We cover appsec news on a weekly basis, but sometimes that news is merely about the start of a new project, sometimes it's yet another example of a vuln class, and sometimes it's a topic we hope doesn't become a trend.
So, what themes have we seen and where do we see them going? Here are a few headline topics that have alternately generated yays a...
Repetition extracts data from ChatGPT, more vulns in the software that surrounds AI, guidelines for secure AI, LogoFAIL trips a boot, BLUFFS attack on Bluetooth, CISA's first secure by design alert, Okta's updated breach disclosure, and more!
Meta has launched default end-to-end encryption on Messenger seven years after the introduction of encrypted chats as an opt-in feature in the messaging app, reports The Verge.
This year we've talked about vulns, clouds, breaches, presentations, and all the variations of Dev, Sec, and Ops. As we end the year, let's talk about starting things -- like starting an appsec program or an appsec career. But is there still a need for an appsec team? Or has it turned into specializations for areas like cloud security and bug bount...
Weak randomness in old JavaScript crypto, lack of encryption in purported end-to-end encryption, a platform engineering maturity model, PyPI's first security audit, vision for a Rust specification, and more!
Get weekly updates
The most current cybersecurity news involving application security.
Related Events
eSummit
Application security: Key trends, tools and techniques
Cybercast
Implementing a Practical AppSec Program: Expert Insights on Strategy & Execution
On-Demand Event
Cybercast
Application Security Posture Management is essential to your business. Here’s how to get there.