Security News

Agentic AI’s Role in the Future of AppSec
2025-03-19 13:48

Overwhelmed AppSec teams are turning to agentic AI to handle the tedious manual work of security reporting, threat modeling, and code reviews, but successful implementation requires careful human...

AppSec Webinar: How to Turn Developers into Security Champions
2024-07-18 11:45

Let's face it: AppSec and developers often feel like they're on opposing teams. Ever wish they proactively cared about security? The answer lies in a proven, but often overlooked, strategy: Security Champion Programs - a way to turn developers from adversaries into security advocates?

Stopping security breaches by managing AppSec posture
2024-04-11 03:00

Many security vulnerabilities result from human error, and the majority of these are reflected in the application layer. These errors may occur at any stage in the software development life cycle, from code to cloud.

Top 2024 AppSec predictions
2024-01-08 05:00

In this Help Net Security video, Shahar Man, CEO of Backslash Security, offers his top three AppSec predictions for 2024, uncovering future trends. The post Top 2024 AppSec predictions appeared...

Product showcase: Apiiro unifies AppSec and SSCS in a deep ASPM
2023-12-06 14:00

Apiiro: Deep ASPM. Apiiro goes beyond the basics, using native code-to-runtime context to unify risk visibility, assessment, prioritization, and governance across applications and software supply chains. Open platform with native AppSec and SSCS. In addition to built-in integrations with third-party security tools, Apiiro also provides native application and software supply chain security solutions.

New Webinar: 5 Must-Know Trends Impacting AppSec
2023-10-30 12:09

Modern web app development relies on cloud infrastructure and containerization. These technologies scale on demand, handling millions of daily file transfers – it's almost impossible to imagine a...

What AppSec and developers working in cloud-native environments need to know
2023-09-20 05:00

Public cloud infrastructure brought forth another significant shift, redefining the boundaries between applications and infrastructure. The advent of public cloud platforms, such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform, has greatly influenced the design, deployment, and management of applications.

LLMs and AI positioned to dominate the AppSec world
2023-07-20 04:30

A new research report explores emerging trends that software organizations need to consider as part of their security strategy, and risks associated with the use of existing open source software in application development. In particular, as modern software development increasingly adopts distributed architectures and microservices alongside third party and open source components, the report tracks the astonishing popularity of ChatGPT's API, how current large language model-based AI platforms are unable to accurately classify malware risk in most cases, and how almost half of all applications make no calls at all to security-sensitive APIs in their code base.

Inadequate tools leave AppSec fighting an uphill battle for cloud security
2023-05-19 03:30

AppSec teams are stuck in a catch-up cycle, unable to keep up with the increasingly rapid, agile dev pace, and playing security defense via an endless and unproductive vulnerability chase, according to Backslash Security. Far and wide, enterprises are victims of this costly 'defensive tax:' the cost of employing AppSec engineers who chase vulnerabilities rather than drive a comprehensive cloud-native AppSec program is estimated to be upwards of $1.2 million annually.

A modern-day look at AppSec testing tools
2023-03-01 05:30

In this Help Net Security video, Frank Catucci, CTO, and Dan Murphy, Distinguished Architect at Invicti Security, break down the different types of application security testing tools, explore the...