Security testing stories - Page 4

Checkmarx snaps up AI start-up Tromzo to fold reasoning-based agents into its AppSec platform and speed autonomous code security.

OpenID will launch global conformance tests for key digital ID standards from February 2026, supporting eIDAS 2.0 and other schemes.

SimSpace launches expanded cyber range to drill whole teams and AI models against adaptive, production-like cyber attacks at scale.

AI-native cyber attacks and synthetic IDs are forcing firms to shift from periodic checks to continuous, AI-driven security testing by 2026.

HackerOne hires new revenue and marketing chiefs to target soaring enterprise demand for AI-driven security and threat exposure tools.

CrowdStrike's Falcon platform scores 100% detection and protection with no false positives in MITRE's toughest cross-domain ATT&CK tests yet.

OWASP updates its Top 10 application security risks, with Software Supply Chain Failures now the third biggest concern for professionals worldwide.

Despite 89% piloting AI, 78% neglect core data security, leading to breaches largely from known vulnerabilities, warns new Tenable research.

Cobalt expands its Offensive Security Platform to offer continuous, AI-driven penetration testing, enhancing visibility and control for enterprise security teams.

Outpost24 launches an all-in-one PCI DSS compliance platform, combining certified expertise and automation to ease payment card security management.

Check Point and Lakera launch the open-source b3 benchmark to boost AI agents' LLM security against real-world cyber threats with threat snapshots.

Black Duck has been named a Leader in Gartner's 2025 Magic Quadrant for Application Security Testing for the eighth consecutive year, leading in execution.

Black Duck warns AI-driven rapid code deployments are outpacing security, risking vulnerabilities as manual checks and alert overload hinder protection efforts.

Google Cloud Security's CodeMender has already delivered 72 open-source security fixes, using Gemini Deep Think to patch vulnerabilities.

Integrating application security into DevSecOps is vital for managing risks and speeding AI-driven software delivery without overwhelming developers.

Financial services excel at preventing cyber vulnerabilities but take a median 61 days to fix issues, risking systemic exposure despite strong security programs.

AI vulnerability reports surged 210% as organisations boosted AI security by 270%, with prompt injection attacks rising 540%, HackerOne's report shows.

Astra Security has launched a new platform to identify and secure undocumented and shadow APIs, tackling rising threats from unmonitored digital interfaces.

Outpost24 has launched a unified platform integrating penetration test results, plus new mobile and API packages, to speed up vulnerability detection and response.

JFrog integrates partners like GitHub and Sonar to unify audit and compliance in AppTrust, streamlining governance across the AI-driven software lifecycle.