The Ultimate Guide to Application Security
A curated Kiwi edition of TechDay news, analysis, interviews, reviews, job moves, and related resources for Application Security.
What to know about Application Security
Application Security focuses on protecting software applications from vulnerabilities and cyber threats throughout their development and operational life cycles. This critical field addresses challenges such as runtime protection, secure coding practices, DevSecOps integration, API security, cloud-native environments, and mitigating attacks like DDoS, supply chain risks, and malicious bot traffic.
Exploring the latest stories in Application Security reveals how advancements like AI and automation are enhancing threat detection, vulnerability management, and developer workflows, while highlighting ongoing risks found in mobile apps, open source components, and cloud deployments. Readers can gain insights into best practices, emerging technologies, and strategies to safeguard applications against evolving cyber threats.
Whether you’re a developer, security professional, or business leader, staying informed about Application Security developments helps in building resilient software, maintaining compliance, and protecting user data in an increasingly complex digital landscape.
Kiwi Application Security News
Regional stories with direct local relevance
Wellington startup launches Metaport for agency risk
Wellington startup Dcentrica has unveiled Metaport, a platform giving digital agencies real-time visibility of security and maintenance risk.
Capture The Bug adds US tech leaders for North American push
Hamilton-born Capture The Bug taps top US tech leaders to drive North American growth as demand rises for continuous security testing.
'Be very, very suspicious': Neighbourly breach makes users vulnerable - expert
Neighbourly breach puts up to a million users at risk as stolen GPS data and messages hit dark web, experts urge extreme vigilance online.
Rapid7 partners with Duo for strategic distribution in New Zealand
New Zealand's cybersecurity expenditure could boost as Rapid7 appoints Duo, a branch of Sektor, for strategic distribution.
Top cybersecurity achievements celebrated at 2023 iSANZ Awards
New Zealand's cybersecurity heroes, including KPMG's Philip Whitmore and BNZ teams, were honoured at the 2023 iSANZ Awards for advancing digital resilience nationwide.
Radware and Spark NZ enter cybersecurity partnership
Radware and Spark NZ have signed a partnership agreement to offer application and network security services in New Zealand.
Analyst Insights
Research and market analysis connected to Application Security
Check Point wins Frost & Sullivan recognition for WAF
Capsule Security raises $7 million to guard AI agents
Gigamon eyes AI-led surge in network observability
Legacy tech blocks AI projects across Asia Pacific
Survey finds organisations struggle to secure unstructured data
Featured News
Upwind Expands to Sydney: Real Time Cloud Security for APJ
Upwind Security opens a Sydney base to serve APJ customers with real-time cloud and AI workload protection, backed by a USD $250 million funding round.
AI agents multiply risk, says DigiCert chief product officer
DigiCert's Chief Product Officer Deepika Chahuan says organisations must gain visibility over AI agents, or risk chaos as deployments accelerate.
Google Cloud CEO sets out enterprise AI agent plan
Google Cloud's Thomas Kurian unveils Gemini Enterprise as an open, secure workplace AI platform linking models, data, chips and security.
'Human Risk' takes centre stage - Mimecast CEO
Mimecast chief warns human risk is now cybersecurity's 'eighth layer' as malicious insiders overtake negligence in Australian attacks.
UiPath Accelerates AI in Software Development and Testing
UiPath is pushing AI deeper into software testing, promising autonomous agents that transform quality assurance and developers' roles.
Grafana: Turning data chaos into developer efficiency and CFO savings
Grafana leans on AI-powered observability and Adaptive Telemetry to sharpen developer insight while slashing cloud bills by up to 50%.
Expert Columns
The evolving role of the CSO: From technical guardian to business strategist
From 398 to 200 Days: Understanding the TLS Certificate Lifespan Reduction
Secure by default: Moving beyond secure by design
Why the next endpoint and SASE disruption will not come from a security vendor
The security challenges in AI-assisted software development
Hybrid mesh security emerges to counter AI cyber risks
How AI-powered log management unlocks observability
AI surge exposes cloud security gaps, report warns
Agentic AI double agents expose dangerous security gaps
Automation vital as TLS certificate lifespans shrink
Interviews
Interviews and video coverage from the networkRecent Application Security News
Snyk expands reach across NZ market with new structure and leadership roles
Snyk is expanding its reach across the NZ market, aiming to further cement its place in the developer-focused security space.
Auldhouse significantly expands cybersecurity training offerings
Auldhouse set to become one of New Zealand's leading cybersecurity training providers, gaining official rights to the world's top cybersecurity certifications.
NZ financial firms bolster secure software development with Checkmarx
Two major financial institutions in New Zealand have refreshed their application security measures with the help of security specialist Checkmarx.
Chillisoft to distribute Imperva security solutions
Chillisoft adds Imperva to its cybersecurity portfolio, offering enterprise data security, web application, BOT protection, and CDN solutions.
The three-pronged security approach to multi-cloud environments
As enterprises adopt multi-cloud strategies, vArmour simplifies security with a three-pronged approach: auto-discovery, policy computation, and enforcement.
Vega spots Weaver E-cology attacks within days of patch
Vega says attackers began exploiting a critical Weaver E-cology remote code execution flaw within five days of the vendor patch, with no lasting foothold.
Saiga phishing kit returns to bypass multifactor auth
Barracuda spots Saiga 2FA phishing kit revival as attackers use dynamic pages and cookie theft to sidestep multifactor authentication.
Kamiwaza launches AI platform for regulated sectors
Kamiwaza AI debuts version 1.0 platform for healthcare, banking and government users, promising governed access and hardened infrastructure.
Chainguard launches compliant EKS add-ons in AWS Marketplace
Chainguard brings compliant EKS add-ons to AWS Marketplace, giving regulated organisations FIPS 140-3 validated Kubernetes components with zero known CVEs.
Tenable finds GitHub workflow flaw in Microsoft repo
Tenable flags GitHub workflow flaw in Microsoft's Windows-driver-samples repo that could let attackers run code and reach secrets.
Cloudflare warns of AI code review prompt injection
Cloudflare says indirect prompt injection can fool AI code reviewers, with malicious scripts slipping past models when buried in large files and comment noise.
Qilin drives 43% rise in ransomware attacks
Qilin-linked ransomware attacks jumped 43% in March, NCC Group says, as AI-fuelled deception and software flaws widen the threat picture.
OpenObserve raises USD $10 million for Observability 3.0
OpenObserve wins USD $10 million backing to expand its Observability 3.0 platform, adding AI SRE and LLM monitoring for enterprise customers.
Intruder launches AI pentesting for faster validation
Intruder's new AI Pentesting tool aims to validate scanner findings in minutes, easing pressure on security teams facing faster-moving threats.
Keeper Security launches Agent Kit for AI coding agents
Keeper Security launches Agent Kit to let AI coding assistants handle secrets and admin tasks without exposing credentials in chat logs.
Intruder launches AI pentesting to cut vulnerability triage
Intruder launches AI Pentesting to help security teams validate scanner findings faster as pressure mounts over shrinking exploit windows.
Virtana adds AWS Bedrock Guardrails support to AI Factory
Virtana expands AI Factory Observability with AWS Bedrock Guardrails support, giving security teams deeper insight into enterprise LLM behaviour and anomalies.
AI is biggest cyber threat to CISOs, NCC Group warns
Artificial intelligence heightens cyber risk for chief information security officers as ransomware attacks rise 22% in March, NCC Group says.
Bots make up 53% of web traffic, Thales report says
Thales says AI-driven bots now account for 53% of web traffic, as malicious automation surges and API attacks intensify across finance.
.webp)
Qualys warns cloud risk now stems from identity design
Qualys report says cloud breaches are increasingly driven by identity design, delegated trust and slow remediation as AI widens exposure.