Securing an application is just as important as building it in the first place. As data becomes more valuable, there are more people who want to steal it and use it for their own personal gain.
Making sure applications are indeed secure has always been a challenge, as hackers try to stay one step ahead of defenders. When organizations ran their applications in their own data centers, firewalls were an effective way of denying hackers access. The explosion of the Internet led to the creation of web applications, with entry points via the browser into client-side code that could endanger the organization.
Further, the increased speed of feature delivery in software stresses security teams trying to prevent hacks and data breaches. Today, with application modularity and edge computing increasing, along with the increased use of open-source software, that challenge has only become more difficult. Hackers now have more surface area to target than ever before. Here are the top threats organizations face as they work to secure their applications, data and systems.
IT and developers must work to ensure that their applications and systems are secure. On the development side, security touches nearly every step of the process, from the planning stage, development, to testing. The use of automation in security can help organizations stay one step ahead.
In the last year, we’ve seen AI cause a seismic shift in software development and delivery. Artificial intelligence is generating code faster than ever seen Meanwhile, AI also has caused a seismic shift in the SD Times 100. For 2026, we’ve ejected a few legacy categories that seem less important in the era of AI, … continue reading
In its State of AI-Powered Software Development report released today, application security provider Black Duck found that of more than 800 respondents, AI coding has reached a 97% adoption rate. The study also showed that these tools are more productive than human developers, but they introduce bottlenecks in the areas of security, code review and … continue reading
London — Developer Security Enablement Platform provider SecureFlag, a leader in secure coding training, launched its AI-Assisted Development Labs, a new hands-on training solution designed to help developers safely integrate AI coding assistants into their workflows. AI-powered coding tools such as GitHub Copilot, Claude, and ChatGPT are rapidly transforming how software is built, with over … continue reading
Across all industries, AI is forever transforming the way work gets done. For those of us working in software development and delivery, AI coding assistants are now essential for engineering teams. But the days of simply handing out licenses in hopes of success have passed. Today, most developers use AI assistants daily, yet results vary. … continue reading
The Model Context Protocol (MCP) was created to enable AI agents to connect to data and systems, and while there are a number of benefits to having a standard interface for connectivity, there are still issues to work out regarding privacy and security. Already there have been a number of incidents caused by MCP, such … continue reading
AI-generated code introduces a lot of risk into the development process. A recent Sonatype report found that AI hallucinated 27% of upgrade recommendations for open source projects, while research from Veracode found that AI introduced security vulnerabilities in 45% of 80 coding tasks across 100+ different LLMs. Now, new research from Black Duck is shedding … continue reading
Arcjet has announced the release of version 1 of its JavaScript SDK designed to enable security capabilities like bot detection, email validation, attack protection, and data redaction across JavaScript apps. “Shipping v1.0 is a clear signal to developers that Arcjet’s API is stable and fully tested with real production workloads,” said David Mytton, CEO of … continue reading
OpenClaw is an AI agent designed to act like a personal assistant, managing your email, calendar, social media accounts, and more, all from a messaging app like WhatsApp or Signal. While it has amassed a great deal of popularity — at the time of this writing it has over 180,000 stars on GitHub — many … continue reading
Open-source adoption is being accelerated by AI and automation, but developers need to proceed with caution to ensure they’re not introducing extra risk into their software supply chain. Brian Fox, co-founder and CTO of Sonatype, explained that AI can accelerate good engineering, but it can also scale mistakes faster, especially if it doesn’t have real-world … continue reading
Codenotary is adding new capabilities to its SBOM.sh service, which provides free analysis of software bills of materials (SBOMs). According to the company, the updates were made in consideration of AI applications, and the tool now treats datasets as software supply chain artifacts. “Traditional SBOM tools were built for an earlier era – focusing primarily … continue reading
Docker has announced that it is open sourcing its catalog of over 1,000 Docker Hardened Images (DHI), which are production-ready images maintained by Docker to reduce vulnerabilities in container images. Each image includes a complete software bill of materials (SBOM), transparent public CVE data, SLSA Build Level 3 provenance, and cryptographic proof of authenticity. Available … continue reading
As this year comes to a close, many experts have begun to look ahead to next year. Here are several predictions for how companies will manage security in 2026. Suja Viswesan, security software leader at IBM Shadow agents will accelerate data exposure faster than we can detect it: As autonomous AI agents begin to operate … continue reading