The Ultimate Guide to Application Security
A curated American edition of TechDay news, analysis, interviews, reviews, job moves, and related resources for Application Security.
What to know about Application Security
Application Security focuses on protecting software applications from vulnerabilities and cyber threats throughout their development and operational life cycles. This critical field addresses challenges such as runtime protection, secure coding practices, DevSecOps integration, API security, cloud-native environments, and mitigating attacks like DDoS, supply chain risks, and malicious bot traffic.
Exploring the latest stories in Application Security reveals how advancements like AI and automation are enhancing threat detection, vulnerability management, and developer workflows, while highlighting ongoing risks found in mobile apps, open source components, and cloud deployments. Readers can gain insights into best practices, emerging technologies, and strategies to safeguard applications against evolving cyber threats.
Whether you’re a developer, security professional, or business leader, staying informed about Application Security developments helps in building resilient software, maintaining compliance, and protecting user data in an increasingly complex digital landscape.
American Application Security News
Regional stories with direct local relevance
Geordie appoints Courtney Broadwell as Channel Chief
The hire bolsters Geordie's push to help enterprises govern AI agents, as it expands after a USD $30 million funding round.
Sonatype expands Firewall to block malicious packages
Malicious open source packages are increasingly slipping past spelling checks, exposing developer data and build systems to supply-chain attacks.
Zapier security chain exposed package publishing risk
A free account could have let attackers alter Zapier-maintained packages and hijack logged-in users' browser sessions, researchers said.
CodeHunter appoints Anurag Jain as Engineering Chief
The hire signals CodeHunter's push to scale pre-execution software security as threats mount across supply chains and development environments.
Island tops Texas peers in CNBC's Disruptor 50 list
The ranking highlights surging demand for AI-governance software, with the Dallas firm ahead of two Austin rivals on CNBC's list.
Permiso launches AI agent security tools with Autodesk
Autodesk is among early users as the new controls aim to give security teams runtime visibility into unapproved AI agents and their actions.
Analyst Insights
Research and market analysis connected to Application Security
Salt Code enforces security policies in AI coding tools
Software Improvement Group named Gartner leader on debt
Upwind launches AI agentic pack for cloud security
Cycode launches agentic development lifecycle security
Cognizant launches Secure AI Services for enterprises
Featured News
Check Point Technologies: On vigilance, Mythos and beyond
AI-driven vulnerability scanning is forcing firms to rethink complacency as Check Point says existing defences still help against Mythos.
Exclusive: Reco COO on securing the AI inside your SaaS stack
Reco COO Zoe Hillenmeyer says enterprises typically underestimate their AI agent exposure by a factor of ten and that gap is widening.
Google Cloud CEO sets out enterprise AI agent plan
Enterprises will get one place to build, govern and run AI agents, as Google Cloud expands Gemini Enterprise across models, data and security.
'Human Risk' takes centre stage - Mimecast CEO
Mimecast chief warns human risk is now cybersecurity's 'eighth layer' as malicious insiders overtake negligence in Australian attacks.
UiPath Accelerates AI in Software Development and Testing
UiPath is pushing AI deeper into software testing, promising autonomous agents that transform quality assurance and developers' roles.
Grafana: Turning data chaos into developer efficiency and CFO savings
Grafana leans on AI-powered observability and Adaptive Telemetry to sharpen developer insight while slashing cloud bills by up to 50%.
Expert Columns
The evolving role of the CSO: From technical guardian to business strategist
Secure by default: Moving beyond secure by design
Why the next endpoint and SASE disruption will not come from a security vendor
The security challenges in AI-assisted software development
AI surge exposes cloud security gaps, report warns
Agentic AI double agents expose dangerous security gaps
Why auto update is the most underrated security feature on your firewall
Organisations are progressively adopting Network Convergence to drive efficiency and User Experience
Integrating AppSec for efficient DevSecOps
How AI is driving the convergence of networking and security
Interviews
Interviews and video coverage from the networkRecent Application Security News
Upwind launches AI agentic pack for cloud security
It aims to cut alert fatigue by using runtime data to validate threats, prioritise real risks and guide fixes across cloud and AI systems.
Gluware launches Titan Exposure Management for networks
Security teams could cut false positives and speed fixes as the new tool ties vulnerability alerts to live network device states.
Miggo launches Pulse in bid to speed AI exploit response
It aims to cut the time security teams need to spot exploitable flaws and deploy temporary defences before attackers strike.
CleanStart launches shell-less read-only containers
Existing deployments can gain stronger protection against post-compromise persistence without changing Dockerfiles, CI/CD pipelines or runtime workflows.
Akto widens AI agent security with new integrations
Native checks will now flag prompt injection and data leakage across more of the AI agent stack as enterprises push systems into production.
Tenable flags Microsoft GitHub workflow flaw risking code
A flaw in a Microsoft GitHub workflow could let attackers run unauthorised code and steal repository secrets, Tenable said.
OpenAI broadens AI cyber tools as arms race heats up
Ransomware pressure on US firms is intensifying debate over whether broader AI hacking tools will help defenders or aid criminals.
Mythos model sparks warnings over AI cyber threats
Enterprises face faster phishing, deepfakes and automated exploits as security leaders say existing controls lag behind frontier AI models.
Qodo raises $70 million to develop a trust layer for AI coding
The funding will help Qodo expand globally as enterprises look for ways to verify AI-written code before it reaches production systems.
BlueFlag lifts Series A after rapid revenue growth
Adoption among big enterprises has helped the cybersecurity start-up secure USD $28 million, as it expands tools for AI-driven software development.
Coralogix & Skyflow team up on secure observability
Coralogix and Skyflow partner to tokenise sensitive log data, balancing observability, privacy and AI-ready telemetry for global firms.
F5 and Skyfire team up on verified AI agent traffic
F5 and Skyfire partner to let online merchants admit verified AI agents while keeping malicious bots out of shopping and content flows.
Wallarm appoints new chief executive as AI focus grows
Wallarm names Shayne Higdon chief executive in leadership reshuffle as it pivots from pure API protection to securing wider AI-driven risks.
Morphisec adds AI defence to anti-ransomware suite
Morphisec unveils Adaptive AI Defence to spot shadow AI, block compromised agents and thwart AI-driven ransomware in real time.
Firms test just 32% of attack surface, study finds
Organisations test just a third of their attack surface as reliance on agentic AI grows, raising fresh concerns over unseen cyber risks.
Salt unveils platform to secure rising AI agent stacks
Salt launches an agentic security platform to map, monitor and protect how AI agents use LLMs, MCP servers and enterprise APIs at scale.
Vijil launches platform to harden enterprise AI agents
Vijil has unveiled a platform to test, monitor and adapt enterprise AI agents, aiming to harden them against attacks, failure and drift.
Terra Portal blends AI agents with human-led pentesting
Terra Security unveils Terra Portal, a desktop hub fusing AI agents with human pentesters to speed vulnerability fixes from months to hours.
Terra Security names Anna Sarnek VP of business strategy
Terra Security appoints Anna Sarnek VP of business strategy to steer partner-led growth and define its AI-native offensive security push.
Brinqa unveils AI agents to streamline cyber risk data
Brinqa has rolled out AI agents to infer asset owners and deduplicate findings, aiming to cut cyber risk noise in sprawling IT estates.