The Ultimate Guide to Application Security
A curated Kiwi edition of TechDay news, analysis, interviews, reviews, job moves, and related resources for Application Security.
What to know about Application Security
Application Security focuses on protecting software applications from vulnerabilities and cyber threats throughout their development and operational life cycles. This critical field addresses challenges such as runtime protection, secure coding practices, DevSecOps integration, API security, cloud-native environments, and mitigating attacks like DDoS, supply chain risks, and malicious bot traffic.
Exploring the latest stories in Application Security reveals how advancements like AI and automation are enhancing threat detection, vulnerability management, and developer workflows, while highlighting ongoing risks found in mobile apps, open source components, and cloud deployments. Readers can gain insights into best practices, emerging technologies, and strategies to safeguard applications against evolving cyber threats.
Whether you’re a developer, security professional, or business leader, staying informed about Application Security developments helps in building resilient software, maintaining compliance, and protecting user data in an increasingly complex digital landscape.
Kiwi Application Security News
Regional stories with direct local relevance
Wellington startup launches Metaport for agency risk
Wellington startup Dcentrica has unveiled Metaport, a platform giving digital agencies real-time visibility of security and maintenance risk.
Capture The Bug adds US tech leaders for North American push
Hamilton-born Capture The Bug taps top US tech leaders to drive North American growth as demand rises for continuous security testing.
'Be very, very suspicious': Neighbourly breach makes users vulnerable - expert
Neighbourly breach puts up to a million users at risk as stolen GPS data and messages hit dark web, experts urge extreme vigilance online.
Rapid7 partners with Duo for strategic distribution in New Zealand
New Zealand's cybersecurity expenditure could boost as Rapid7 appoints Duo, a branch of Sektor, for strategic distribution.
Top cybersecurity achievements celebrated at 2023 iSANZ Awards
New Zealand's cybersecurity heroes, including KPMG's Philip Whitmore and BNZ teams, were honoured at the 2023 iSANZ Awards for advancing digital resilience nationwide.
Radware and Spark NZ enter cybersecurity partnership
Radware and Spark NZ have signed a partnership agreement to offer application and network security services in New Zealand.
Analyst Insights
Research and market analysis connected to Application Security
Cognizant launches Secure AI Services for enterprises
Check Point wins Frost & Sullivan recognition for WAF
Capsule Security raises $7 million to guard AI agents
Gigamon eyes AI-led surge in network observability
Legacy tech blocks AI projects across Asia Pacific
Featured News
Upwind Expands to Sydney: Real Time Cloud Security for APJ
The Sydney move follows a USD $250 million funding round as the cloud security firm bets on real-time protection for fast-growing AI workloads.
AI agents multiply risk, says DigiCert chief product officer
Many firms cannot see where their AI agents are, leaving identity, policy and supply-chain risks to grow as deployments scale.
Google Cloud CEO sets out enterprise AI agent plan
Enterprises will get one place to build, govern and run AI agents, as Google Cloud expands Gemini Enterprise across models, data and security.
'Human Risk' takes centre stage - Mimecast CEO
Mimecast chief warns human risk is now cybersecurity's 'eighth layer' as malicious insiders overtake negligence in Australian attacks.
UiPath Accelerates AI in Software Development and Testing
UiPath is pushing AI deeper into software testing, promising autonomous agents that transform quality assurance and developers' roles.
Grafana: Turning data chaos into developer efficiency and CFO savings
Grafana leans on AI-powered observability and Adaptive Telemetry to sharpen developer insight while slashing cloud bills by up to 50%.
Expert Columns
The evolving role of the CSO: From technical guardian to business strategist
From 398 to 200 Days: Understanding the TLS Certificate Lifespan Reduction
Secure by default: Moving beyond secure by design
Why the next endpoint and SASE disruption will not come from a security vendor
The security challenges in AI-assisted software development
Hybrid mesh security emerges to counter AI cyber risks
How AI-powered log management unlocks observability
AI surge exposes cloud security gaps, report warns
Agentic AI double agents expose dangerous security gaps
Automation vital as TLS certificate lifespans shrink
Interviews
Interviews and video coverage from the networkRecent Application Security News
Snyk expands reach across NZ market with new structure and leadership roles
Snyk is expanding its reach across the NZ market, aiming to further cement its place in the developer-focused security space.
Auldhouse significantly expands cybersecurity training offerings
Auldhouse set to become one of New Zealand's leading cybersecurity training providers, gaining official rights to the world's top cybersecurity certifications.
NZ financial firms bolster secure software development with Checkmarx
Two major financial institutions in New Zealand have refreshed their application security measures with the help of security specialist Checkmarx.
Chillisoft to distribute Imperva security solutions
Chillisoft adds Imperva to its cybersecurity portfolio, offering enterprise data security, web application, BOT protection, and CDN solutions.
The three-pronged security approach to multi-cloud environments
As enterprises adopt multi-cloud strategies, vArmour simplifies security with a three-pronged approach: auto-discovery, policy computation, and enforcement.
Secure Code Warrior launches Bedrock security training
Developers using generative AI will get hands-on lessons on prompt injection and data leakage as AWS expands Bedrock adoption.
AI now routine in cyber attacks, Google report finds
Security teams face a broader threat as criminals and state-backed actors use generative AI to speed hacks, phishing and malware.
Sonatype joins Linux Foundation registry working group
Sonatype joins Linux Foundation registry working group to tackle funding, governance and security pressures as package downloads near 10 trillion.
Netskope launches AgentSkope AI agents for security teams
It aims to reduce alert fatigue for security teams, with one beta customer processing 14 million daily alerts in minutes instead of hours.
WatchGuard buys Perimeters.io in cloud security push
MSPs will gain a single platform for cloud threat detection as the deal widens WatchGuard's reach into identity and SaaS security.
KnowBe4 partners Secure Code Warrior on AI training
Organisations using AI in software development will get training on secure coding and governance as vulnerabilities and data risks mount.
OpenAI launches GPT-5.5-Cyber for vetted defenders
Vetted security teams will get fewer refusals on authorised tasks as OpenAI tightens access around its most permissive cyber model.
Rapid7 joins OpenAI cyber programme to speed defence
The tie-up could help security teams cut false alarms and patch faster as automated attacks shrink defenders’ reaction time.
Synack launches Sara AI Pentesting for wider coverage
The move aims to widen security coverage as firms struggle to test expanding attack surfaces quickly enough.
Malicious OpenClaw skill spreads Remcos RAT & GhostLoader
AI agent workflows are being targeted by a fake OpenClaw skill that installs Remcos RAT and GhostLoader on Windows, macOS and Linux.
AI inference becomes core operational workload in firms
Most firms are now running AI in production, with hybrid clouds and security controls becoming crucial as inference overtakes training.
Vega spots Weaver E-cology attacks within days of patch
Attackers were exploiting a critical Weaver E-cology flaw within five days of the vendor patch, Vega said, with repeated attempts blocked.
Saiga phishing kit returns to bypass multifactor auth
Session cookie theft lets attackers slip past multifactor checks, putting enterprise email accounts at risk even after login.
Kamiwaza launches AI platform for regulated sectors
Regulated organisations can now run AI across distributed data while preserving access controls, audit trails and compliance boundaries.
Chainguard launches compliant EKS add-ons in AWS Marketplace
The listing gives regulated AWS customers a faster route to compliant Kubernetes components, avoiding custom hardening and patching work.