Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The discussion about managing the impact of shorter TLS certificate lifespans began with the proposal from Google to shorten the lifespan of public-facing certificates to 90 days. And then the plot thickened when Apple jumped in with a 45-day certificate proposal. We’re not fortune tellers, but we do believe these changes, or something close to them, will happen in the not-too-distant future.

As 2024 draws to a close, I’m reflecting on a year that has been nothing short of transformative for Appknox. This was a year of bold ideas, breakthrough innovation, and meaningful partnerships. It was a year where we didn’t just meet expectations—we redefined them. In many ways, 2024 was about going back to the fundamentals of why we exist: to make mobile application security simple, scalable, and effective.

Read also: Former AT&T employee arrested for fraud, two Indians charged in fraud tech support scheme, and more.

85% of the code that we use doesn’t come from our own code, it comes from our open-source components and dependencies. This means attackers can know your code better than you do! SCA tools are our best line of defense to keep our open-source supply chain secure. Software Composition Analysis (SCA) tools, also known as open-source dependency scanning, help us understand the risks we have in our open-source supply chain.

Today, I’m thrilled to announce that Tines has formally signed CISA’s Secure by Design pledge. Since our founding, we have been guided by the fundamental belief that secure software is security software, and that our customers shouldn’t need to make a tradeoff between adding valuable automation capabilities or reducing their attack surface.

Learn about OWASP’s newest focus on Non-Human Identities and how to mitigate risks like secret leakage, overprivileged NHIs, and insecure authentication with GitGuardian.

Everything you were too afraid to ask about Docker, containers, and their fundamental building blocks: layers. Understanding how layers work naturally leads to a more efficient method of packing images, ultimately speeding up your deployments.

As part of our Detectify under the hood blog series, we recently introduced our new engine framework and how it helped us address a critical 0-day vulnerability within a day. In this article, we deep-dive into the problem space of monitoring our customers’ attack surface and distributing security tests to them.

As C-suites and boards are bombarded with headlines about AI revolutionizing cybersecurity, it’s no wonder they’re putting pressure on SOC leaders to adopt AI. The promise of AI in the SOC is rightfully alluring. An AI-native autonomous SOC has the potential to create a world where AI Agents collaborate with each other to take care of repetitive tasks and handle the majority of low-level alerts, freeing your human team up for strategic, proactive work. The hurdle?

Happy new year! 2025 is underway and the SafeBreach team is off to a strong start after a record-breaking 2024. We are keenly focused on the vision, goals, and opportunities that lie ahead in the new year—some of which we are excited to share in much more detail soon. But, before we close the books on 2024, I wanted to take a moment to reflect on all that we accomplished over the last year with the support and partnership of the SafeBreach community.