An analysis of more than 101 million application security alerts conducted by OX Security, a provider of an application security posture management (ASPM) platform, finds only 2% to 5% require immediate action, with more than 95% considered informational.
Opus Security Platform Assigns DevSecOps Tasks to AI Agents
Opus Security today unveiled a platform that employs artificial intelligence (AI) agents to its vulnerability management platform that are trained to discover known issues and suggest remediations.
OpenSSF Defines Baseline for Securing Open Source Software
The Open Source Security Foundation (OpenSSF) has launched an initiative to provide maintainers of open source software projects with a set of baseline security requirements that can be realistically attained and maintained by small teams.
Legit Security Extends ASPM Platform to Provide More Vulnerability Context
Legit Security this week added an ability to determine the level of risk a vulnerability actually represents to its application security posture management (ASPM) platform.
The State of Application Risk: Key Findings Reveal Widespread Security Vulnerabilities
New research reveals that 100% of organizations face critical app security risks. Learn key findings and essential steps to protect your software development pipeline.
Software Dev Culture Shock: “I Have to Do WHAT Now!?”
Software bills of materials (SBOMs) have sparked a real culture shock in developer teams that are being made to account for – and be scrutinized over – the minute decisions they make in the development of software.
Sonar Details OpenAPI Generator Flaw That Creates Source Code Vulnerability
Sonar, a provider of code scanning tools, revealed this week that it has discovered a flaw in a widely used tool for generating application programming interfaces (APIs) that makes it possible for cybercriminals to both read and delete files and files stored in a write directory.
Sonatype Report Surfaces Software Supply Chain Security Challenges
Sonatype today during a virtual All-Day DevOps (ADD) event shared the results of a report that finds there has been a 156% increase in the number of malicious open source packages year-over-year, reaching more than 512,847 for a 156% increase in the past year.
Sonar Adds AI Tools to Identify Issues and Fix Code Created by Machines and Humans
Sonar, in addition to adding generative artificial intelligence (AI) capabilities to its core platform for remediation vulnerabilities, also unveiled a tool that identifies vulnerabilities in code generated by artificial intelligence (AI) platforms.
JFrog Extends GitHub Alliance to Provide Unified Dashboard
JFrog and GitHub today extended their alliance to provide a unified dashboard that makes it simpler to track and prioritize vulnerabilities from source code to the binaries that are ultimately deployed.










