application security

91% noise: A look at what’s wrong with traditional SAST tools
Traditional static application security testing (SAST) tools are falling short. That’s the key takeaway from a recent report that tested these tools against nearly 3,000 …

Before scaling GenAI, map your LLM usage and risk zones
In this Help Net Security interview, Paolo del Mundo, Director of Application and Cloud Security at The Motley Fool, discusses how organizations can scale their AI usage by …

Unpacking the security complexity of no-code development platforms
In this Help Net Security interview, Amichai Shulman, CTO at Nokod Security, discusses how the abstraction layer in no-code environments complicates security by obscuring data …

Security flaws in government apps go unpatched for years
78% of public sector organizations are operating with significant security debt, flaws left unaddressed for more than a year, according to Veracode. 55% are burdened with …

Development vs. security: The friction threatening your code
Developers are driven to deliver new features quickly, while security teams prioritize risk mitigation, which often puts the two at odds. 61% of developers said that it’s …

Why app modernization can leave you less secure
Enterprises typically “modernize” access patterns for an application by enabling industry standard protocols like OIDC or SAML to provide single sign-on (SSO) for legacy apps …

Rethinking AppSec: How DevOps, containers, and serverless are changing the rules
Application security is changing fast. In this Help Net Security interview, Loris Gutic, Global CISO at Bright, talks about what it takes to keep up. Gutic explains how …

Only 2-5% of application security alerts require immediate action
The large volume of security alerts, many created by automated tools, is overwhelming security and development teams, according to the 2025 Application Security Benchmark …

The rise of DAST 2.0 in 2025
Static Application Security Testing (SAST) found favor among security teams as an easy way to deploy security testing without really engaging developers. With the ability to …

CISOs don’t invest enough in code security
72% of security leaders agree that the age of AI necessitates a complete reset of how organizations approach application security, according to Cycode. This urgency is …

Tackling software vulnerabilities with smarter developer strategies
In this Help Net Security interview, Karl Mattson, CISO at Endor Labs, discusses strategies for enhancing secure software development. Mattson covers how developers can …

Choosing the right secure messaging app for your organization
In this Help Net Security interview, Liad Shnell, CTO at Rakuten Viber, discusses what organizations should look for in secure messaging apps, including encryption, privacy …
Featured news
Resources
Don't miss
- Windows 10: How to get security updates for free until 2026
- XBOW’s AI reached the top ranks on HackerOne, and now it has $75M to scale up
- Why the SOC needs its “Moneyball” moment
- From posture to prioritization: The shift toward unified runtime platforms
- Why should companies or organizations convert to FIDO security keys?