Application Security | News, how-tos, features, reviews, and videos
Generative AI chatbots and large language models can be a double-edged swords from a risk perspective, but with proper use they can also improve cybersecurity in key ways
The malicious packages have been downloaded hundreds of times, but the long-term impact is unknown.
OX-GPT plugin promises natural-language security analysis for application security teams.
IBM’s purchase of Israel-based application data security startup Polar will see that company’s data security posture management technology integrated into IBM’s Guardium lineup of products.
Arnica adds new software supply chain security capabilities delivered through real-time code risk management tools.
New SSRF vulnerabilities highlight the weaknesses of using blacklisting techniques as a defense mechanism.
Orca’s existing GPT integration with its cloud-native application protection platform (CNAPP) receives a GPT-4 upgrade, along with a few other enhancements.
Solution secures sensitive data in SaaS apps and integrates with 15 popular services including Salesforce, JIRA, GitHub, and Slack.
Shadow IT or careless configuration of container and artifact registries could give attackers access to sensitive data and inject malicious code.
SLSA v1.0 has been designed to make the software supply chain security framework more accessible and specific to areas of the software delivery lifecycle.