%term

The latest News and Information on Application Security including monitoring, testing, and open source.

What is Vibe Coding? #vibecoding #aisecurity #coding

Jan 20, 2026 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about What is Vibe Coding? #vibecoding #aisecurity #coding

Understanding Open-Source License Risk in Modern Software

Jan 19, 2026 By Mackenzie Jackson In Aikido

Open source is one of the best things to ever happen to software development. It is also one of the easiest ways to accidentally ship legal obligations you did not sign up for. Most teams know they rely heavily on open-source dependencies. Fewer teams know exactly what licenses those dependencies use, what obligations come with them, or how those licenses travel through transitive dependencies and container images. That gap is what we call open-source license risk.

Read Post

Aikido

Read more about Understanding Open-Source License Risk in Modern Software

Auth0 Strengthens Resiliency and Service Reliability with Datadog

Jan 16, 2026 By Datadog In Datadog

Auth0, part of Okta, is one of the most trusted identity platforms in the world—helping enterprises secure authentication and customer logins at massive scale. Their business depends on resiliency and reliability, and they maintain an extremely high SLA of 99.99% uptime. Because even seconds of downtime can impact customer logins, Auth0 set out to strengthen observability with Datadog across their entire environment and accelerate the way their teams detect, troubleshoot, and resolve issues.

View Video

Datadog

Read more about Auth0 Strengthens Resiliency and Service Reliability with Datadog

The Complete Application Security Toolkit: From Code Scanning to Runtime Protection

Jan 11, 2026 By Jonathan Kaftzan In ARMO

Last Tuesday, your SCA tool flagged 3,847 CVEs across your Kubernetes clusters. Your SAST scanner added another 1,200 findings from the overnight build. The container scanning pipeline blocked 47 images. And somewhere in Slack, someone from the SOC is asking why you haven’t patched the Log4j variant they read about on Twitter. You’ve done everything the security vendors told you to do. You shifted left. You scan everything. You gate deployments. You have dashboards.

Read Post

ARMO

Read more about The Complete Application Security Toolkit: From Code Scanning to Runtime Protection

Looking Ahead at 2026 with Gartner: How Smarter Teams and Tools Are Making Application Security a Breeze

Jan 6, 2026 By Joe Ariganello In Veracode

With my youthful good looks, it’s hard to believe that I’ve been in cybersecurity for almost two decades. : ) I’ve seen the industry go through some massive transformations. Each change brought its own set of challenges, failures (I’m looking at you XDR) and, more importantly, opportunities. As I am now entrenched in application security, I’m learning that we’re in the middle of another one of those moments, and it’s just as exciting.

Read Post

Veracode

Read more about Looking Ahead at 2026 with Gartner: How Smarter Teams and Tools Are Making Application Security a Breeze

Eliminate AppSec Noise: Jit's AI Agents Find Real Exploitable Risks

Jan 5, 2026 By Jit In Jit

Application security scanners generate endless alerts, but most don’t translate into real risk. Meet Sera, Jit’s AI-powered Security Evaluation and Remediation Agent. Sera automatically connects scanner findings, uncovers toxic combinations, and explains exploitable attack paths—saving AppSec teams hours of manual investigation. See how AI Agents eliminate noise, automate investigations, and deliver clarity so your team can focus on what matters.

View Video

Jit

Read more about Eliminate AppSec Noise: Jit's AI Agents Find Real Exploitable Risks

Offload AppSec Remediation to Jit's AI Agents

Jan 5, 2026 By Jit In Jit

Remediating vulnerabilities doesn’t need to take hours of manual work across AWS, GitHub, and Jira. In this demo, you’ll see how Jit’s AI Agents, including Sera (the Security Evaluation & Remediation Agent), offload the heavy lifting of AppSec remediation and turn hours of effort into minutes.

View Video

Jit

Read more about Offload AppSec Remediation to Jit's AI Agents

Jit's Custom Agents: AppSec Clarity, Without the Grind

Jan 5, 2026 By Jit In Jit

Tired of spending hours building and maintaining application security dashboards? In this demo, we showcase how Jit’s custom AI agents automatically generate clear, actionable AppSec dashboards—without the manual effort.

View Video

Jit

Read more about Jit's Custom Agents: AppSec Clarity, Without the Grind

How Engineering and Security Teams Can Meet DORA's Technical Requirements

Jan 5, 2026 By Sooraj Shah In Aikido

Every financial entity operating in the European Union must comply with the Digital Operational Resilience Act (DORA). DORA focuses on whether systems can withstand, respond to, and recover from ICT-related disruptions and whether this can be demonstrated with evidence. For engineering, security, and risk teams, this introduces a practical requirement. Operational resilience must be observable in live systems, continuously tested, and traceable over time.

Read Post

Aikido

Read more about How Engineering and Security Teams Can Meet DORA's Technical Requirements

Why compliance breaks at scale and what modern AppSec looks like

Jan 2, 2026 By Rucha Wele In Appknox

Compliance once lived on a calendar. Teams prepared for it in advance, reviewed it periodically, and treated it as a milestone separate from engineering work. That model no longer holds. Mobile applications now ship continuously. Features move weekly. Fixes land daily. Every change, no matter how small, alters the security and privacy posture of the organization. In this environment, compliance cannot trail development. It has to move with it, embedded into how software is built, tested, and released.

Read Post