%term

The latest News and Information on Application Security including monitoring, testing, and open source.

Vibe check: The vibe coder's security checklist

May 19, 2025 By The Aikido Team In Aikido

If it’s worth building, it’s worth securing. Vibe coding has been generating a lot of buzz. While automating and coding with AI isn’t new, vibe coding holds the promise of democratizing software development: simply describe what you want in natural language and let the LLM do the rest.

Read Post

Aikido

Read more about Vibe check: The vibe coder's security checklist

Why You Can't "SAST" Your Way Through AI Security #AppSec #LLMs #CloudSecurity #Cybersecurity

May 19, 2025 By Mend In Mend

AI apps break the traditional rules of application security. Here’s why: AI is cloud-native from day one. That means you’ve got runtime risk before your app even launches. Static analysis (SAST) doesn’t cut it. You can’t predict risk from just looking at code. AI models are just vectors. You need new methods.

View Video

Mend

Read more about Why You Can't "SAST" Your Way Through AI Security #AppSec #LLMs #CloudSecurity #Cybersecurity

CrowdStrike Falcon Application Security Posture Management (ASPM)

May 16, 2025 By CrowdStrike In CrowdStrike

Falcon ASPM extends visibility beyond endpoints and cloud to automatically prioritize the most impactful risks in custom applications. Contact us to learn how you can find threats faster with Falcon Cloud Security.

View Video

CrowdStrike

Read more about CrowdStrike Falcon Application Security Posture Management (ASPM)

Ethical Hackers & Bug Bounty: Our Security Journey #applicationsecurity #cybersecurity

May 16, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Ethical Hackers & Bug Bounty: Our Security Journey #applicationsecurity #cybersecurity

Splunk Delivers Unified Security and Observability to Protect Applications

May 15, 2025 By Kashyap Merchant In Splunk

Bring application and security teams together with end-to-end application threat detection and response—right inside Splunk.

Read Post

Splunk

Read more about Splunk Delivers Unified Security and Observability to Protect Applications

Unlocking Security: Why Bug Bounty Programs Are a MUST-HAVE #bugbounty #cybersecurity

May 15, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Unlocking Security: Why Bug Bounty Programs Are a MUST-HAVE #bugbounty #cybersecurity

Hackers REVEALED: The TRUTH About Bug Bounty Programs #cybersecurity #bugbounty

May 14, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Hackers REVEALED: The TRUTH About Bug Bounty Programs #cybersecurity #bugbounty

5 SAST Purchasing Tips That Actually Maximize ROI

May 14, 2025 By Mend In Mend

Following these 5 tips when purchasing a SAST tool will save you headaches and regrets. A flashy demo or “industry-leading” badge doesn’t mean much if the tool doesn’t work for your code, your developers, or your workflow. This short video covers 5 things every AppSec or engineering team should consider before signing on the dotted line. Because choosing the wrong tool won’t just cost you budget, it’ll cost you trust.

View Video

Mend

Read more about 5 SAST Purchasing Tips That Actually Maximize ROI

Is Your Code Safe? Hidden Risks & Security Measures | Mend.io #cybersecurity #softwaresecurity

May 13, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Is Your Code Safe? Hidden Risks & Security Measures | Mend.io #cybersecurity #softwaresecurity

You're Invited: Delivering malware via Google Calendar invites and PUAs

May 13, 2025 By Mackenzie Jackson In Aikido

On March 19th, 2025, we discovered a package called os-info-checker-es6 and were taken aback. We could tell it was not doing what it said on the tin. But what's the deal? We decided to investigate the matter and initially hit some dead ends. But patience pays off, and we eventually got most of the answers we sought. We also learned about Unicode PUAs (No, not pick-up artists). It was a roller coaster ride of emotions!

Read Post