Sign up for our newsletter!
Stay informed on the latest DevOps news

DevOps.com

Tag: vulnerabilities

Checkmarx, vulnerable code,

Survey Traces Large Amount of Breaches Back to Vulnerable Code

| | breaches, devops, software supple chain, vulnerabilities, vulnerable code
A survey of 1,519 application security stakeholders finds nearly all (98%) work for organizations that have experienced a security breach attributable to vulnerable code, with 81% acknowledging their organization has shipped code ...
components, SBOMs, development, RunSafe, supply chain, software, SBOMs, Codenotary SBOM DevOps Intel VMware security

SBOMs Are Not Enough 

| | SBoM, SCA, Third-Party Risk, vulnerabilities
Track your components, patch when needed and you’ve got your risk covered. But that’s only part of the story ...
Legit, Sonatype OpenZiti open source software Commvault

Legit Security Extends AI Reach of ASPM Platform

| | ai, devsecops, RSAC 2025, vulnerabilities
Legit Security at the 2025 RSA Conference today extended the reach of its application security posture management (ASPM) platform that leverages artificial intelligence (AI) to identify vulnerabilities and other weaknesses to now ...
Lineaje, AI, agents, Cycode, SAST, analysis, Black Duck, open-source, coding, DevSecOps, OpenText, Process, DevSecOps, ASPM, Cycode SecOps GitLab Quali SigStore OWASP DevSecOps vulnerabilities security Pulumi DevSecOps Analyzing Code for Security Vulnerabilities

Lineaje Leverages AI Agents to Secure Open Source Packages and Images

| | devsecops, open source, vulnerabilities
Lineaje has added artificial intelligence (AI) agents that leverage multiple types of code scanners to ensure the open-source software packages and artifacts being used by application developers are truly secure ...
SDLC, code, symbiotic, vulnerabilities Neo4j Hasura Database DevSecOps

Symbiotic Security Unveils AI Coding Tool Trained to Identify Vulnerabilities

| | AI tools, sdlc, vulnerabilities
Symbiotic Security, this week, launched a tool that leverages a large language model (LLM) specifically trained to identify vulnerabilities via a chatbot as application developers write code ...
CISA, secure by design, ReversingLabs, open-source, AI, cybersecurity, tooling, CISA Security Scribe ReversingLabs software supply chain cybersecurity - software supply chain security - risks - cyberattacks - Log4J - vulnerabilities

Report: Commercial Software Just as Vulnerable as Open Source

| | ai, devsecops, open source, Secrets, Software Supply Chains, vulnerabilities
An analysis published by ReversingLabs, a provider of tools for securing application development environments, suggests that commercial software used in software supply chains is just as vulnerable as open-source code ...
application, vulnerabilities, devsecops, developers, appsec, tool, appsec, Bionic modernization DevSecOps AppSec Cortex materialized view SIEM

Report: Bulk of Application Vulnerabilities Don’t Require Immediate Attention

| | appsec, cybercriminals, devsecops, vulnerabilities
An analysis of more than 101 million application security alerts conducted by OX Security, a provider of an application security posture management (ASPM) platform, finds only 2% to 5% require immediate action, ...
Opus, AI, appsec, ASPM, legit , application security, Launchable, CloudBees, application security, microservices testing Your Applications Are the Weakest Security Link

Opus Security Platform Assigns DevSecOps Tasks to AI Agents

| | ai, AI agents, AI tools, appsec, vulnerabilities
Opus Security today unveiled a platform that employs artificial intelligence (AI) agents to its vulnerability management platform that are trained to discover known issues and suggest remediations ...
open source, software, security, open-source, Lineaje, Linux, open source, report, study, Open source code

OpenSSF Defines Baseline for Securing Open Source Software

| | open source software, security, vulnerabilities
The Open Source Security Foundation (OpenSSF) has launched an initiative to provide maintainers of open source software projects with a set of baseline security requirements that can be realistically attained and maintained ...
Legit Security Extends ASPM Platform to Provide More Vulnerability Context

Legit Security Extends ASPM Platform to Provide More Vulnerability Context

| | AOIs, devsecops, SBoM, vulnerabilities
Legit Security this week added an ability to determine the level of risk a vulnerability actually represents to its application security posture management (ASPM) platform ...
risks, security, data lake, observability, strategy, database Dynatrace RDS data privacy risk DevSecOps Managing Data - data privacy -data security -data protection - compliance - cybersecurity - Imperva - risk management

The State of Application Risk: Key Findings Reveal Widespread Security Vulnerabilities

| | Secrets, security, visibility, vulnerabilities
New research reveals that 100% of organizations face critical app security risks. Learn key findings and essential steps to protect your software development pipeline ...
components, SBOMs, development, RunSafe, supply chain, software, SBOMs, Codenotary SBOM DevOps Intel VMware security

Software Dev Culture Shock: “I Have to Do WHAT Now!?”

| | open source, security, software bill of materials, vulnerabilities
Software bills of materials (SBOMs) have sparked a real culture shock in developer teams that are being made to account for – and be scrutinized over – the minute decisions they make ...
Show More