) scans conducted by Black Duck

React to this headline:

Loading spinner

Critical vulnerabilities persist in high-risk sectors Read More »

Google launches on-device AI to alert Android users of scam calls in real-time

Android, Application Security, Artificial Intelligence, cybersecurity, Google, News, scams, threat detection /

Google launches on-device AI to alert Android users of scam calls in real-time 2024-11-14 at 15:04 By Anamarija Pogorelec Google has announced new security features for Android that provide real-time protection against scams and harmful apps. These features, powered by advanced on-device AI, enhance user safety without compromising privacy. These new security features are available

React to this headline:

Loading spinner

Google launches on-device AI to alert Android users of scam calls in real-time Read More »

Evaluating your organization’s application risk management journey

Application Security, automation, CISO, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Risk Management, strategy, supply chain, Veracode /

Evaluating your organization’s application risk management journey 2024-11-12 at 07:33 By Mirko Zorz In this Help Net Security interview, Chris Wysopal, Chief Security Evangelist at Veracode, discusses strategies for CISOs to quantify application risk in financial terms. Wysopal outlines the need for continuous risk management practices and robust strategies to manage third-party software dependencies, ensuring

React to this headline:

Loading spinner

Evaluating your organization’s application risk management journey Read More »

AI learning mechanisms may lead to increase in codebase leaks

Application Security, code, CyberArk, cybersecurity, digital transformation, GitGuardian, News, report, survey /

AI learning mechanisms may lead to increase in codebase leaks 2024-11-05 at 06:03 By Help Net Security The proliferation of non-human identities and the complexity of modern application architectures has created significant security challenges, particularly in managing sensitive credentials, according to GitGuardian. Based on a survey of 1,000 IT decision-makers in organizations with over 500

React to this headline:

Loading spinner

AI learning mechanisms may lead to increase in codebase leaks Read More »

50% of financial orgs have high-severity security flaws in their apps

Application Security, code, cybersecurity, News, report, software, survey, Veracode /

50% of financial orgs have high-severity security flaws in their apps 2024-11-01 at 08:03 By Help Net Security Security debt, defined for this report as flaws that remain unfixed for longer than a year, exists in 76% of organizations in the financial services sector, with 50% of organizations carrying critical security debt, according to Veracode.

React to this headline:

Loading spinner

50% of financial orgs have high-severity security flaws in their apps Read More »

2024 Election Threats: Misinformation, Deepfakes, and Cybersecurity

Application Security, email security, Government, Threat Intelligence /

2024 Election Threats: Misinformation, Deepfakes, and Cybersecurity 2024-09-27 at 16:01 By Karl Sigler As the intensity of a critical election year builds, the greatest threat isn’t necessarily the security of ballot machines. Instead, it lies in misinformation, amplified by social media, biased algorithms, and the spread of fake news. During the 2020 U.S. presidential election,

React to this headline:

Loading spinner

2024 Election Threats: Misinformation, Deepfakes, and Cybersecurity Read More »

DefectDojo Raises $7 Million for Application Security Platform

Application Security, Cybersecurity Funding, DefectDojo, funding /

DefectDojo Raises $7 Million for Application Security Platform 2024-09-25 at 17:46 By Ionut Arghire Application security and vulnerability management platform DefectDojo has raised $7 million in Series A funding. The post DefectDojo Raises $7 Million for Application Security Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

DefectDojo Raises $7 Million for Application Security Platform Read More »

Software Security Firm RunSafe Raises $12 Million in Series B Funding

Application Security, Cybersecurity Funding, funding, RunSafe, supply chain /

Software Security Firm RunSafe Raises $12 Million in Series B Funding 2024-09-17 at 17:34 By Eduard Kovacs RunSafe Security has raised $12 million in a Series B funding round for a solution designed to help companies develop secure software. The post Software Security Firm RunSafe Raises $12 Million in Series B Funding appeared first on

React to this headline:

Loading spinner

Software Security Firm RunSafe Raises $12 Million in Series B Funding Read More »

Scroll to Top