By James Rees, MD, Razorthorn Security From 2020 to 2024, cybersecurity underwent a transformative period that reshaped the industry. This era witnessed several significant high profile security breaches, whilst the World Economic Forum recognised cybersecurity as one of the top ten threats to global economic stability.

From design to deployment, the rise in AI tools and AI-generated code is changing developers’ workflows, enabling them to focus on more creative and complex tasks. However, while 96% of developers use AI coding assistants to streamline their work, it can have a negative impact on security teams. One-fifth of AppSec teams surveyed said they face significant challenges securing AI-generated code due to how quickly it’s produced.

The discussion about managing the impact of shorter TLS certificate lifespans began with the proposal from Google to shorten the lifespan of public-facing certificates to 90 days. And then the plot thickened when Apple jumped in with a 45-day certificate proposal. We’re not fortune tellers, but we do believe these changes, or something close to them, will happen in the not-too-distant future.

As 2024 draws to a close, I’m reflecting on a year that has been nothing short of transformative for Appknox. This was a year of bold ideas, breakthrough innovation, and meaningful partnerships. It was a year where we didn’t just meet expectations—we redefined them. In many ways, 2024 was about going back to the fundamentals of why we exist: to make mobile application security simple, scalable, and effective.

Read also: Former AT&T employee arrested for fraud, two Indians charged in fraud tech support scheme, and more.

85% of the code that we use doesn’t come from our own code, it comes from our open-source components and dependencies. This means attackers can know your code better than you do! SCA tools are our best line of defense to keep our open-source supply chain secure. Software Composition Analysis (SCA) tools, also known as open-source dependency scanning, help us understand the risks we have in our open-source supply chain.

Today, I’m thrilled to announce that Tines has formally signed CISA’s Secure by Design pledge. Since our founding, we have been guided by the fundamental belief that secure software is security software, and that our customers shouldn’t need to make a tradeoff between adding valuable automation capabilities or reducing their attack surface.

Learn about OWASP’s newest focus on Non-Human Identities and how to mitigate risks like secret leakage, overprivileged NHIs, and insecure authentication with GitGuardian.

Everything you were too afraid to ask about Docker, containers, and their fundamental building blocks: layers. Understanding how layers work naturally leads to a more efficient method of packing images, ultimately speeding up your deployments.

As part of our Detectify under the hood blog series, we recently introduced our new engine framework and how it helped us address a critical 0-day vulnerability within a day. In this article, we deep-dive into the problem space of monitoring our customers’ attack surface and distributing security tests to them.