CFOtech US - Technology news for CFOs & financial decision-makers
United States

AppSec Stories

American Stories

AppSec stories

Global Stories

AppSec stories

IBM & Red Hat launch £5bn open-source security plan
Fintech

IBM & Red Hat launch £5bn open-source security plan

The move targets vulnerabilities in software used by large firms, as AI makes it easier to find and exploit flaws.

By Sean Mitchell 4 min read Last week
TrendAI deploys Claude Opus 4.8 for vulnerability hunts
Cloud Security

TrendAI deploys Claude Opus 4.8 for vulnerability hunts

Security teams in Australia and New Zealand may soon triage flaws faster as TrendAI uses Claude Opus 4.8 to assess exploitability and impact.

By Sean Mitchell 4 min read Last week
RevEng.AI raises USD $15 million to secure software
Application Security

RevEng.AI raises USD $15 million to secure software

The funding will help firms spot hidden flaws and backdoors in compiled code as AI-generated software and supplier risk raise security concerns.

By Sofiah Nichole Salivio 4 min read Last week
CrowdStrike disrupts Glassworm botnet targeting developers
Malware

CrowdStrike disrupts Glassworm botnet targeting developers

Developers using open-source tools face heightened supply-chain risk after the botnet lost all four of its command channels.

By Joseph Gabriel Lagonsin 4 min read 5 days ago
Bugcrowd launches RL environments for AI security training
Application Security

Bugcrowd launches RL environments for AI security training

The platform aims to help AI developers move beyond benchmark tests, as models struggle to tackle real-world vulnerabilities safely and reliably.

By Sean Mitchell 4 min read Last week
Socket raises USD $60 million to tackle code risks
DevOps

Socket raises USD $60 million to tackle code risks

The round values the software supply chain security company at USD $1 billion as AI coding boosts the flow of third-party code into production.

By Sofiah Nichole Salivio 3 min read Last week
1Password expands OpenAI Codex deal for secure credentials
Data Protection

1Password expands OpenAI Codex deal for secure credentials

The new integration keeps passwords out of prompts and repos, reducing the risk of leaks as AI coding agents move into production workflows.

By Sofiah Nichole Salivio 3 min read Last month
Terra adds continuous testing for network infrastructure
Network Infrastructure

Terra adds continuous testing for network infrastructure

Security teams can now assess network, web and AI weaknesses together as Terra Security broadens continuous validation to infrastructure.

By Mark Tarre 4 min read Last month
TAC Security adds Anthropic & Perplexity AI clients
Data Protection

TAC Security adds Anthropic & Perplexity AI clients

Independent security checks are gaining urgency as fast-growing AI and software firms face rising scrutiny from customers, partners and regulators.

By Sean Mitchell 3 min read Last month
Exploitation overtakes social engineering in Rapid7 report
Ransomware

Exploitation overtakes social engineering in Rapid7 report

Exposed systems are becoming the main target, as Rapid7 says flaws were used in 38% of incidents and patch windows shrank to five days.

By Mark Tarre 3 min read Last month
GitLab 19.0 adds secrets manager & AI workflow tools
Private Cloud

GitLab 19.0 adds secrets manager & AI workflow tools

The release gives security teams and developers new controls for credentials, merge requests and supply chain oversight as AI use grows.

By Joseph Gabriel Lagonsin 4 min read Last month
OpenSSF adds five members & new security resources
Application Security

OpenSSF adds five members & new security resources

Members are backing tougher open source security as OpenSSF expands guidance on regulation, Python coding and AI-driven vulnerability tools.

By Sofiah Nichole Salivio 4 min read Last month
Orchid warns of hidden identity gap as AI risks rise
Data Protection

Orchid warns of hidden identity gap as AI risks rise

Most enterprise access still sits outside formal controls, leaving AI agents and unmanaged accounts to widen security and compliance risks.

By Sean Mitchell 5 min read Last month
Cloudflare launches Claude agent environments with Anthropic
DevOps

Cloudflare launches Claude agent environments with Anthropic

Businesses can now run Claude-powered agents in isolated Cloudflare sandboxes, with tighter controls for private data, audit trails and scaling.

By Mark Tarre 3 min read Last month
Software Improvement Group launches AI code governance
DevOps

Software Improvement Group launches AI code governance

Many firms lack visibility over AI-written software, raising maintainability and security risks as adoption of coding assistants accelerates.

By Joseph Gabriel Lagonsin 4 min read Last month
Anthropic model can chain bugs into exploits, Cloudflare
Cloud Security

Anthropic model can chain bugs into exploits, Cloudflare

The findings suggest AI-assisted bug hunting is edging closer to practical exploitation, raising the stakes for software teams racing to patch flaws.

By Mark Tarre 4 min read Last month
Synack report says vulnerability testing gap widens
Digital Transformation

Synack report says vulnerability testing gap widens

Enterprises are testing only about 32% of their attack surface, leaving many assets outside regular security checks as threats grow faster.

By Mark Tarre 4 min read Last month

Stories from Other Regions

AppSec stories