Tag: application security
Apiiro Guardian Agent Prevents AI Models From Generating Insecure Code
Mike Vizard | | AI code security, AI coding tools, application security, devsecops, prompt rewriting, secure SDLC, vulnerability preventionApiiro launches Guardian Agent, an AI security agent that rewrites prompts in real time to prevent insecure code from ever being generated, reducing vulnerabilities without slowing developers ...
Survey Sees Wider Adoption of AI Coding Tools Creating More DevOps Challenges
Mike Vizard | | AI coding tools, AI productivity, application security, ChatGPT, Code Generation, code review, coding automation, developer survey, devops challenges, GitHub Copilot, sensitive data exposure.Survey reveals 72% of developers use AI coding tools daily, generating 42% of code with AI. Trust issues persist, with 96% doubting AI code correctness ...
Checkmarx Acquisition of Tromzo Accelerates Plan to Apply AI to Application Security
Mike Vizard | | AI agents, AI in cybersecurity, AI-powered security, application security, Application Security Posture Management, ASPM, DAST, devsecops, devsecops automation, SAST, SCA, SDLC security, secure software development lifecycle, Software Supply Chain Security, zero-day vulnerabilitiesCheckmarx accelerates its AI-driven DevSecOps strategy after acquiring Tromzo, integrating AI agents to automate application security across the software development lifecycle ...
How to Escape the Talent Valley
Dustin Lehr | | ai, AI Governance, AI in software development, application security, developer careers, devsecopsAcross the tech industry a disconcerting trend is emerging, job losses at the hand of a seemingly more efficient and cost-effective employee, artificial intelligence (AI). Software developers in particular have felt the ...
Endor Labs Adds AI SAST Tool to Discover Vulnerabilities in Code
Mike Vizard | | agentic AI, AI code analysis, AI coding tools, application security, broken access control, code scanning, code security, developer security tools, devsecops, false positives reduction, LLM code vulnerabilities, multimodal static analysis, OWASP Top 10, secure design, Software Supply Chain Security, Static Application Security TestingEndor Labs launches an agentic AI-powered SAST tool that drastically reduces false positives, identifies deeper code flaws and helps DevSecOps teams secure AI-generated code across 40+ languages ...
JFrog Adds Ability to Track Usage of AI Coding Tools
Mike Vizard | | AI API management, AI code auditing, AI coding tools, AI compliance tracking, AI Governance, AI in DevOps, AI model inventory, AI risk mitigation, AI-generated code, application security, code risk detection, devsecops, Large Language Models, LLM security, MLOps, SCA, secure coding practices, Shadow AI detection, software composition analysis, software provenance, Software Supply Chain Security, software vulnerabilities, source code scanningJFrog introduces AI-Generated Code Detection and Shadow AI Detection tools to identify AI-created code, track model usage, and enhance DevSecOps governance across software supply chains ...
Establishing Visibility and Governance for Your Software Supply Chain
Parth Patel | | application security, asset visibility, attack surface management, build-time security, Cloud Governance, context-aware security, cybersecurity governance, dependency tracking, eBPF runtime analysis, Kubernetes Gatekeeper, Log4Shell, open source security, provenance attestation, risk reduction, SBoM, SBOM automation, secure software development, SLSA, software bill of materials, software provenance, Software Supply Chain Security, supply chain risk, Third-party Dependencies, VEX, vulnerability management, vulnerability prioritizationAsset visibility and cloud governance start with SBOMs, VEX, and provenance tracking. Learn how to secure your software supply chain ...
What Makes Vulnerability Scanning Effective in Fast-Moving DevSecOps Pipelines Today?Â
Emily Amanda | | application security, CI/CD security, context-aware scanning, developer-friendly security, DevOps security integration, devsecops, modern security tools, noise reduction in alerts, real-time scanning, Secure software delivery, security feedback loop, security in pipelines, software vulnerabilities, vulnerability management metrics, vulnerability scanningTraditional vulnerability scanning can’t keep pace with CI/CD. Learn how real-time, context-aware scanning reduces noise, speeds fixes, and enables secure DevSecOps at scale ...
Qwiet AI Extends Microsoft Support in Platform for Fixing Vulnerabilities
Mike Vizard | | AI agents, AI coding tools, application security, AutoFix, Azure Boards, Azure DevOps, devsecops, github, SARIF, SAST, software security, Swift, vulnerability remediationQwiet AI extends its AI-driven application security platform with deeper Microsoft DevOps integrations, enhanced automation, and expanded AutoFix capabilities to proactively remediate code vulnerabilities ...
Minimus Adds VEX Support to Managed Hardened Images Service
Minimus has extended its managed service for providing application developers with hardened images to include support for the Vulnerability Exploittability eXchange (VEX) format used to share data across multiple application security tools ...
DryRun Security Defines Application Security Policies Using Natural Language
DryRun Security today added an ability to use natural language to define and enforce application security policies as application developers build software ...
DefectDojo Adds Ability to Normalize DevSecOps Data to ASPM Platform
DefectDojo today added a universal parser to its application security posture management platform (ASPM) that makes it possible to normalize data ingested from any DevSecOps tools and platforms that expose data in ...
