Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The latest News and Information on Application Security including monitoring, testing, and open source.

SBOMs: A Roadmap for a Secure Software Journey

Jul 25, 2023 By Mend In Mend
Software supply chain threats and increasing regulatory pressures make supply chain security a top priority for software organizations. While building secure applications is a must for any organization, the path to creating secure software is anything but clear. Software bills of materials (SBOMs) have emerged as an essential tool and a roadmap for organizations on their secure software journey.
View Video
mend

The New Era of AI-Powered Application Security. Part Three: How Can Application Security Cope With The Challenges Posed by AI?

Jul 25, 2023 By Rami Elron In Mend

This is the third part of a blog series on AI-powered application security. Following the first two parts that presented concerns associated with AI technology, this part covers suggested approaches to cope with AI concerns and challenges. In my previous blog posts, I presented major implications of AI use on application security, and examined why a new approach to application security may be required to cope with these challenges.

Read Post

Strange Bedfellows: Software, Security and the Law

Jul 21, 2023 By Mend In Mend
The ongoing rise in cyberattacks across the software supply chain and a shifting regulatory landscape are forging an unlikely alliance between CISOs, software leaders and legal experts. Privacy, the shifting and diverse regulatory landscape, liability and new AI/ML use cases all present unique challenges and opportunities for risk management, but to best navigate these challenges, legal teams must be involved, too. Why? Because today, software vulnerabilities can represent not just a business risk but a legal risk.
View Video

Two Birds, One Stone: Shrinking Security Debt and Attack Surfaces

Jul 21, 2023 By Mend In Mend
Cybersecurity teams and developers continually struggle to reconcile what can seem like two competing priorities. Delivering new capabilities and addressing existing security technical debt. But what if they can do both at the same time? Forward-leaning AppSec programs are finding smart ways to reduce security debt by instituting a strategic approach to managing security vulnerabilities. This approach starts by reducing the attack surface early on and throughout development.
View Video

Malicious Package Trend Analysis

Jul 21, 2023 By Mend In Mend
It might seem obvious that regularly upgrading software and dependencies means your software is inherently more secure, but in practice, this is hard to achieve. Choice Hotels struggled to manually maintain their codebase and remediate all the transitive vulnerabilities lurking in the code. Today’s compositional applications created a complex archeological exploration challenge for developers trying to resolve security issues across a codebase. It was time-consuming, tedious, and imperfect.
View Video

Secure Features, Sales Soar | A CPO's Take on Application Security | Marcelino M. (CPO, Stream)

Jul 20, 2023 By Indusface In Indusface
In this episode, Marcelino Moreno (CPO, Stream) shares with Venkatesh (Venky) Sundar how product managers can contribute to an organization's growth by baking in security into the product roadmap. He also shares how a product manager can influence engineering teams to prioritize vulnerability patching along with building features to ensure that the customers use a secure product. Key highlights from the discussion.
View Video
mend

Why is Software Vulnerability Patching Crucial for Your Software and Application Security?

Jul 20, 2023 By Adam Murray In Mend

Software vulnerability patching plays a critical role in safeguarding your code base, software, applications, computer systems, and networks against potential threats, and ensuring they’re compliant, and optimized for efficiency. Organizations’ codebases have become increasingly complex, involving sophisticated relationships between components and their dependencies.

Read Post
komodo consulting

Choosing the Right Managed Application Security Provider: A Guide

Jul 19, 2023 By Komodo Research In Komodo Consulting
Imagine, if you will, that you are the esteemed ruler of a vast digital dominion, and your applications are the lifeblood of your realm. Yet, in the boundless expanse of cyberspace, there lurk dragons of the most fearsome kind—cyber threats, data breaches, and hackers. You require a champion, a Managed Application Security Provider (MASP), to safeguard your kingdom. But how, pray tell, does one select the right one?
Read Post

LLMs Need Security Too

Jul 14, 2023 By Datadog In Datadog
In this episode Jb and Izar are joined by David Haber, CEO of Lakera, who focuses on securing LLMs and their use. We explore topics like prompt injection and their impact on security, safety and trust, and we look at the Gandalf experiment ran by Lakera. We touch on the recently drafted OWASP Top 10 on LLM project, and have a great discussion on what LLMs are really doing and their potential as tools and targets.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.