Tag: application security
Agentic DevSecOps: AI Security Co-Pilots for Your CI/CD Pipeline
Joydip Kanjilal | | agentic AI, AI copilots, AI Governance, AI incident response, AI pipeline management, AI security, AI security agents, AI threat detection, AI vulnerability scanning, AI-driven security, AI-powered DevSecOps, application security, autonomous AI agents, autonomous security testing, CI/CD security, Cloud Security, continuous security monitoring, cybersecurity automation, devops security, devsecops, devsecops automation, infrastructure security, intelligent automation, real-time threat intelligence, SDLC security, Secure software delivery, security automation, security operations, security orchestration, security posture management, software development lifecycle, software security, threat remediationThe emergence of AI has brought endless possibilities and innovative opportunities in today’s ever-changing, fast-paced technology landscape. AI is helping development teams produce software significantly faster than ever before. AI-enabled DevSecOps tools ...
AI-Generated Apps Without DevOps: A Security Disaster Waiting to Happen
Sannan Ali | | AI coding assistants, application security, CI/CD security, devops, Software Supply ChainA small internal tool was built over a weekend. An engineer used an AI coding assistant to generate most of the backend. A simple interface was added, a few API calls were ...
Beyond the Build: Integrating Security into CI/CD Pipelines
In today's fast-paced software development landscape, Continuous Integration and Continuous Deployment (CI/CD) pipelines are essential for delivering applications efficiently. However, the speed and automation they offer can inadvertently introduce security vulnerabilities if ...
Chainguard Expands Repository to Add More Secure Open Source Libraries
Mike Vizard | | AI agents, application security, dependency layer, devops best practices, DevSecOps practices, Open Source Security Foundation, open source vulnerabilities, secure open source libraries, secure repositories, SLSA framework, software artifacts, software builds, Software Supply Chain SecurityLearn how Chainguard is strengthening software supply chains by expanding its secure repository of Java, JavaScript, and Python libraries, enabling DevOps teams to access components compliant with SLSA framework standards ...
Tool Fragmentation is Breaking Delivery Context — Here’s What Teams are Learning
Arul Watson | | access control, application security, automation, CI/CD pipelines, Cloud Security, credential exposure, Cybersecurity, devsecops, incident response, risk management, secrets management, security best practices, supply chain security, token managementExplore the emerging crisis in application delivery caused by tool fragmentation in modern software development. This article discusses the need for semantic interoperability, context preservation, and a shift from linear pipelines to ...
Secrets Management Failures in CI/CD Pipelines
Johnbosco Ejiofor | | access control, application security, automation, CI/CD pipelines, Cloud Security, credential exposure, Cybersecurity, devsecops, incident response, risk management, secrets management, security best practices, supply chain security, token managementExplore the critical role of secrets management in CI/CD pipelines and its impact on cybersecurity. This article highlights the risks of credential exposure, the importance of implementing strong security practices, and how ...
Rein Security Emerges to Analyze Reachability of Application Vulnerabilities
Mike Vizard | | AI-generated vulnerabilities, API security, application security, continuous vigilance, devsecops, funding, Matan Bar Efrat, performance overhead, security automation, software development, software security testing, vulnerability managementRein Security has emerged from stealth to launch an application security platform capable of determining the reach of a vulnerability based on which libraries and application programming interfaces are actually running in ...
Apiiro Guardian Agent Prevents AI Models From Generating Insecure Code
Mike Vizard | | AI code security, AI coding tools, application security, devsecops, prompt rewriting, secure SDLC, vulnerability preventionApiiro launches Guardian Agent, an AI security agent that rewrites prompts in real time to prevent insecure code from ever being generated, reducing vulnerabilities without slowing developers ...
Survey Sees Wider Adoption of AI Coding Tools Creating More DevOps Challenges
Mike Vizard | | AI coding tools, AI productivity, application security, ChatGPT, Code Generation, code review, coding automation, developer survey, devops challenges, GitHub Copilot, sensitive data exposure.Survey reveals 72% of developers use AI coding tools daily, generating 42% of code with AI. Trust issues persist, with 96% doubting AI code correctness ...
Checkmarx Acquisition of Tromzo Accelerates Plan to Apply AI to Application Security
Mike Vizard | | AI agents, AI in cybersecurity, AI-powered security, application security, Application Security Posture Management, ASPM, DAST, devsecops, devsecops automation, SAST, SCA, SDLC security, secure software development lifecycle, Software Supply Chain Security, zero-day vulnerabilitiesCheckmarx accelerates its AI-driven DevSecOps strategy after acquiring Tromzo, integrating AI agents to automate application security across the software development lifecycle ...
How to Escape the Talent Valley
Dustin Lehr | | ai, AI Governance, AI in software development, application security, developer careers, devsecopsAcross the tech industry a disconcerting trend is emerging, job losses at the hand of a seemingly more efficient and cost-effective employee, artificial intelligence (AI). Software developers in particular have felt the ...
Endor Labs Adds AI SAST Tool to Discover Vulnerabilities in Code
Mike Vizard | | agentic AI, AI code analysis, AI coding tools, application security, broken access control, code scanning, code security, developer security tools, devsecops, false positives reduction, LLM code vulnerabilities, multimodal static analysis, OWASP Top 10, secure design, Software Supply Chain Security, Static Application Security TestingEndor Labs launches an agentic AI-powered SAST tool that drastically reduces false positives, identifies deeper code flaws and helps DevSecOps teams secure AI-generated code across 40+ languages ...
