-
By John K. Waters
Azul launched a free assessment to help enterprises find and prioritize vulnerable Java runtimes as AI-assisted attacks increase patching pressure.
-
By ADTMag.com Editors
Investment targets open-source platforms, tools and infrastructure designed to support enterprise AI adoption.
-
By John K. Waters
Enterprise Java development teams are shifting engineering focus toward the stabilization and regression testing of the next Critical Patch Update (CPU) cycle for long-term support runtimes, including Java 25.
-
New projects aim to help developers add governance and security controls into AI agent development workflows.
-
By ADTMag.com Editors
Agreement expands use of Java technologies in Samsung Electronics’ global semiconductor software environment.
-
By John K. Waters
Protegrity, a data security company, has released software designed to help organizations secure artificial intelligence agent systems as businesses grapple with data protection concerns in AI deployments.
-
By John K. Waters
The JavaScript development community faced one of its most sophisticated supply chain attacks in September, when a self-replicating worm infiltrated the npm registry and compromised more than 180 packages. Dubbed "Shai-Hulud" after the giant sandworms in Frank Herbert's Dune novels, this malware demonstrated a new level of threat sophistication that should concern every development team.
-
By John K. Waters
Application security provider Qwiet AI has expanded its integrations with Microsoft Azure and GitHub and introduced new AI-powered AutoFix capabilities aimed at speeding secure software delivery.
-
By John K. Waters
NIST's new cybersecurity framework addresses the challenging choice between patching quickly and breaking everything.
-
By John K. Waters
The Eclipse Foundation has launched a European Commission-funded initiative to help small businesses and software developers comply with the EU's Cyber Resilience Act through free open-source tools.
-
By John K. Waters
SP 800-53 meets machine learning—and it's going to affect your code.
-
Microsoft marked the inaugural World Passkey Day (formerly World Password Day) by reaffirming its push toward a passwordless future—signing the FIDO Alliance’s Passkey Pledge and joining other major tech players in accelerating adoption of modern, developer-friendly authentication standards. For engineers, it’s a signal that passkeys are moving from optional to inevitable—and it’s time to start building with them in mind.
-
By John K. Waters
Application delivery platform Harness, in collaboration with recently acquired API security company Traceable, has unveiled Traceable Cloud WAAP, a next-generation Web Application and API Protection platform. The product, launched Tuesday, aims to provide full-stack, context-aware security for cloud-native environments and microservices architectures.
-
By John K. Waters
Oracle Corp on Tuesday announced the release of Oracle Jipher, a Java Cryptographic Service Provider designed to enable secure deployments of Java applications in U.S. government and enterprise environments that require FIPS 140-2 compliance.
-
By John K. Waters
Microsoft has supercharged its Security Copilot platform with 11 new autonomous AI agents designed to help developers and security teams triage phishing alerts, remediate vulnerabilities, and secure AI workloads across multi-cloud environments—marking a major step in automated cyber defense tools tailored for modern DevSecOps workflows.
-
Data security firm Rubrik has announced a collaboration with open-source software maker Red Hat to integrate Red Hat OpenShift Virtualization into Rubrik Security Cloud, aiming to streamline data protection for virtualized environments and enhance cyber resilience. The solution is expected to be generally available early next year.
-
By John K. Waters
Identity platform provider Stytch launches new device fingerprinting capabilities designed to provide enhanced fraud and bot protection for developers. The upgrade incorporates advanced AI functionality, offering an easy-to-integrate solution for boosting security within authentication flows, the company said. Stytch’s technology aims to provide seamless and highly accurate bot detection, reducing user friction and enhancing security without visible interventions.
-
By John K. Waters
JFrog has introduced a new runtime security solution aimed at enhancing software integrity and streamlining collaboration between developers and security teams. The addition of JFrog Runtime to the company’s existing security tools is meant to empower enterprises to embed security at every stage of the software development process, the company said, from writing source code to deploying applications in production.
-
Security firm CrowdStrike has revealed that a flaw in its testing software led to a faulty update, causing more than 8.5 million Windows systems to crash last week. In a blog post published today, the Austin-based company provided more details on the incident, which resulted in flight cancellations and disruptions to public services, including 911 systems.
-
By John K. Waters
A new JFrog survey found that malicious actors see the software supply chain (SSC) as the new "soft target," because there are fewer protections in place than in other enterprise systems. But there's a "significant disconnect" between senior executives/managers and developers when it comes to enterprise application security.
-
By John K. Waters
Waratek combines a Log4J Vulnerability Scanner and API security in its Java Security Platform to provide users with the ability to scale strategic risk mitigation in the enterprise.
-
By John K. Waters
White House publishes guidelines requiring government agencies to obtain formal assurances from third-party software providers that they are following secure software development practices.
-
By John K. Waters
The Spring Security team plans to release Spring Authorization Server, it long-awaited in November of this year.
-
By Mark J. Balbes, Ph.D.
Our Agile Architect wants to talk about lessons learned from his experiences with test automation. As usual, he does it in his own unique way.
-
By John K. Waters
App security tools provider Contrast Security adds software composition analysis capabilities to its free in CodeSec "developer-first" scanner.