application security
More than half of public vulnerabilities bypass leading WAFs
Miggo Security has released a new report that examines how web application firewalls are used across real-world security programs. The research outlines the role WAFs play as …
Financial services can’t shake security debt
In financial services, application security risk is becoming a long game. Fewer flaws appear in new code, but old ones linger longer, creating a kind of software “interest” …
The diagnosis is in: Mobile health apps are bad for your privacy
Sensitive data is moving through Android healthcare apps without adequate protection. Researchers found that many transmit information without encryption, store files without …
Five habits of highly secure development teams
In this Help Net Security video, Brendon Collins, Principal Consultant at Optiv, explores how organizations can embed security and privacy into the software development …
Inside the application security crisis no one wants to talk about
Despite knowing the risks, most organizations are still shipping insecure software. That’s one of the stark findings from Cypress Data Defense’s 2025 State of Application …
Your app is under attack every 3 minutes
Application-layer attacks have become one of the most common and consequential methods adversaries use to gain access and compromise organizations, according to Contrast …
AI built it, but can you trust it?
In this Help Net Security interview, John Morello, CTO at Minimus, discusses the security risks in AI-driven development, where many dependencies are pulled in quickly. He …
91% noise: A look at what’s wrong with traditional SAST tools
Traditional static application security testing (SAST) tools are falling short. That’s the key takeaway from a recent report that tested these tools against nearly 3,000 …
Before scaling GenAI, map your LLM usage and risk zones
In this Help Net Security interview, Paolo del Mundo, Director of Application and Cloud Security at The Motley Fool, discusses how organizations can scale their AI usage by …
Unpacking the security complexity of no-code development platforms
In this Help Net Security interview, Amichai Shulman, CTO at Nokod Security, discusses how the abstraction layer in no-code environments complicates security by obscuring data …
Security flaws in government apps go unpatched for years
78% of public sector organizations are operating with significant security debt, flaws left unaddressed for more than a year, according to Veracode. 55% are burdened with …
Development vs. security: The friction threatening your code
Developers are driven to deliver new features quickly, while security teams prioritize risk mitigation, which often puts the two at odds. 61% of developers said that it’s …
Featured news
Resources
Don't miss
- AI isn’t one system, and your threat model shouldn’t be either
- LLMs work better together in smart contract audits
- Product showcase: NAKIVO v11.1 advances MSP service delivery with secure multi-tenant management
- Crypto theft in 2025: North Korean hackers continue to dominate
- Clipping Scripted Sparrow’s wings: Tracking a global phishing ring