Vibe coding to vibe hacking: securing software in the AI era

In a vibe-hacked world, security must be ongoing, proactive, and fully integrated into the software development lifecycle. As engineering leaders, we need to create spaces where AI is used safely and ...

Amazon's new AI can code for days without human help. What does that mean for software engineers?

Amazon Web Services has unveiled new autonomous AI “frontier agents” that can code, secure and operate software for days ...

Amazon previews 3 AI agents, including ‘Kiro’ that can code on its own for days

Amazon Web Services on Tuesday announced three new AI agents it calls "Frontier agents" for coding, security, and DevOps.
Forbes

Software Supply Chain Risks (And Steps To Strengthen Security)

As software supply chains grow increasingly interconnected, security threats continue to evolve. While common risks like third-party vulnerabilities and dependency issues are well-known, less-common ...
MIT Technology Review

Integrating security from code to cloud

In today’s open-source software environments, businesses need to embrace a new approach to security. In partnership withMicrosoft Azure and AMD The Human Genome Project, SpaceX’s rocket technology, ...

Solo Founder Launches Cybox Security: A Virtual Security Team for the AI-Era

Cybox Security today announced its entry into the cybersecurity landscape with a mission to provide enterprise-grade security to development teams without requiring a dedicated security department.
Business Wire

AI-Generated Code Poses Major Security Risks in Nearly Half of All Development Tasks, Veracode Research Reveals

BURLINGTON, Mass.--(BUSINESS WIRE)--Veracode, a global leader in application risk management, today unveiled its 2025 GenAI Code Security Report, revealing critical security flaws in AI-generated code ...

How Agentic AI Will Finally Make Security 'Shift Left' Real

If you are building software in 2025, you are racing two clocks: how fast you can ship and how quickly risk piles up.
Dark Reading

Compromised Software Code Poses New Systemic Risk to U.S. Critical Infrastructure

ORLANDO, FL — December 5, 2024 — The code that makes up the software now powering U.S. utilities is rife with vulnerabilities, including hundreds that are “highly exploitable,” a new research report ...
Dark Reading

Rust Code Delivers Better Security, Also Streamlines DevOps

Software teams at Google and other Rust adopters see safer code when using the memory-safe language, and also fewer rollbacks ...
SD Times

Log4j is just the beginning – Secure your software with no-code DevOps orchestration

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
CSOonline

7 top software supply chain security tools

These tools will help identify vulnerabilities and threats posed by third-party code through software composition analysis and SBOM creation. As the fallout from the Apache Log4J vulnerabilities ...