Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The latest News and Information on Application Security including monitoring, testing, and open source.

aikido

OWASP Top 10 for Agentic Applications (2026): What Developers and Security Teams Need to Know

Dec 10, 2025 By Sooraj Shah In Aikido
Agentic AI is moving into production in CI/CD pipelines, internal copilots, customer support workflows, and infrastructure automation. These systems no longer just call a model. They plan, decide, delegate, and take actions on behalf of users and other systems. This creates new attack surfaces that do not map cleanly to traditional application security or even the OWASP Top 10 2025.
Read Post
veracode

Beyond Speed: Why Free AppSec Testing Tools Cost You More

Dec 9, 2025 By Joe Ariganello In Veracode
The expectation for fast and free solutions dominates both personal and professional environments. From streaming platforms to software tools, convenience and zero-cost access often drive decision-making. While this approach may seem efficient on the surface, it raises critical questions about the hidden costs and overlooked trade-offs.
Read Post

Hackers hijack Google Smart Home #aisecurity #mcpserver

Dec 5, 2025 By Mend In Mend
Building AI agents that can think, act, and adapt securely isn't easy. From prompt design to deployment, every stage brings new challenges and new risks. In this session, Bar-El Tayouri, Head of Mend AI at Mend.io, and Yehoshua (Shuki) Cohen, VP of Data and AI Evangelist at AI21 Labs, shared practical strategies for designing and defending agentic systems that actually deliver. Key topics covered: Originally recorded: October 29, 2024.
View Video
astra

API Security vs Application Security: What's the Difference & Best Practices 2026

Dec 5, 2025 By Suyash Jain In Astra
Over the past few years, APIs have quietly become the front door to your most critical data and workflows, flipping security ownership on its head. Accountability and ownership of both API and Application security have shifted from your central infra and network teams to product, platform, and engineering squads that ship new APIs every week, and well, sometimes every day. This is where CISOs and CTOs feel the tug strengthening from both sides.
Read Post

Learn How Veracode Helps Developers Deliver Fast Without Compromising Security with SVP Sarah Law

Dec 4, 2025 By VERACODE In Veracode
Hear from Veracode's SVP of Business Operations, Sarah Law, on how developers face immense pressure to deliver software quickly while security and compliance teams struggle to keep pace with constant changes. The Veracode platform addresses this challenge by discovering and organizing all technology assets across systems, then assessing the risk associated with each one. What sets Veracode apart is its built-in governance and unified, configurable policy framework that adapts to each customer's unique security posture and regulatory requirements.
View Video

Learn How Veracode Stops Attackers from Exploiting Vulnerabilities from Founder Chris Wysopal.

Dec 4, 2025 By VERACODE In Veracode
Hear from Veracode's Founder and Chief Evangelist, Chris Wysopal, on how attackers compromise organizations by scanning applications for vulnerabilities in code, APIs, mobile integrations, and cloud environments. Vulnerabilities enter systems through feature updates, open-source components, and third-party code—creating constant exposure.
View Video

Veracode: Automating Application Risk Management with Veracode CEO Brian Roche

Dec 4, 2025 By VERACODE In Veracode
Hear from Veracode's CEO, Brian Roche, on how organizations worldwide face mounting security risks from AI and applications but struggle to identify where those risks reside. Veracode's Application Risk Management Platform solves this challenge by helping enterprises focus on their most critical applications—the ones that would irreparably impact business if compromised. Through automated AI-powered vulnerability detection and remediation, Veracode enables organizations to dramatically improve their compliance from 30% to 90% with just a few clicks.
View Video
veracode

Mastering ASPM: Unifying Your Application Security Strategy

Dec 2, 2025 By Natalie Tischler In Veracode
Application security is becoming increasingly fragmented. Development and security teams use a wide array of tools for testing, protection, and supply chain security. While each tool serves a purpose, they often operate in silos. This fragmentation creates a disconnected view of an organization’s security posture, making it difficult to prioritize and remediate risk effectively.
Read Post

Master Your Application Security Risk with Veracode's Application Risk Management Platform

Dec 1, 2025 By VERACODE In Veracode
Discover how Veracode's Application Risk Management Platform transforms application security from a growing liability into a strategic advantage. Watch this video to learn how Veracode cut's through the chaos of expanding portfolios, AI-driven development, and vulnerable supply chains to deliver clarity, prioritization, and automated remediation.
View Video
aikido

Safe Chain now enforces a minimum package age before install

Nov 28, 2025 By Trusha Sharma In Aikido
The last few months have made something clear. Attackers are not guessing anymore. They are watching how developers install dependencies and they are using timing itself as an attack vector. Fresh versions are where attackers strike first and they strike fast. So we upgraded Safe Chain to close that window.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.