https://appsecuritystandards.org/ https://appsecuritystandards.org/glossary https://appsecuritystandards.org/glossary/ai-agent-security2026-04-19T04:03:58.408Z https://appsecuritystandards.org/glossary/ai-red-teaming2026-04-19T04:24:59.180Z https://appsecuritystandards.org/glossary/api-abuse2026-04-18T17:52:10.839Z https://appsecuritystandards.org/glossary/api-discovery2026-04-18T18:01:17.277Z https://appsecuritystandards.org/glossary/api-enumeration2026-04-18T17:56:29.570Z https://appsecuritystandards.org/glossary/api-gateway2026-04-19T10:51:51.366Z https://appsecuritystandards.org/glossary/api-posture-management2026-04-18T18:06:10.928Z https://appsecuritystandards.org/glossary/api-schema-validation2026-04-18T15:29:49.628Z https://appsecuritystandards.org/glossary/api-security2026-04-19T12:20:43.022Z https://appsecuritystandards.org/glossary/abuse-case-modeling2026-04-19T13:06:33.399Z https://appsecuritystandards.org/glossary/access-control2026-04-18T16:00:39.180Z https://appsecuritystandards.org/glossary/adversarial-machine-learning-attacks2026-04-19T03:57:41.566Z https://appsecuritystandards.org/glossary/agent-tool-abuse2026-04-19T04:12:06.297Z https://appsecuritystandards.org/glossary/anomaly-detection2026-04-19T03:16:56.367Z https://appsecuritystandards.org/glossary/application-detection-and-response2026-04-18T17:13:35.906Z https://appsecuritystandards.org/glossary/application-layer-encryption2026-04-19T00:44:52.146Z https://appsecuritystandards.org/glossary/application-monitoring2026-04-19T02:47:10.405Z https://appsecuritystandards.org/glossary/application-risk2026-04-19T12:42:36.221Z https://appsecuritystandards.org/glossary/application-security2026-04-18T14:25:42.399Z https://appsecuritystandards.org/glossary/application-security-posture-management2026-04-19T12:58:39.496Z https://appsecuritystandards.org/glossary/artifact-registry-security2026-04-19T10:40:48.230Z https://appsecuritystandards.org/glossary/artifact-signing2026-04-19T13:38:41.762Z https://appsecuritystandards.org/glossary/artificial-intelligence-security2026-04-19T03:32:02.904Z https://appsecuritystandards.org/glossary/attack-path2026-04-18T14:55:11.638Z https://appsecuritystandards.org/glossary/attack-path-analysis2026-04-18T14:59:46.638Z https://appsecuritystandards.org/glossary/attack-surface2026-04-18T14:53:31.519Z https://appsecuritystandards.org/glossary/attack-vector2026-04-18T15:04:48.228Z https://appsecuritystandards.org/glossary/attribute-based-access-control2026-04-18T16:06:38.628Z https://appsecuritystandards.org/glossary/audit-logging2026-04-19T12:44:16.411Z https://appsecuritystandards.org/glossary/authentication2026-04-19T13:54:23.138Z https://appsecuritystandards.org/glossary/authorization2026-04-18T15:56:06.315Z https://appsecuritystandards.org/glossary/autonomous-agent-risk2026-04-19T13:09:59.690Z https://appsecuritystandards.org/glossary/breach-and-attack-simulation2026-04-19T14:15:46.095Z https://appsecuritystandards.org/glossary/broken-access-control2026-04-19T01:35:45.085Z https://appsecuritystandards.org/glossary/broken-authentication2026-04-19T01:34:14.488Z https://appsecuritystandards.org/glossary/broken-function-level-authorization2026-04-18T18:17:38.657Z https://appsecuritystandards.org/glossary/broken-object-level-authorization2026-04-18T18:14:39.827Z https://appsecuritystandards.org/glossary/brute-force-attack2026-04-19T13:32:04.066Z https://appsecuritystandards.org/glossary/bug-bounty-programs2026-04-19T04:49:50.571Z https://appsecuritystandards.org/glossary/build-provenance2026-04-18T21:07:27.763Z https://appsecuritystandards.org/glossary/build-security2026-04-19T12:26:14.272Z https://appsecuritystandards.org/glossary/business-logic-attacks2026-04-18T15:40:33.054Z https://appsecuritystandards.org/glossary/business-logic-vulnerabilities2026-04-19T01:49:04.985Z https://appsecuritystandards.org/glossary/cicd-security2026-04-18T19:01:24.771Z https://appsecuritystandards.org/glossary/cache-poisoning2026-04-19T10:39:12.851Z https://appsecuritystandards.org/glossary/clickjacking2026-04-19T01:46:05.599Z https://appsecuritystandards.org/glossary/cloud-identity-and-access-management2026-04-18T23:34:06.896Z https://appsecuritystandards.org/glossary/cloud-security-posture-management2026-04-18T22:37:12.060Z https://appsecuritystandards.org/glossary/cloud-workload-protection-platform2026-04-18T22:41:38.274Z https://appsecuritystandards.org/glossary/cloud-native-application-protection-platform2026-04-19T14:08:17.196Z https://appsecuritystandards.org/glossary/cloud-native-security2026-04-18T22:33:57.496Z https://appsecuritystandards.org/glossary/code-signing2026-04-18T21:02:28.330Z https://appsecuritystandards.org/glossary/command-injection2026-04-19T01:19:07.860Z https://appsecuritystandards.org/glossary/common-vulnerabilities-and-exposures2026-04-18T21:36:26.112Z https://appsecuritystandards.org/glossary/common-vulnerability-scoring-system2026-04-18T21:40:17.317Z https://appsecuritystandards.org/glossary/compensating-controls2026-04-18T16:51:24.572Z https://appsecuritystandards.org/glossary/compliance-as-code2026-04-19T10:57:19.836Z https://appsecuritystandards.org/glossary/configuration-drift2026-04-18T19:45:16.267Z https://appsecuritystandards.org/glossary/container-escape2026-04-18T23:00:30.299Z https://appsecuritystandards.org/glossary/container-hardening2026-04-18T23:05:44.241Z https://appsecuritystandards.org/glossary/container-security2026-04-18T22:58:42.848Z https://appsecuritystandards.org/glossary/content-security-policy2026-04-19T02:05:31.947Z https://appsecuritystandards.org/glossary/continuous-compliance2026-04-19T04:37:29.025Z https://appsecuritystandards.org/glossary/continuous-security-validation2026-04-19T03:28:25.575Z https://appsecuritystandards.org/glossary/control-mapping2026-04-19T04:29:22.905Z https://appsecuritystandards.org/glossary/cookie-security2026-04-19T02:25:50.466Z https://appsecuritystandards.org/glossary/coordinated-vulnerability-disclosure2026-04-19T12:27:37.012Z https://appsecuritystandards.org/glossary/credential-stuffing2026-04-18T18:48:12.183Z https://appsecuritystandards.org/glossary/cross-origin-resource-sharing2026-04-19T11:50:38.908Z https://appsecuritystandards.org/glossary/cross-site-request-forgery2026-04-19T01:26:14.905Z https://appsecuritystandards.org/glossary/cross-site-scripting2026-04-19T01:24:47.332Z https://appsecuritystandards.org/glossary/data-access-auditing2026-04-19T00:26:42.074Z https://appsecuritystandards.org/glossary/data-classification2026-04-19T00:01:19.438Z https://appsecuritystandards.org/glossary/data-loss-prevention2026-04-19T00:07:56.535Z https://appsecuritystandards.org/glossary/data-masking2026-04-19T00:14:25.841Z https://appsecuritystandards.org/glossary/data-minimization2026-04-19T00:24:50.065Z https://appsecuritystandards.org/glossary/data-poisoning2026-04-19T03:47:02.521Z https://appsecuritystandards.org/glossary/data-protection2026-04-19T00:06:08.286Z https://appsecuritystandards.org/glossary/defense-in-depth2026-04-18T16:43:26.161Z https://appsecuritystandards.org/glossary/dependency-confusion2026-04-18T20:28:49.446Z https://appsecuritystandards.org/glossary/dependency-management2026-04-18T20:20:24.315Z https://appsecuritystandards.org/glossary/dependency-pinning2026-04-18T20:33:51.629Z https://appsecuritystandards.org/glossary/dependency-scanning2026-04-18T20:25:21.800Z https://appsecuritystandards.org/glossary/deserialization-attacks2026-04-19T01:43:06.586Z https://appsecuritystandards.org/glossary/detection-engineering2026-04-19T03:09:43.944Z https://appsecuritystandards.org/glossary/developer-security-training2026-04-18T17:40:33.347Z https://appsecuritystandards.org/glossary/development-security-and-operations2026-04-18T18:59:39.722Z https://appsecuritystandards.org/glossary/directory-traversal2026-04-19T01:44:34.797Z https://appsecuritystandards.org/glossary/drift-detection2026-04-18T19:50:11.264Z https://appsecuritystandards.org/glossary/dynamic-application-security-testing2026-04-19T11:01:14.045Z https://appsecuritystandards.org/glossary/encryption-key-rotation2026-04-19T00:54:26.660Z https://appsecuritystandards.org/glossary/encryption-at-rest2026-04-19T00:36:45.241Z https://appsecuritystandards.org/glossary/encryption-in-transit2026-04-19T00:41:52.282Z https://appsecuritystandards.org/glossary/environment-isolation2026-04-18T20:02:48.994Z https://appsecuritystandards.org/glossary/ephemeral-workloads2026-04-18T23:29:21.473Z https://appsecuritystandards.org/glossary/exploit-chaining2026-04-18T22:09:14.625Z https://appsecuritystandards.org/glossary/exploit-prediction-scoring-system2026-04-18T21:43:23.888Z https://appsecuritystandards.org/glossary/exploitability2026-04-19T11:56:05.175Z https://appsecuritystandards.org/glossary/exposure-management2026-04-18T15:15:57.637Z https://appsecuritystandards.org/glossary/exposure-validation2026-04-18T15:19:27.340Z https://appsecuritystandards.org/glossary/false-negatives2026-04-18T22:20:04.998Z https://appsecuritystandards.org/glossary/false-positives2026-04-19T13:30:19.842Z https://appsecuritystandards.org/glossary/fine-grained-authorization2026-04-18T16:09:47.816Z https://appsecuritystandards.org/glossary/function-as-a-service-security2026-04-18T23:20:56.593Z https://appsecuritystandards.org/glossary/fuzz-testing2026-04-19T13:00:23.626Z https://appsecuritystandards.org/glossary/graphql-introspection-abuse2026-04-18T15:42:57.070Z https://appsecuritystandards.org/glossary/graphql-security2026-04-19T13:01:48.384Z https://appsecuritystandards.org/glossary/http-request-smuggling2026-04-19T13:36:47.828Z https://appsecuritystandards.org/glossary/hallucination-exploitation2026-04-19T04:20:18.131Z https://appsecuritystandards.org/glossary/host-header-injection2026-04-19T02:02:13.523Z https://appsecuritystandards.org/glossary/ide-security-plugins2026-04-18T17:39:09.248Z https://appsecuritystandards.org/glossary/identity-federation2026-04-18T16:11:10.341Z https://appsecuritystandards.org/glossary/identity-threat-detection-and-response2026-04-18T16:16:59.150Z https://appsecuritystandards.org/glossary/identity-and-access-management2026-04-18T16:40:19.394Z https://appsecuritystandards.org/glossary/image-scanning2026-04-18T23:07:09.596Z https://appsecuritystandards.org/glossary/immutable-infrastructure2026-04-18T19:40:24.991Z https://appsecuritystandards.org/glossary/indicators-of-attack2026-04-19T02:59:05.404Z https://appsecuritystandards.org/glossary/indicators-of-compromise2026-04-19T02:57:33.683Z https://appsecuritystandards.org/glossary/infrastructure-as-code-security2026-04-18T19:37:26.587Z https://appsecuritystandards.org/glossary/injection-attacks2026-04-19T01:15:36.564Z https://appsecuritystandards.org/glossary/insecure-deserialization2026-04-19T01:41:27.313Z https://appsecuritystandards.org/glossary/instance-metadata-attacks2026-04-18T23:40:49.005Z https://appsecuritystandards.org/glossary/interactive-application-security-testing2026-04-18T17:24:02.724Z https://appsecuritystandards.org/glossary/json-web-token2026-04-19T12:55:44.936Z https://appsecuritystandards.org/glossary/jailbreaking2026-04-19T03:59:12.677Z https://appsecuritystandards.org/glossary/just-enough-access2026-04-19T13:21:17.764Z https://appsecuritystandards.org/glossary/just-in-time-access2026-04-18T18:07:35.521Z https://appsecuritystandards.org/glossary/key-management2026-04-19T13:17:09.744Z https://appsecuritystandards.org/glossary/kill-chain2026-04-18T15:06:30.082Z https://appsecuritystandards.org/glossary/known-exploited-vulnerabilities2026-04-18T21:48:55.610Z https://appsecuritystandards.org/glossary/kubernetes-security2026-04-19T13:34:18.553Z https://appsecuritystandards.org/glossary/large-language-model-security2026-04-19T03:37:44.032Z https://appsecuritystandards.org/glossary/lateral-movement2026-04-19T02:45:33.981Z https://appsecuritystandards.org/glossary/least-privilege2026-04-18T16:30:26.993Z https://appsecuritystandards.org/glossary/lockfiles2026-04-18T20:35:30.837Z https://appsecuritystandards.org/glossary/machine-identity-management2026-04-18T16:18:42.544Z https://appsecuritystandards.org/glossary/maintainer-account-takeover2026-04-18T20:47:08.497Z https://appsecuritystandards.org/glossary/malicious-packages2026-04-18T20:42:15.761Z https://appsecuritystandards.org/glossary/man-in-the-middle-attack2026-04-19T02:36:55.098Z https://appsecuritystandards.org/glossary/membership-inference-attacks2026-04-19T03:56:06.465Z https://appsecuritystandards.org/glossary/memory-corruption2026-04-19T05:07:43.183Z https://appsecuritystandards.org/glossary/memory-safety2026-04-19T13:42:35.865Z https://appsecuritystandards.org/glossary/microsegmentation2026-04-19T13:52:23.643Z https://appsecuritystandards.org/glossary/misuse-cases2026-04-19T14:04:23.316Z https://appsecuritystandards.org/glossary/model-drift2026-04-19T04:15:00.884Z https://appsecuritystandards.org/glossary/model-inversion-attacks2026-04-19T03:50:03.422Z https://appsecuritystandards.org/glossary/model-security2026-04-19T03:42:31.825Z https://appsecuritystandards.org/glossary/model-supply-chain-security2026-04-19T03:44:06.160Z https://appsecuritystandards.org/glossary/multi-factor-authentication2026-04-18T18:38:02.042Z https://appsecuritystandards.org/glossary/network-segmentation2026-04-19T11:38:20.367Z https://appsecuritystandards.org/glossary/oauth2026-04-18T18:19:29.604Z https://appsecuritystandards.org/glossary/owasp-api-security-top-102026-04-19T13:04:58.928Z https://appsecuritystandards.org/glossary/open-redirect2026-04-19T02:00:06.053Z https://appsecuritystandards.org/glossary/openid-connect2026-04-18T18:22:48.025Z https://appsecuritystandards.org/glossary/output-filtering2026-04-19T04:23:29.513Z https://appsecuritystandards.org/glossary/pasta2026-04-19T11:24:19.803Z https://appsecuritystandards.org/glossary/package-integrity2026-04-19T11:49:06.994Z https://appsecuritystandards.org/glossary/parameter-pollution2026-04-19T02:03:52.756Z https://appsecuritystandards.org/glossary/password-spraying2026-04-18T18:54:30.587Z https://appsecuritystandards.org/glossary/penetration-testing2026-04-18T17:29:00.345Z https://appsecuritystandards.org/glossary/personally-identifiable-information2026-04-19T01:03:17.437Z https://appsecuritystandards.org/glossary/pipeline-security2026-04-18T19:03:26.552Z https://appsecuritystandards.org/glossary/policy-enforcement2026-04-19T12:34:36.761Z https://appsecuritystandards.org/glossary/policy-as-code2026-04-18T19:28:49.276Z https://appsecuritystandards.org/glossary/pre-commit-hooks2026-04-18T17:37:11.772Z https://appsecuritystandards.org/glossary/privacy-by-design2026-04-19T00:32:05.154Z https://appsecuritystandards.org/glossary/privilege-escalation2026-04-19T02:44:00.125Z https://appsecuritystandards.org/glossary/privileged-access-management2026-04-18T16:34:56.070Z https://appsecuritystandards.org/glossary/prompt-injection2026-04-19T03:39:23.919Z https://appsecuritystandards.org/glossary/provenance-attestation2026-04-18T21:13:26.296Z https://appsecuritystandards.org/glossary/purple-teaming2026-04-19T03:22:06.468Z https://appsecuritystandards.org/glossary/race-conditions2026-04-19T01:50:53.163Z https://appsecuritystandards.org/glossary/rate-limit-bypass2026-04-18T15:46:01.814Z https://appsecuritystandards.org/glossary/rate-limiting2026-04-18T15:44:29.352Z https://appsecuritystandards.org/glossary/reachability-analysis2026-04-18T22:10:40.554Z https://appsecuritystandards.org/glossary/remote-code-execution2026-04-19T01:32:29.012Z https://appsecuritystandards.org/glossary/replay-attack2026-04-19T02:40:43.913Z https://appsecuritystandards.org/glossary/reproducible-builds2026-04-18T21:19:55.045Z https://appsecuritystandards.org/glossary/responsible-disclosure2026-04-19T04:54:22.974Z https://appsecuritystandards.org/glossary/retrieval-augmented-generation-security2026-04-19T04:02:35.364Z https://appsecuritystandards.org/glossary/risk-acceptance2026-04-18T22:29:00.277Z https://appsecuritystandards.org/glossary/risk-prioritization2026-04-18T21:58:39.832Z https://appsecuritystandards.org/glossary/risk-based-vulnerability-management2026-04-19T13:23:06.477Z https://appsecuritystandards.org/glossary/role-based-access-control2026-04-18T16:04:41.764Z https://appsecuritystandards.org/glossary/runtime-application-self-protection2026-04-18T22:48:08.456Z https://appsecuritystandards.org/glossary/runtime-detection2026-04-19T03:14:03.391Z https://appsecuritystandards.org/glossary/runtime-security2026-04-18T22:46:24.011Z https://appsecuritystandards.org/glossary/sbom-enrichment2026-04-18T20:16:49.496Z https://appsecuritystandards.org/glossary/sql-injection2026-04-19T01:17:19.869Z https://appsecuritystandards.org/glossary/stride2026-04-19T12:15:54.239Z https://appsecuritystandards.org/glossary/same-origin-policy2026-04-19T02:31:52.146Z https://appsecuritystandards.org/glossary/secrets-management2026-04-18T19:53:11.283Z https://appsecuritystandards.org/glossary/secrets-rotation2026-04-19T00:57:46.089Z https://appsecuritystandards.org/glossary/secrets-scanning2026-04-19T10:35:32.865Z https://appsecuritystandards.org/glossary/secrets-sprawl2026-04-19T14:02:45.350Z https://appsecuritystandards.org/glossary/secure-defaults2026-04-19T05:10:56.412Z https://appsecuritystandards.org/glossary/secure-software-development-lifecycle2026-04-19T10:37:21.519Z https://appsecuritystandards.org/glossary/security-architecture-review2026-04-18T16:52:53.939Z https://appsecuritystandards.org/glossary/security-champions-program2026-04-18T17:42:10.598Z https://appsecuritystandards.org/glossary/security-code-review2026-04-18T17:30:37.367Z https://appsecuritystandards.org/glossary/security-debt2026-04-18T22:24:36.231Z https://appsecuritystandards.org/glossary/security-effectiveness2026-04-19T04:45:19.542Z https://appsecuritystandards.org/glossary/security-headers2026-04-19T12:23:51.233Z https://appsecuritystandards.org/glossary/security-maturity-model2026-04-19T04:40:04.927Z https://appsecuritystandards.org/glossary/security-misconfiguration2026-04-18T15:25:00.382Z https://appsecuritystandards.org/glossary/security-posture2026-04-19T04:38:38.960Z https://appsecuritystandards.org/glossary/security-as-code2026-04-18T19:27:22.320Z https://appsecuritystandards.org/glossary/sensitive-data-exposure2026-04-19T10:42:27.699Z https://appsecuritystandards.org/glossary/server-side-request-forgery2026-04-19T01:27:46.442Z https://appsecuritystandards.org/glossary/serverless-misconfiguration2026-04-19T13:40:36.875Z https://appsecuritystandards.org/glossary/serverless-security2026-04-18T23:15:09.544Z https://appsecuritystandards.org/glossary/service-accounts2026-04-18T23:39:01.425Z https://appsecuritystandards.org/glossary/session-fixation2026-04-18T18:31:24.401Z https://appsecuritystandards.org/glossary/session-hijacking2026-04-18T18:33:26.037Z https://appsecuritystandards.org/glossary/session-management2026-04-18T18:29:56.065Z https://appsecuritystandards.org/glossary/shadow-apis2026-04-18T15:31:41.167Z https://appsecuritystandards.org/glossary/shift-left2026-04-18T19:19:32.039Z https://appsecuritystandards.org/glossary/shift-right2026-04-18T19:23:59.805Z https://appsecuritystandards.org/glossary/sigstore2026-04-18T21:16:34.151Z https://appsecuritystandards.org/glossary/single-sign-on2026-04-18T18:43:24.909Z https://appsecuritystandards.org/glossary/software-bill-of-materials2026-04-18T20:09:51.758Z https://appsecuritystandards.org/glossary/software-composition-analysis2026-04-18T17:25:34.983Z https://appsecuritystandards.org/glossary/software-supply-chain2026-04-18T20:04:08.163Z https://appsecuritystandards.org/glossary/static-application-security-testing2026-04-18T17:17:35.663Z https://appsecuritystandards.org/glossary/subresource-integrity2026-04-19T02:18:55.018Z https://appsecuritystandards.org/glossary/supply-chain-risk2026-04-18T20:05:26.778Z https://appsecuritystandards.org/glossary/supply-chain-levels-for-software-artifacts2026-04-18T20:11:19.440Z https://appsecuritystandards.org/glossary/threat-detection2026-04-19T03:15:27.806Z https://appsecuritystandards.org/glossary/threat-hunting2026-04-19T03:04:40.057Z https://appsecuritystandards.org/glossary/threat-intelligence-feeds2026-04-19T05:15:22.613Z https://appsecuritystandards.org/glossary/threat-modeling2026-04-18T14:32:42.985Z https://appsecuritystandards.org/glossary/threat-surface-management2026-04-18T15:10:50.163Z https://appsecuritystandards.org/glossary/token-based-authentication2026-04-19T13:50:31.122Z https://appsecuritystandards.org/glossary/tokenization2026-04-19T14:18:30.078Z https://appsecuritystandards.org/glossary/tool-injection2026-04-19T10:44:22.875Z https://appsecuritystandards.org/glossary/trust-boundary2026-04-18T17:06:44.316Z https://appsecuritystandards.org/glossary/typosquatting2026-04-19T12:38:38.637Z https://appsecuritystandards.org/glossary/vulnerability-exploitability-exchange2026-04-19T12:40:44.416Z https://appsecuritystandards.org/glossary/vulnerability-management2026-04-18T21:25:00.835Z https://appsecuritystandards.org/glossary/vulnerability-scanning2026-04-18T17:32:08.972Z https://appsecuritystandards.org/glossary/web-application-firewall2026-04-18T23:56:33.645Z https://appsecuritystandards.org/glossary/web-cache-deception2026-04-19T01:58:26.674Z https://appsecuritystandards.org/glossary/workload-identity2026-04-19T12:36:40.817Z https://appsecuritystandards.org/glossary/workload-identity-federation2026-04-19T12:18:50.495Z https://appsecuritystandards.org/glossary/workload-security2026-04-18T22:53:25.056Z https://appsecuritystandards.org/glossary/zero-trust-architecture2026-04-18T16:46:42.971Z https://appsecuritystandards.org/glossary/zombie-apis2026-04-18T15:35:27.180Z https://appsecuritystandards.org/blog https://appsecuritystandards.org/blog/should-your-security-framework-treat-ai-agents-like-users-or-like-code2026-05-03T07:55:02.046Z https://appsecuritystandards.org/blog/when-identity-verification-failed-against-ai-agents-a-post-mortem2026-05-03T07:55:02.042Z https://appsecuritystandards.org/blog/ruby-gems-and-go-modules-turned-weapons-bufferzonecorp-attack-breakdown2026-05-03T07:55:02.037Z https://appsecuritystandards.org/blog/36-hours-a-sql-injection-flaw-goes-from-disclosure-to-active-exploitation2026-05-03T07:55:02.033Z https://appsecuritystandards.org/blog/sql-injection-in-litellm-how-a-9-3-cvss-vulnerability-was-exploited-in-36-hours2026-05-03T07:55:02.029Z https://appsecuritystandards.org/blog/mythos-when-vulnerability-discovery-moved-to-machine-speed2026-05-03T07:55:02.024Z https://appsecuritystandards.org/blog/four-malicious-packages-one-missing-approval-gate2026-05-03T07:55:02.013Z https://appsecuritystandards.org/blog/ai-agents-aren-t-deleting-your-database-your-security-process-is2026-05-03T07:55:02.008Z https://appsecuritystandards.org/blog/two-thirds-of-ai-teams-run-on-kubernetes-here-s-what-that-means-for-your-infrastructure2026-05-03T07:55:02.002Z https://appsecuritystandards.org/blog/ai-agent-leaked-oauth-token-through-screenshot-manipulation2026-05-03T07:55:01.995Z https://appsecuritystandards.org/blog/two-malicious-versions-how-a-stored-api-token-compromised-pypi-s-lightning-package2026-05-02T07:55:01.603Z https://appsecuritystandards.org/blog/cve-2026-41940-when-authentication-bypass-meets-mass-hosting-infrastructure2026-05-02T07:55:01.599Z https://appsecuritystandards.org/blog/two-malicious-pypi-packages-stole-credentials-for-48-hours2026-05-02T07:55:01.596Z https://appsecuritystandards.org/blog/google-gemini-cli-s-10-0-cvss-flaw-what-broke-and-how-to-fix-it2026-05-02T07:55:01.592Z https://appsecuritystandards.org/blog/a-10-0-severity-flaw-in-google-s-gemini-cli-what-failed-and-how-to-fix-it2026-05-02T07:55:01.579Z https://appsecuritystandards.org/blog/two-malicious-pytorch-lightning-versions-slipped-through-pypi-s-gates2026-05-02T07:55:01.574Z https://appsecuritystandards.org/blog/verifying-ai-model-provenance-won-t-solve-your-ai-security-problem2026-05-02T07:55:01.569Z https://appsecuritystandards.org/blog/pytorch-lightning-supply-chain-attack-two-versions-thousands-of-exposed-environments2026-05-02T07:55:01.553Z https://appsecuritystandards.org/blog/four-sap-npm-packages-shipped-malware-for-two-weeks2026-05-01T07:55:01.718Z https://appsecuritystandards.org/blog/how-github-patched-a-critical-rce-in-two-hours2026-05-01T07:55:01.714Z https://appsecuritystandards.org/blog/github-s-rce-vulnerability-when-88-of-self-hosted-instances-miss-critical-patches2026-05-01T07:55:01.710Z https://appsecuritystandards.org/blog/cve-2026-40478-when-framework-misuse-becomes-a-critical-vulnerability2026-05-01T07:55:01.705Z https://appsecuritystandards.org/blog/119-000-downloads-in-three-hours-what-the-ai-dev-tool-attacks-teach-us2026-05-01T07:55:01.700Z https://appsecuritystandards.org/blog/malicious-preinstall-scripts-compromise-sap-development-packages2026-05-01T07:55:01.694Z https://appsecuritystandards.org/blog/your-plugin-vetting-process-doesn-t-work-and-manual-code-review-won-t-fix-it2026-05-01T07:55:01.677Z https://appsecuritystandards.org/blog/public-package-registries-are-not-free-infrastructure2026-04-30T07:55:01.665Z https://appsecuritystandards.org/blog/8-hours-to-steal-cloud-credentials-the-elementary-data-supply-chain-attack2026-04-30T07:55:01.660Z https://appsecuritystandards.org/blog/self-propagating-malware-hides-in-vs-code-extensions2026-04-30T07:55:01.655Z https://appsecuritystandards.org/blog/ide-extensions-are-stealing-credentials-and-nobody-s-checking2026-04-30T07:55:01.651Z https://appsecuritystandards.org/blog/litellm-sqli-exploit-36-hours-from-disclosure-to-active-attack2026-04-30T07:55:01.647Z https://appsecuritystandards.org/blog/when-a-fintech-vendor-gets-ransomware-672-000-people-pay-the-price2026-04-30T07:55:01.642Z https://appsecuritystandards.org/blog/a-single-git-push-could-have-compromised-github-s-entire-backend2026-04-30T07:55:01.637Z https://appsecuritystandards.org/blog/an-ai-agent-deleted-production-data-in-nine-seconds-what-the-incident-data-reveals2026-04-30T07:55:01.627Z https://appsecuritystandards.org/blog/cursor-ide-vulnerability-when-ai-agents-execute-malicious-git-hooks2026-04-30T07:55:01.624Z https://appsecuritystandards.org/blog/unsafe-deserialization-takes-down-robotics-platform-the-lerobot-cve-2026-25874-breakdown2026-04-30T07:55:01.617Z https://appsecuritystandards.org/blog/the-five-ways-you-re-breaking-ai-driven-security-and-how-to-stop2026-04-29T07:55:02.234Z https://appsecuritystandards.org/blog/73-malicious-extensions-sat-dormant-in-openvsx-for-months2026-04-29T07:55:02.229Z https://appsecuritystandards.org/blog/pypi-s-elementary-data-breach-when-ci-cd-becomes-the-attack-surface2026-04-29T07:55:02.225Z https://appsecuritystandards.org/blog/microsoft-s-agent-id-administrator-flaw-a-privilege-escalation-teardown2026-04-29T07:55:02.220Z https://appsecuritystandards.org/blog/checkmarx-github-repository-breach-what-happened-and-how-to-prevent-it2026-04-29T07:55:02.214Z https://appsecuritystandards.org/blog/cryptominers-exploited-two-auth-bypass-flaws-in-qinglong-s-middleware2026-04-29T07:55:02.209Z https://appsecuritystandards.org/blog/short-lived-credentials-won-t-save-you-from-your-real-problem2026-04-29T07:55:02.205Z https://appsecuritystandards.org/blog/open-source-governance-failures-cost-you-audit-compliance2026-04-29T07:55:02.199Z https://appsecuritystandards.org/blog/when-ai-found-10-000-vulnerabilities-in-your-codebase-and-your-team-had-capacity-for-2002026-04-29T07:55:02.194Z https://appsecuritystandards.org/blog/73-malicious-vs-code-extensions-were-installed-before-anyone-noticed2026-04-29T07:55:02.187Z https://appsecuritystandards.org/blog/wait-our-security-scanner-failed-but-the-build-passed2026-04-28T07:55:02.416Z https://appsecuritystandards.org/blog/20-hours-the-langflow-rce-exploit-timeline2026-04-28T07:55:02.411Z https://appsecuritystandards.org/blog/setting-up-ai-powered-vulnerability-scanning-after-mozilla-s-claude-mythos-success2026-04-28T07:55:02.405Z https://appsecuritystandards.org/blog/google-cloud-vertex-ai-permissions-flaw-when-default-service-agents-become-data-exfiltration-paths2026-04-28T07:55:02.398Z https://appsecuritystandards.org/blog/repository-lockdown-runbook-your-first-hour-response-template2026-04-28T07:55:02.394Z https://appsecuritystandards.org/blog/axios-npm-package-compromised-a-two-hour-window-that-could-have-wrecked-your-pipeline2026-04-28T07:55:02.384Z https://appsecuritystandards.org/blog/axios-npm-hijack-when-18-hours-of-prep-time-beat-your-dependency-checks2026-04-28T07:55:02.380Z https://appsecuritystandards.org/blog/cisco-lost-300-repositories-to-a-malicious-github-action2026-04-28T07:55:02.376Z https://appsecuritystandards.org/blog/two-openai-vulnerabilities-expose-the-input-validation-gap-in-ai-tools2026-04-28T07:55:02.369Z https://appsecuritystandards.org/blog/400-surge-in-critical-security-risks-what-250-organizations-reveal-about-ai-driven-development2026-04-27T07:55:02.375Z https://appsecuritystandards.org/blog/the-trivy-compromise-75-version-tags-poisoned-in-24-hours2026-04-27T07:55:02.372Z https://appsecuritystandards.org/blog/build-your-own-vulnerability-triage-system-before-nist-s-april-15-cutoff2026-04-27T07:55:02.369Z https://appsecuritystandards.org/blog/patching-composer-cve-2026-40176-and-cve-2026-40261-a-48-hour-response-plan2026-04-27T07:55:02.365Z https://appsecuritystandards.org/blog/hardening-open-source-maintainer-accounts-after-the-axios-compromise2026-04-27T07:55:02.361Z https://appsecuritystandards.org/blog/513-000-lines-of-ai-code-leaked-through-a-source-map2026-04-27T07:55:02.356Z https://appsecuritystandards.org/blog/1-700-malicious-packages-how-unc1069-weaponized-four-package-ecosystems2026-04-27T07:55:02.353Z https://appsecuritystandards.org/blog/ai-package-repositories-just-got-weaponized-what-the-xinference-attack-reveals2026-04-27T07:55:02.349Z https://appsecuritystandards.org/blog/cve-data-after-nist-what-your-vulnerability-program-needs-now2026-04-27T07:55:02.346Z https://appsecuritystandards.org/blog/we-just-added-mcp-to-our-agent-how-worried-should-we-be2026-04-27T07:55:02.341Z https://appsecuritystandards.org/blog/prepare-your-development-pipeline-for-eu-cyber-resilience-act-compliance2026-04-27T07:55:02.336Z https://appsecuritystandards.org/blog/21-764-malware-packages-in-90-days-what-npm-s-supply-chain-crisis-teaches-us2026-04-27T07:55:02.332Z https://appsecuritystandards.org/blog/ai-scans-100-000-repositories-in-72-hours-the-prt-scan-attack2026-04-27T07:55:02.327Z https://appsecuritystandards.org/blog/when-ai-finds-your-cve-before-you-patch-it2026-04-27T07:55:02.322Z https://appsecuritystandards.org/blog/risk-based-vulnerability-triage-after-nist-s-pivot-to-selective-enrichment2026-04-27T07:55:02.317Z https://appsecuritystandards.org/blog/sboms-won-t-save-you-from-supply-chain-risk2026-04-27T07:55:02.312Z https://appsecuritystandards.org/blog/anthropic-s-mcp-vulnerability-when-expected-behavior-means-remote-code-execution2026-04-27T07:55:02.306Z https://appsecuritystandards.org/blog/wait-our-template-engine-can-execute-code2026-04-27T07:55:02.300Z https://appsecuritystandards.org/blog/how-a-compromised-ai-tool-gave-attackers-full-access-to-vercel-s-infrastructure2026-04-27T07:55:02.294Z https://appsecuritystandards.org/blog/bitwarden-cli-trojan-how-a-github-action-became-a-supply-chain-weapon2026-04-27T07:55:02.289Z https://appsecuritystandards.org/blog/a-critical-rmm-flaw-exposes-the-hidden-attack-surface-in-your-supply-chain2026-04-27T07:55:02.283Z https://appsecuritystandards.org/blog/should-you-pin-verify-or-isolate-your-developer-tools2026-04-27T07:55:02.274Z https://appsecuritystandards.org/blog/self-propagating-npm-malware-steals-credentials-publishes-more-malware2026-04-27T07:55:02.269Z https://appsecuritystandards.org/blog/ai-found-10-000-vulnerabilities-in-your-code-now-what2026-04-27T07:55:02.259Z https://appsecuritystandards.org/blog/malicious-npm-package-impersonates-bitwarden-cli-three-attack-vectors-in-one2026-04-26T20:46:52.539Z https://appsecuritystandards.org/blog/stolen-publishing-tokens-how-canistersprawl-turned-npm-maintainers-into-attack-vectors2026-04-26T20:46:50.092Z https://appsecuritystandards.org/blog/how-should-you-authorize-your-ai-agents2026-04-26T20:46:41.009Z https://appsecuritystandards.org/blog/340-gb-stolen-through-a-compromised-security-scanner2026-04-26T20:46:37.202Z https://appsecuritystandards.org/blog/766-next-js-hosts-compromised-through-cve-2025-551822026-04-26T20:46:34.393Z https://appsecuritystandards.org/blog/our-dependency-got-compromised-what-do-we-actually-do2026-04-26T20:46:32.824Z https://appsecuritystandards.org/blog/axios-npm-breach-100-million-weekly-downloads-compromised-in-three-hours2026-04-26T20:46:31.150Z https://appsecuritystandards.org/blog/claude-found-rce-bugs-in-vim-and-emacs-that-fire-when-you-open-a-file2026-04-26T20:46:28.506Z https://appsecuritystandards.org/blog/350-gb-stolen-through-a-vulnerability-scanner-the-europa-eu-supply-chain-breach2026-04-26T20:46:26.671Z https://appsecuritystandards.org/blog/north-korean-hackers-compromised-axios-npm-packages-for-under-three-hours2026-04-26T20:46:25.930Z https://appsecuritystandards.org/blog/axios-npm-package-breach-when-9-million-weekly-downloads-meet-a-sophisticated-compromise2026-04-26T20:46:24.998Z https://appsecuritystandards.org/blog/axios-attack-300-million-weekly-downloads-minutes-to-detect2026-04-26T20:46:24.168Z https://appsecuritystandards.org/blog/axios-supply-chain-attack-when-account-compromise-hits-100-million-weekly-downloads2026-04-26T20:46:22.665Z https://appsecuritystandards.org/blog/axios-supply-chain-attack-how-300-million-weekly-downloads-nearly-became-a-backdoor2026-04-26T20:46:20.816Z https://appsecuritystandards.org/blog/google-s-antigravity-tool-when-prompt-injection-becomes-remote-code-execution2026-04-26T07:55:02.211Z https://appsecuritystandards.org/blog/should-ai-agents-get-admin-access-the-debate-over-least-privilege-for-autonomous-systems2026-04-26T07:55:02.206Z https://appsecuritystandards.org/blog/6-500-unpatched-activemq-instances-when-ai-finds-flaws-faster-than-you-can-fix-them2026-04-26T07:55:02.203Z https://appsecuritystandards.org/blog/13-hours-an-ssrf-vulnerability-goes-from-disclosure-to-active-exploitation2026-04-26T07:55:02.190Z https://appsecuritystandards.org/blog/malicious-npm-packages-stole-credentials-from-8-000-weekly-downloads2026-04-25T07:53:01.797Z https://appsecuritystandards.org/blog/bitwarden-cli-supply-chain-attack-a-95-minute-window-that-exposed-thousands-of-secrets2026-04-25T07:53:01.788Z https://appsecuritystandards.org/blog/bitwarden-cli-hijacked-for-90-minutes-a-ci-cd-pipeline-breach-teardown2026-04-25T07:53:01.783Z https://appsecuritystandards.org/blog/bitwarden-cli-package-breach-how-a-compromised-github-action-stole-developer-credentials2026-04-25T07:53:01.778Z https://appsecuritystandards.org/blog/hackers-compromised-a-security-tool-to-steal-the-secrets-it-was-scanning2026-04-25T07:53:01.769Z https://appsecuritystandards.org/blog/a-9-3-cvss-vulnerability-that-will-never-be-patched2026-04-24T07:53:02.284Z https://appsecuritystandards.org/blog/16-npm-packages-compromised-in-self-propagating-supply-chain-attack2026-04-24T07:53:02.280Z https://appsecuritystandards.org/blog/an-attacker-executed-code-through-your-ai-agent-and-you-never-saw-it2026-04-24T07:53:02.276Z https://appsecuritystandards.org/blog/your-dependency-update-just-broke-authentication-a-post-patch-validation-checklist2026-04-24T07:53:02.272Z https://appsecuritystandards.org/blog/a-self-propagating-worm-just-proved-your-dependency-security-model-is-broken2026-04-24T07:53:02.268Z https://appsecuritystandards.org/blog/asp-net-core-s-cvss-9-1-privilege-escalation-a-cryptographic-verification-failure2026-04-24T07:53:02.259Z https://appsecuritystandards.org/blog/12-000-flowise-instances-compromised-through-maximum-severity-rce-flaw2026-04-23T07:53:02.356Z https://appsecuritystandards.org/blog/grafana-s-ai-dashboard-flaw-when-llm-integration-bypasses-url-validation2026-04-23T07:53:02.352Z https://appsecuritystandards.org/blog/a-padded-http-request-gave-root-access-docker-cve-2026-340402026-04-23T07:53:02.349Z https://appsecuritystandards.org/blog/maintainer-impersonation-response-script-for-open-source-projects2026-04-23T07:53:02.346Z https://appsecuritystandards.org/blog/12-000-ai-workflow-instances-running-with-a-known-critical-flaw2026-04-23T07:53:02.342Z https://appsecuritystandards.org/blog/cve-2025-59528-when-a-cvss-10-vulnerability-meets-15-000-exposed-instances2026-04-23T07:53:02.339Z https://appsecuritystandards.org/blog/500-000-vulnerabilities-narrowed-to-14-critical-paths2026-04-23T07:53:02.330Z https://appsecuritystandards.org/blog/10-hours-the-marimo-rce-exploit-timeline2026-04-23T07:53:02.324Z https://appsecuritystandards.org/blog/you-re-probably-misreading-article-5-of-the-eu-ai-act2026-04-22T07:53:01.507Z https://appsecuritystandards.org/blog/under-10-hours-how-an-unauthenticated-rce-became-full-system-compromise2026-04-22T07:53:01.502Z https://appsecuritystandards.org/blog/we-re-drowning-in-cves-what-nist-s-triage-shift-means-for-your-vulnerability-program2026-04-22T07:53:01.498Z https://appsecuritystandards.org/blog/code-signing-certificates-revoked-after-supply-chain-compromise2026-04-22T07:53:01.493Z https://appsecuritystandards.org/blog/when-the-national-vulnerability-database-stopped-enriching-most-cves2026-04-22T07:53:01.477Z https://appsecuritystandards.org/blog/mapping-security-accountability-across-the-ai-stack2026-04-21T07:53:02.212Z https://appsecuritystandards.org/blog/stop-patching-every-cve-a-checklist-for-impact-based-vulnerability-management2026-04-21T07:53:02.206Z https://appsecuritystandards.org/blog/nist-just-handed-you-the-cve-problem-here-s-what-happened-next2026-04-21T07:53:02.202Z https://appsecuritystandards.org/blog/what-we-re-learning-about-ai-vulnerability-scanners-and-what-we-re-not2026-04-21T07:53:02.194Z https://appsecuritystandards.org/blog/patching-the-protobuf-js-rce-vulnerability-a-step-by-step-response-plan2026-04-20T07:53:02.085Z https://appsecuritystandards.org/blog/91-000-attack-sessions-in-three-months-the-ollama-exposure-problem2026-04-19T07:53:01.900Z https://appsecuritystandards.org/blog/cve-2026-33032-when-an-ai-feature-became-a-remote-code-execution-vector2026-04-18T07:53:02.219Z https://appsecuritystandards.org/blog/prompt-injection-flaws-in-salesforce-agentforce-and-microsoft-copilot-a-security-teardown2026-04-17T07:53:02.056Z https://appsecuritystandards.org/blog/21-764-malicious-packages-the-axios-compromise-and-what-it-reveals-about-your-dependency-chain2026-04-16T07:53:02.080Z https://appsecuritystandards.org/blog/docker-authz-bypass-which-plugin-architecture-should-you-deploy2026-04-14T07:53:01.647Z https://appsecuritystandards.org/blog/north-korean-actors-compromised-axios-npm-package-a-supply-chain-attack-teardown2026-04-13T07:53:02.086Z https://appsecuritystandards.org/blog/integrating-ai-vulnerability-scanners-into-your-security-pipeline2026-04-13T07:53:02.080Z https://appsecuritystandards.org/blog/when-your-publisher-account-gets-suspended-maintaining-critical-update-channels2026-04-11T07:53:01.693Z https://appsecuritystandards.org/blog/axios-npm-package-hijacked-three-hours-that-exposed-your-dependency-stack2026-04-11T07:53:01.688Z https://appsecuritystandards.org/blog/how-stolen-credentials-turned-github-actions-into-a-malware-factory2026-04-11T07:53:01.683Z https://appsecuritystandards.org/blog/audio-steganography-in-package-attacks-detection-and-response-guide2026-04-11T07:53:01.675Z https://appsecuritystandards.org/blog/36-malicious-npm-packages-deployed-reverse-shells-through-strapi-plugin-typosquatting2026-04-08T07:53:02.343Z https://appsecuritystandards.org/blog/766-hosts-compromised-in-24-hours-the-react2shell-credential-theft-campaign2026-04-07T07:53:02.373Z https://appsecuritystandards.org/blog/security-fix-exists-but-your-users-are-still-vulnerable2026-04-05T07:53:01.636Z https://appsecuritystandards.org/blog/npm-s-axios-package-delivered-cross-platform-rat-through-compromised-maintainer-account2026-04-02T07:53:02.186Z https://appsecuritystandards.org/blog/the-pre-commit-secrets-policy-your-developers-will-actually-use2026-04-01T07:53:01.542Z https://appsecuritystandards.org/blog/should-you-lock-down-your-package-repository-or-monitor-it2026-03-31T07:53:01.982Z https://appsecuritystandards.org/blog/a-security-scanner-becomes-the-attack-vector-the-trivy-supply-chain-breach2026-03-29T07:53:02.270Z https://appsecuritystandards.org/blog/56-of-vulnerable-magento-stores-hit-within-10-days2026-03-28T07:53:01.796Z https://appsecuritystandards.org/blog/4-000-downloads-of-malicious-code-the-cline-npm-package-compromise2026-03-27T07:53:01.684Z https://appsecuritystandards.org/blog/ai-generated-malware-in-your-dependencies-detection-checklist2026-03-27T07:53:01.673Z https://appsecuritystandards.org/blog/authentication-bypass-in-pac4j-jwt-exposes-java-applications2026-03-27T07:53:01.670Z https://appsecuritystandards.org/blog/ai-agent-turned-exfiltration-tool-the-pleasefix-vulnerability2026-03-27T07:53:01.666Z https://appsecuritystandards.org/blog/1-000-saas-environments-compromised-through-a-security-scanner2026-03-27T07:53:01.659Z https://appsecuritystandards.org/blog/15-000-magento-stores-hit-by-defacement-polyshell-vulnerability-teardown2026-03-26T19:52:20.586Z https://appsecuritystandards.org/blog/ai-component-inventory-template-mapping-your-llm-dependencies-in-72-hours2026-03-26T19:50:21.003Z https://appsecuritystandards.org/blog/wait-this-package-is-suddenly-asking-for-what-permissions2026-03-26T19:48:20.754Z https://appsecuritystandards.org/blog/securing-your-dependency-chain-against-malicious-extensions2026-03-26T19:46:22.069Z https://appsecuritystandards.org/blog/appsflyer-sdk-compromise-how-a-marketing-tool-became-a-cryptocurrency-theft-vector2026-03-26T19:44:22.023Z https://appsecuritystandards.org/blog/88-malicious-npm-packages-still-active-what-the-phantomraven-data-tells-us2026-03-26T19:37:20.818Z https://appsecuritystandards.org/blog/stopping-self-spreading-worms-when-you-can-t-kill-the-server2026-03-26T19:37:14.435Z https://appsecuritystandards.org/blog/trivy-scanner-breach-when-32-000-github-stars-became-a-liability2026-03-25T07:53:01.787Z https://appsecuritystandards.org/blog/defending-against-decentralized-malware-what-the-canisterworm-attack-means-for-your-supply-chain2026-03-23T07:53:02.025Z https://appsecuritystandards.org/blog/ai-agents-aren-t-just-fancy-chatbots-5-security-myths-that-will-get-you-breached2026-03-23T07:53:02.017Z https://appsecuritystandards.org/blog/angular-ssr-vulnerability-exposes-internal-networks-through-header-manipulation2026-03-23T07:53:02.002Z https://appsecuritystandards.org/blog/ai-scanners-found-11-000-vulnerabilities-in-30-days-here-s-how-to-deploy-one2026-03-23T07:53:01.981Z https://appsecuritystandards.org/blog/ai-scanner-misses-sql-injection-in-payment-flow-a-case-study-in-tool-limitations2026-03-23T07:53:01.971Z https://appsecuritystandards.org/blog/risk-based-security-without-a-baseline-is-just-theater-with-better-lighting2026-03-23T07:53:01.964Z https://appsecuritystandards.org/blog/package-manager-security-a-four-stage-implementation-playbook2026-03-16T07:53:02.092Z https://appsecuritystandards.org/blog/83-000-downloads-of-a-critical-auth-bypass-in-one-week2026-03-13T07:53:01.491Z https://appsecuritystandards.org/blog/is-your-ai-prompt-security-strategy-just-wishful-thinking2026-03-12T07:53:01.621Z https://appsecuritystandards.org/blog/ai-agent-leaked-customer-pii-through-autonomous-email-actions2026-03-12T07:53:01.617Z https://appsecuritystandards.org/blog/oauth2-proxy-authentication-bypass-a-header-smuggling-breakdown2026-03-12T07:53:01.603Z https://appsecuritystandards.org/blog/malicious-packages-on-packagist-a-detection-and-response-reference2026-03-10T07:53:01.601Z https://appsecuritystandards.org/blog/26-malicious-npm-packages-a-supply-chain-attack-breakdown2026-03-09T14:16:24.184Z https://appsecuritystandards.org/blog/1-45-billion-attacks-how-smbs-became-the-primary-target-for-api-exploits2026-03-09T14:15:04.019Z https://appsecuritystandards.org/blog/when-ai-pentesting-tools-miss-what-matters-a-burp-ai-case-study2026-03-09T14:14:29.160Z https://appsecuritystandards.org/blog/a-zero-width-space-character-broke-freescout-s-security2026-03-09T14:14:01.677Z https://appsecuritystandards.org/blog/should-you-update-chrome-every-two-weeks2026-03-09T12:34:22.059Z https://appsecuritystandards.org/blog/how-a-platform-team-cut-policy-sprawl-by-60-with-unified-kubernetes-governance2026-03-09T12:32:20.225Z https://appsecuritystandards.org/blog/five-myths-about-banning-ai-enabled-browsers-in-your-organization2026-03-09T12:30:20.902Z https://appsecuritystandards.org/blog/zero-day-in-1-4-billion-devices-the-qualcomm-cve-2026-21385-exploit2026-03-09T12:28:22.911Z https://appsecuritystandards.org/blog/tire-pressure-sensors-are-broadcasting-your-location-a-security-engineer-s-field-guide-to-automotive-iot-vulnerabilities2026-03-09T12:26:22.391Z https://appsecuritystandards.org/blog/open-source-disaster-recovery-tools-won-t-save-you-unless-you-avoid-these-5-mistakes2026-03-09T12:24:29.526Z https://appsecuritystandards.org/blog/cmmc-questions-your-procurement-team-is-actually-asking2026-03-09T12:22:55.392Z https://appsecuritystandards.org/blog/spy-grade-ios-exploit-kit-now-powering-financial-crime2026-03-09T12:22:43.394Z https://appsecuritystandards.org/blog/zero-click-rce-in-freescout-when-your-help-desk-becomes-the-entry-point2026-03-09T12:22:34.423Z https://appsecuritystandards.org/blog/five-myths-blocking-your-ai-model-selection-process2026-03-08T19:20:21.821Z https://appsecuritystandards.org/blog/tuning-ai-response-guardrails-without-breaking-user-trust2026-03-08T19:18:17.468Z https://appsecuritystandards.org/blog/we-generate-sboms-but-nobody-looks-at-them-fixing-the-gap-between-sbom-creation-and-action2026-03-08T19:14:22.508Z https://appsecuritystandards.org/blog/when-static-scans-miss-the-exploit-path-a-shift-left-failure2026-03-08T19:10:21.214Z https://appsecuritystandards.org/blog/best-buy-cut-false-positives-80-by-moving-security-into-the-ide2026-03-08T19:06:20.495Z https://appsecuritystandards.org/blog/implementing-security-for-ai-assisted-development-a-working-playbook2026-03-08T19:04:17.247Z https://appsecuritystandards.org/blog/when-appsec-teams-treat-every-critical-alert-the-same2026-03-08T19:00:19.251Z https://appsecuritystandards.org/blog/when-ai-found-500-vulnerabilities-nobody-asked-for2026-03-08T18:58:20.814Z https://appsecuritystandards.org/blog/two-years-of-ai-infrastructure-exploitation-what-wiz-researchers-found2026-03-08T18:56:22.896Z https://appsecuritystandards.org/blog/ai-coding-tools-just-became-your-supply-chain-s-weakest-link2026-03-08T18:54:20.783Z https://appsecuritystandards.org/blog/developer-security-intelligence-configuration-template2026-03-08T18:52:22.845Z https://appsecuritystandards.org/blog/dependency-management-when-ai-writes-half-your-code2026-03-08T18:50:19.924Z https://appsecuritystandards.org/blog/when-your-ai-coding-assistant-becomes-an-exfiltration-tool2026-03-08T18:48:19.261Z https://appsecuritystandards.org/blog/ai-will-fix-your-vulnerabilities-automatically-five-myths-from-the-darpa-challenge2026-03-08T18:46:28.208Z https://appsecuritystandards.org/blog/70-of-critical-vulns-come-from-memory-issues-here-s-what-one-team-actually-did2026-03-08T18:44:20.520Z https://appsecuritystandards.org/blog/should-you-block-ai-automation-frameworks-before-they-re-weaponized2026-03-08T18:42:20.305Z https://appsecuritystandards.org/blog/open-source-contributions-return-2-5x-investment-while-passive-consumption-bleeds-670k-annually2026-03-08T18:40:20.232Z https://appsecuritystandards.org/blog/implementing-non-human-identity-management-for-ai-systems2026-03-08T18:38:20.567Z https://appsecuritystandards.org/blog/a-financial-services-team-discovers-their-load-balancer-is-the-weakest-link2026-03-08T18:36:21.642Z https://appsecuritystandards.org/blog/machine-identities-now-outnumber-human-users-10-1-in-production2026-03-08T18:34:23.902Z https://appsecuritystandards.org/blog/open-source-security-collaboration-the-mistakes-that-keep-your-team-isolated2026-03-08T18:32:21.934Z https://appsecuritystandards.org/blog/malicious-packages-downloaded-54-500-times-your-dependency-vetting-protocol2026-03-08T18:30:20.448Z https://appsecuritystandards.org/blog/your-non-human-identity-crisis-isn-t-what-you-think-it-is2026-03-08T18:28:21.281Z https://appsecuritystandards.org/blog/ai-just-patched-openssl-what-this-means-for-your-vulnerability-management-program2026-03-08T18:26:43.384Z https://appsecuritystandards.org/blog/oauth-error-flow-attacks-hit-government-networks-a-technical-breakdown2026-03-08T18:26:31.468Z https://appsecuritystandards.org/blog/your-ai-agent-security-checklist-before-the-next-clawjacked2026-03-08T17:34:20.654Z https://appsecuritystandards.org/blog/asvs-5-0-review-checklist-what-to-test-before-the-standard-ships2026-03-08T17:33:33.483Z https://appsecuritystandards.org/blog/4-000-downloads-in-eight-hours-anatomy-of-the-cline-cli-supply-chain-attack2026-03-08T17:33:24.466Z https://appsecuritystandards.org/blog/87-of-production-services-run-exploitable-dependencies2026-03-08T17:32:59.113Z https://appsecuritystandards.org/blog/oauth-credentials-stored-as-executable-html-the-n8n-xss-incident2026-03-08T17:32:47.852Z https://appsecuritystandards.org/blog/a-threat-intelligence-program-that-couldn-t-detect-threats2026-03-06T07:53:01.774Z https://appsecuritystandards.org/blog/ai-enhanced-supply-chain-malware-detection-and-defense-reference2026-03-06T07:53:01.769Z https://appsecuritystandards.org/blog/critical-openclaw-vulnerability-exposes-the-gap-between-ai-tool-adoption-and-security-readiness2026-03-06T07:53:01.764Z https://appsecuritystandards.org/blog/open-source-security-five-myths-blocking-your-supply-chain-defense2026-03-06T07:53:01.762Z https://appsecuritystandards.org/blog/claude-code-vulnerabilities-what-security-teams-need-to-know-right-now2026-03-06T07:53:01.759Z https://appsecuritystandards.org/blog/2-863-google-cloud-keys-became-auth-tokens-without-warning2026-03-06T07:53:01.747Z https://appsecuritystandards.org/blog/api-key-security-audit-preventing-unauthorized-ai-access2026-03-06T07:53:01.740Z https://appsecuritystandards.org/blog/protecting-model-updates-in-federated-learning-your-input-privacy-checklist2026-03-05T12:15:37.986Z https://appsecuritystandards.org/blog/react-native-security-reference-owasp-mas-implementation-for-cross-platform-apps2026-03-05T12:15:33.459Z https://appsecuritystandards.org/blog/iam-for-ai-agents-a-step-by-step-implementation-guide2026-03-05T12:15:32.944Z https://appsecuritystandards.org/blog/preparing-your-kafka-infrastructure-for-agent-communication-and-real-time-anomaly-detection2026-03-05T12:15:32.318Z https://appsecuritystandards.org/blog/your-ai-coding-agent-isn-t-slow-because-it-s-dumb2026-03-05T11:16:20.347Z https://appsecuritystandards.org/blog/five-myths-about-securing-ai-agents-that-will-get-you-breached2026-03-05T11:12:52.112Z https://appsecuritystandards.org/blog/api-keys-outnumber-employees-10-to-1-what-a-financial-services-team-learned-about-machine-identity-sprawl2026-03-05T11:12:51.528Z https://appsecuritystandards.org/blog/ai-agents-won-t-break-your-security-but-these-five-myths-will2026-03-05T11:12:49.659Z https://appsecuritystandards.org/blog/should-you-let-ai-scan-the-code-ai-wrote2026-03-05T11:12:49.211Z https://appsecuritystandards.org/blog/ai-code-generators-don-t-write-insecure-code-and-other-dangerous-myths2026-03-05T11:12:48.331Z https://appsecuritystandards.org/blog/82-of-organizations-can-t-name-their-ai-assets2026-03-05T11:12:47.851Z https://appsecuritystandards.org/blog/should-you-build-iam-on-open-source-or-buy-a-vendor-solution2026-03-05T11:12:46.520Z https://appsecuritystandards.org/blog/sail-framework-implementation-what-6-months-of-adoption-data-reveals2026-03-05T11:12:46.062Z https://appsecuritystandards.org/blog/federated-vulnerability-intelligence-what-your-team-needs-to-know2026-03-05T11:12:45.577Z https://appsecuritystandards.org/blog/owasp-s-lifecycle-standard-faces-the-eu-cyber-resilience-act2026-03-05T11:12:33.553Z https://appsecuritystandards.org/blog/when-your-help-desk-becomes-your-attack-vector2026-03-05T11:12:23.271Z https://appsecuritystandards.org/blog/when-ai-agents-outpaced-every-human-researcher-combined2026-03-05T07:53:02.311Z https://appsecuritystandards.org/blog/package-managers-just-held-their-first-cross-ecosystem-security-summit-here-s-what-changed2026-03-05T07:53:02.308Z https://appsecuritystandards.org/blog/malicious-next-js-repos-triggered-backdoors-in-vs-code2026-03-05T07:53:02.305Z https://appsecuritystandards.org/blog/global-software-regulation-just-shifted-from-voluntary-to-mandatory2026-03-05T07:53:02.302Z https://appsecuritystandards.org/blog/a-calendar-invite-hijacked-an-ai-browser-the-perplexedcomet-breakdown2026-03-05T07:53:02.300Z https://appsecuritystandards.org/blog/clawjacked-how-a-browser-tab-hijacked-an-ai-platform-through-localhost2026-03-05T07:53:02.296Z https://appsecuritystandards.org/blog/implementing-differential-privacy-in-federated-learning-without-destroying-model-accuracy2026-03-05T07:53:02.294Z https://appsecuritystandards.org/blog/ai-won-t-replace-your-vulnerability-management-process2026-03-05T07:53:02.291Z https://appsecuritystandards.org/blog/3-000-api-keys-found-in-public-code-a-google-cloud-incident-analysis2026-03-05T07:53:02.287Z https://appsecuritystandards.org/blog/nist-s-ai-control-overlay-strategy-what-security-teams-need-now2026-03-05T07:53:02.284Z https://appsecuritystandards.org/blog/cra-compliance-workflow-template-from-requirements-to-remediation2026-03-05T07:53:02.281Z https://appsecuritystandards.org/blog/secure-by-design-fails-when-you-skip-these-six-steps2026-03-05T07:53:02.278Z https://appsecuritystandards.org/blog/securing-ai-augmented-development-a-reference-guide-for-the-2025-owasp-top-102026-03-05T07:53:02.274Z https://appsecuritystandards.org/blog/federal-software-supply-chain-security-what-your-auditors-get-wrong2026-03-05T07:53:02.271Z https://appsecuritystandards.org/blog/sbom-validation-script-for-java-projects2026-03-05T07:53:02.268Z https://appsecuritystandards.org/blog/when-entity-alignment-breaks-your-privacy-budget2026-03-05T07:53:02.264Z https://appsecuritystandards.org/blog/when-speed-beats-security-the-openclaw-websocket-vulnerability2026-03-05T07:53:02.261Z https://appsecuritystandards.org/blog/the-openssf-badge-won-t-save-your-project-5-myths-blocking-real-security-progress2026-03-05T07:53:02.250Z https://appsecuritystandards.org/blog/should-you-apply-nist-s-ai-risk-framework-or-stick-with-traditional-controls2026-03-05T07:53:02.248Z https://appsecuritystandards.org/blog/ai-generated-code-verification-a-reference-framework-for-security-teams2026-03-05T07:53:02.245Z https://appsecuritystandards.org/blog/llms-can-t-remember-what-you-told-them-yesterday2026-03-05T07:53:02.239Z https://appsecuritystandards.org/blog/red-hat-rewrites-the-eu-cyber-resilience-act-before-it-ships2026-03-05T07:53:02.233Z https://appsecuritystandards.org/blog/19-malicious-npm-packages-stole-credentials-through-ci-cd-pipelines2026-03-05T00:51:04.275Z https://appsecuritystandards.org/blog/compromised-npm-package-installed-openclaw-on-90-000-weekly-downloads2026-03-05T00:50:51.721Z https://appsecuritystandards.org/blog/the-ai-security-engineer-role-what-it-covers-and-what-you-need-to-know2026-03-05T00:50:47.482Z https://appsecuritystandards.org/blog/how-one-python-security-integration-became-the-test-case-for-ai-era-compliance2026-03-05T00:50:42.386Z https://appsecuritystandards.org/blog/implementing-oauth-2-0-authorization-code-flow-a-start-to-finish-playbook2026-03-05T00:50:38.196Z https://appsecuritystandards.org/blog/the-api-key-that-gave-away-the-store-an-llm-endpoint-breach-teardown2026-03-05T00:50:28.924Z https://appsecuritystandards.org/blog/an-ai-bot-published-a-malicious-npm-package-for-eight-hours2026-03-05T00:50:23.302Z https://appsecuritystandards.org/blog/the-calendar-invitation-that-hijacked-an-ai-agent2026-03-05T00:50:17.969Z https://appsecuritystandards.org/blog/burp-ai-prompt-template-for-faster-vulnerability-validation2026-03-05T00:50:14.181Z https://appsecuritystandards.org/blog/the-sast-customization-myths-blocking-your-ai-era-security-program2026-03-05T00:50:09.031Z https://appsecuritystandards.org/blog/platform-engineering-s-supply-chain-security-playbook2026-03-05T00:50:05.439Z https://appsecuritystandards.org/blog/should-you-rely-on-your-scanner-to-catch-the-next-critical-framework-bug2026-03-05T00:50:03.513Z https://appsecuritystandards.org/blog/how-log4j-breaches-still-happen-three-years-later2026-03-05T00:50:01.225Z https://appsecuritystandards.org/blog/reachability-first-security-policy-template2026-03-05T00:49:59.103Z https://appsecuritystandards.org/blog/ai-generated-code-won-t-fix-itself-five-myths-blocking-your-appsec-program2026-03-05T00:49:57.087Z https://appsecuritystandards.org/blog/when-static-analysis-flagged-847-vulnerabilities-but-only-3-were-real2026-03-05T00:49:54.561Z https://appsecuritystandards.org/blog/two-sbom-tools-got-funded-here-s-what-that-means-for-your-compliance-program2026-03-05T00:49:52.115Z https://appsecuritystandards.org/blog/security-review-checklist-integrating-llms-into-your-vulnerability-detection-workflow2026-03-05T00:49:49.334Z https://appsecuritystandards.org/blog/embedding-security-remediation-in-your-ide-a-cost-reduction-implementation-guide2026-03-05T00:49:45.906Z https://appsecuritystandards.org/blog/the-visibility-gap-what-happens-when-half-your-team-can-t-track-ai-generated-code2026-03-05T00:49:37.149Z https://appsecuritystandards.org/blog/when-vulnerability-scanning-and-patch-deployment-don-t-talk-to-each-other2026-03-05T00:49:34.840Z https://appsecuritystandards.org/blog/building-your-ai-governance-function-a-90-day-implementation-plan2026-03-05T00:49:33.462Z https://appsecuritystandards.org/blog/how-a-vault-license-change-exposed-a-secrets-management-crisis2026-03-05T00:49:31.888Z https://appsecuritystandards.org/blog/a-security-team-deployed-an-llm-assistant-and-exposed-their-vulnerability-database2026-03-04T22:33:14.722Z https://appsecuritystandards.org/blog/security-policy-automation-doesn-t-work-the-way-you-think2026-03-04T22:33:10.338Z https://appsecuritystandards.org/blog/ai-writes-your-code-who-manages-its-secrets2026-03-04T22:33:09.447Z https://appsecuritystandards.org/blog/log4shell-still-haunts-production-builds-three-years-later2026-03-04T22:33:08.049Z https://appsecuritystandards.org/blog/authorization-bypass-exposed-400-endpoints-in-production-api2026-03-04T22:17:04.093Z https://appsecuritystandards.org/blog/ai-code-generators-won-t-fix-your-security-problems2026-03-04T22:17:00.282Z https://appsecuritystandards.org/blog/sixty-kubernetes-clusters-backdoored-through-rbac-misconfiguration2026-03-04T22:16:56.812Z https://appsecuritystandards.org/blog/security-debt-hit-82-of-organizations-last-year-here-s-your-board-deck2026-03-04T22:16:52.567Z https://appsecuritystandards.org/blog/claude-code-vulnerabilities-when-your-ai-assistant-becomes-an-attack-vector2026-03-04T22:16:47.900Z https://appsecuritystandards.org/blog/multi-agent-ai-penetration-testing-what-blacksmithai-s-architecture-reveals-about-automated-security-assessments2026-03-04T22:16:45.429Z https://appsecuritystandards.org/blog/ai-vulnerability-scanning-tools-need-human-verification-here-s-your-checklist2026-03-04T22:16:41.592Z https://appsecuritystandards.org/vendors https://appsecuritystandards.org/vendors/apisec2026-04-04T13:59:52.694Z https://appsecuritystandards.org/vendors/advanced-installer2026-03-30T20:49:03.469Z https://appsecuritystandards.org/vendors/akeyless-security2026-04-06T15:03:37.521Z https://appsecuritystandards.org/vendors/armur2026-04-04T19:43:28.663Z https://appsecuritystandards.org/vendors/42crunch2026-04-08T15:24:41.920Z https://appsecuritystandards.org/vendors/ambisure-technologies-pvt-ltd-let-s-secure-it2026-03-30T19:09:19.996Z https://appsecuritystandards.org/vendors/akto-io2026-04-08T14:01:17.136Z https://appsecuritystandards.org/vendors/arnica2026-02-17T22:37:48.833Z https://appsecuritystandards.org/vendors/qodo2026-02-17T22:38:09.886Z https://appsecuritystandards.org/vendors/socket2026-02-17T22:38:15.189Z https://appsecuritystandards.org/vendors/wallarm-api-security-leader2026-02-17T22:37:34.830Z https://appsecuritystandards.org/vendors/cygnostic2026-02-26T14:04:47.444Z https://appsecuritystandards.org/vendors/digital-ai2026-02-17T22:37:39.360Z https://appsecuritystandards.org/vendors/postman2026-02-17T22:37:32.345Z https://appsecuritystandards.org/vendors/snyk2026-02-17T22:38:14.865Z https://appsecuritystandards.org/vendors/entro-security2026-02-17T22:38:31.340Z https://appsecuritystandards.org/vendors/chainloop2026-02-17T22:37:16.424Z https://appsecuritystandards.org/vendors/fluid-attacks2026-02-17T22:38:00.758Z https://appsecuritystandards.org/vendors/plexicus-ai-powered-cnapp2026-02-17T22:38:08.800Z https://appsecuritystandards.org/vendors/nodesource2026-02-17T22:37:24.865Z https://appsecuritystandards.org/vendors/netrise2026-02-17T22:37:24.243Z https://appsecuritystandards.org/vendors/appdome2026-02-17T22:37:09.663Z https://appsecuritystandards.org/vendors/data-theorem-inc2026-02-17T22:37:58.034Z https://appsecuritystandards.org/vendors/promon2026-02-17T22:37:32.877Z https://appsecuritystandards.org/vendors/timesys-is-now-lynx2026-02-17T22:37:27.626Z https://appsecuritystandards.org/vendors/oligo-security2026-02-17T22:38:06.645Z https://appsecuritystandards.org/vendors/cycode2026-02-17T22:37:57.504Z https://appsecuritystandards.org/vendors/hoop-dev2026-02-17T22:37:19.072Z https://appsecuritystandards.org/vendors/stackhawk2026-02-17T22:37:44.650Z https://appsecuritystandards.org/vendors/ox-security2026-02-17T22:38:07.614Z https://appsecuritystandards.org/vendors/soos2026-02-17T22:38:16.735Z https://appsecuritystandards.org/vendors/mend-io2026-02-17T22:38:26.800Z https://appsecuritystandards.org/vendors/zeropath2026-02-17T22:38:24.105Z https://appsecuritystandards.org/vendors/appknox2026-02-17T22:37:36.861Z https://appsecuritystandards.org/vendors/pt-intersoft-integrasi-infotama-i32026-02-17T22:37:40.426Z https://appsecuritystandards.org/vendors/mayhem2026-02-17T22:38:04.895Z https://appsecuritystandards.org/vendors/fossa2026-02-17T22:38:25.538Z https://appsecuritystandards.org/vendors/purevpn-partner-enterprise-solutions2026-02-17T22:38:37.062Z https://appsecuritystandards.org/vendors/tromzo2026-02-17T22:37:09.168Z https://appsecuritystandards.org/vendors/kodem2026-02-17T22:38:04.319Z https://appsecuritystandards.org/vendors/softseq2026-02-17T22:38:15.721Z https://appsecuritystandards.org/vendors/sonatype2026-02-17T22:37:27.000Z https://appsecuritystandards.org/vendors/accessibility-com2026-04-20T13:16:25.496Z https://appsecuritystandards.org/vendors/bright2026-02-17T22:37:37.854Z https://appsecuritystandards.org/vendors/bito2026-02-17T22:37:49.612Z https://appsecuritystandards.org/vendors/n-stalker-acquired-by-conviso2026-02-17T22:37:05.999Z https://appsecuritystandards.org/vendors/ennote2026-02-17T22:38:30.739Z https://appsecuritystandards.org/vendors/iriusrisk2026-02-17T22:37:07.358Z https://appsecuritystandards.org/vendors/codiga2026-02-17T22:37:55.376Z https://appsecuritystandards.org/vendors/phase2026-02-17T22:38:36.035Z https://appsecuritystandards.org/vendors/codesecure-inc2026-02-17T22:37:54.850Z https://appsecuritystandards.org/vendors/cloud-destinations2026-02-17T22:37:52.465Z https://appsecuritystandards.org/vendors/contrast-security2026-02-17T22:37:55.904Z https://appsecuritystandards.org/vendors/dscifer2026-02-17T22:38:00.206Z https://appsecuritystandards.org/vendors/waratek2026-02-17T22:38:22.161Z https://appsecuritystandards.org/vendors/cybeats2026-02-17T22:37:17.471Z https://appsecuritystandards.org/vendors/integrated-computer-solutions-inc-ics2026-02-17T22:37:19.792Z https://appsecuritystandards.org/vendors/onboardbase-techstars-232026-02-17T22:38:34.168Z https://appsecuritystandards.org/vendors/devtools2026-02-17T22:37:59.659Z https://appsecuritystandards.org/vendors/black-duck2026-02-17T22:37:50.108Z https://appsecuritystandards.org/vendors/semgrep2026-02-17T22:38:14.317Z https://appsecuritystandards.org/vendors/passbolt2026-02-17T22:38:34.691Z https://appsecuritystandards.org/vendors/dersecur2026-02-17T22:37:59.054Z https://appsecuritystandards.org/vendors/crowdstrike2026-02-17T22:37:06.602Z https://appsecuritystandards.org/vendors/costrategix2026-02-17T22:37:56.953Z https://appsecuritystandards.org/vendors/sparrow-co-ltd2026-02-17T22:37:44.070Z https://appsecuritystandards.org/vendors/quali2026-02-17T22:37:13.939Z https://appsecuritystandards.org/vendors/vault2026-02-17T22:38:37.701Z https://appsecuritystandards.org/vendors/armorcode-inc-22026-02-17T22:37:04.853Z https://appsecuritystandards.org/vendors/levo-ai2026-02-17T22:37:42.140Z https://appsecuritystandards.org/vendors/tola-capital2026-02-17T22:38:19.445Z https://appsecuritystandards.org/vendors/qa-camp2026-02-17T22:38:09.304Z https://appsecuritystandards.org/vendors/exclusive-networks2026-02-17T22:38:31.981Z https://appsecuritystandards.org/vendors/istrosec2026-02-17T22:38:03.311Z https://appsecuritystandards.org/vendors/scribe-security-e2e-software-supply-chain-security2026-02-17T22:37:26.463Z https://appsecuritystandards.org/vendors/terrateam2026-02-17T22:37:15.107Z https://appsecuritystandards.org/vendors/true-positives2026-02-17T22:37:45.671Z https://appsecuritystandards.org/vendors/passwork-self-hosted-password-manager-for-your-business2026-02-17T22:38:35.231Z https://appsecuritystandards.org/vendors/finite-state2026-02-17T22:37:18.500Z https://appsecuritystandards.org/vendors/pulumi2026-02-17T22:38:36.566Z https://appsecuritystandards.org/vendors/nimbusstack2026-02-17T22:37:13.238Z https://appsecuritystandards.org/vendors/armourzero2026-02-17T22:37:47.597Z https://appsecuritystandards.org/vendors/kiuwan2026-02-17T22:38:03.800Z https://appsecuritystandards.org/vendors/xygeni2026-02-17T22:38:23.648Z https://appsecuritystandards.org/vendors/triotech-systems2026-02-17T22:38:21.093Z https://appsecuritystandards.org/vendors/dark-sky-technology-inc2026-02-17T22:38:24.867Z https://appsecuritystandards.org/vendors/sonar2026-02-17T22:38:16.212Z https://appsecuritystandards.org/vendors/bitwarden2026-02-17T22:38:28.387Z https://appsecuritystandards.org/vendors/qwiet-ai-by-harness2026-02-17T22:38:10.593Z https://appsecuritystandards.org/vendors/cloudtechner2026-02-17T22:37:10.742Z https://appsecuritystandards.org/vendors/scanoss2026-02-17T22:37:25.808Z https://appsecuritystandards.org/vendors/ldra-limited2026-02-17T22:37:41.634Z https://appsecuritystandards.org/vendors/escape2026-02-17T22:37:39.924Z https://appsecuritystandards.org/vendors/spacelift2026-02-17T22:37:14.517Z https://appsecuritystandards.org/vendors/outpost-qa2026-02-17T22:37:43.349Z https://appsecuritystandards.org/vendors/doppler2026-02-17T22:38:29.493Z https://appsecuritystandards.org/vendors/cequence-security2026-02-17T22:37:30.930Z https://appsecuritystandards.org/vendors/ketryx2026-02-17T22:37:21.488Z https://appsecuritystandards.org/vendors/manifest2026-02-17T22:37:23.111Z https://appsecuritystandards.org/vendors/toradex2026-02-17T22:37:28.203Z https://appsecuritystandards.org/vendors/infisical2026-02-17T22:38:32.545Z https://appsecuritystandards.org/vendors/jfrog2026-02-17T22:37:20.955Z https://appsecuritystandards.org/vendors/circleci2026-02-17T22:37:10.189Z https://appsecuritystandards.org/vendors/secure-decisions2026-02-17T22:38:13.812Z https://appsecuritystandards.org/vendors/solo-io2026-02-17T22:38:37.512Z https://appsecuritystandards.org/vendors/codeant-ai2026-02-17T22:37:54.327Z https://appsecuritystandards.org/vendors/inedo2026-02-17T22:37:20.324Z https://appsecuritystandards.org/vendors/onekey2026-02-17T22:37:25.361Z https://appsecuritystandards.org/vendors/syhunt2026-02-17T22:37:45.180Z https://appsecuritystandards.org/vendors/apiiro2026-02-17T22:37:04.248Z https://appsecuritystandards.org/vendors/bug-zero2026-02-17T22:37:50.631Z https://appsecuritystandards.org/vendors/orasi-software2026-02-17T22:38:07.149Z https://appsecuritystandards.org/vendors/mergebase2026-02-17T22:38:27.306Z https://appsecuritystandards.org/vendors/appcheck-ltd2026-02-17T22:37:36.356Z https://appsecuritystandards.org/vendors/firetail-ai2026-02-17T22:37:31.755Z https://appsecuritystandards.org/vendors/checkmarx2026-02-17T22:37:51.127Z https://appsecuritystandards.org/vendors/portswigger2026-02-17T22:37:43.880Z https://appsecuritystandards.org/vendors/harness2026-02-17T22:37:12.564Z https://appsecuritystandards.org/vendors/mass-data-defense-corporation-22026-02-17T22:38:33.471Z https://appsecuritystandards.org/vendors/black-hat2026-02-17T22:37:37.342Z https://appsecuritystandards.org/vendors/lineaje-inc2026-02-17T22:37:22.506Z https://appsecuritystandards.org/vendors/medcrypt2026-02-17T22:37:23.740Z https://appsecuritystandards.org/vendors/aptori2026-02-17T22:37:47.142Z https://appsecuritystandards.org/vendors/guardrails2026-02-17T22:38:01.904Z https://appsecuritystandards.org/vendors/copia-automation2026-02-17T22:37:11.339Z https://appsecuritystandards.org/vendors/scantist2026-02-17T22:38:12.676Z https://appsecuritystandards.org/vendors/code-intelligence2026-02-17T22:37:53.733Z https://appsecuritystandards.org/vendors/pynt2026-02-17T22:37:34.205Z https://appsecuritystandards.org/vendors/amyris2026-02-17T22:37:46.498Z https://appsecuritystandards.org/vendors/scandog2026-02-17T22:38:12.113Z https://appsecuritystandards.org/vendors/ostorlab2026-02-17T22:37:42.707Z https://appsecuritystandards.org/vendors/peris-ai-cybersecurity2026-02-17T22:38:08.110Z https://appsecuritystandards.org/vendors/macnica-22026-02-17T22:38:33.034Z https://appsecuritystandards.org/vendors/merito2026-02-17T22:38:05.438Z https://appsecuritystandards.org/vendors/veracode2026-02-17T22:38:21.624Z https://appsecuritystandards.org/vendors/threatrix2026-02-17T22:38:18.792Z https://appsecuritystandards.org/vendors/cqse-gmbh2026-02-17T22:38:18.063Z https://appsecuritystandards.org/vendors/clouddefense-ai2026-02-17T22:37:51.739Z https://appsecuritystandards.org/vendors/deepsource2026-02-17T22:37:58.551Z https://appsecuritystandards.org/vendors/wind-river2026-02-17T22:37:28.707Z https://appsecuritystandards.org/vendors/codacy2026-02-17T22:37:53.109Z https://appsecuritystandards.org/vendors/riversafe2026-02-17T22:38:11.617Z https://appsecuritystandards.org/vendors/elven2026-02-17T22:38:30.155Z https://appsecuritystandards.org/vendors/we452026-02-17T22:38:22.604Z https://appsecuritystandards.org/vendors/corgea2026-02-17T22:37:56.377Z https://appsecuritystandards.org/vendors/prophaze2026-02-17T22:37:33.408Z https://appsecuritystandards.org/vendors/legit-security2026-02-17T22:37:07.927Z https://appsecuritystandards.org/vendors/secure-code-warrior2026-02-17T22:38:13.308Z https://appsecuritystandards.org/vendors/eracent2026-02-17T22:37:17.991Z https://appsecuritystandards.org/vendors/codific2026-02-17T22:37:05.439Z https://appsecuritystandards.org/vendors/devtron-inc2026-02-17T22:37:12.063Z https://appsecuritystandards.org/vendors/security-compass2026-02-17T22:37:08.487Z https://appsecuritystandards.org/vendors/wolfssl2026-02-17T22:38:23.107Z https://appsecuritystandards.org/vendors/spectralops-io-a-check-point-solution2026-02-17T22:38:17.510Z https://appsecuritystandards.org/vendors/cloudsmith2026-02-17T22:37:16.987Z https://appsecuritystandards.org/vendors/grammatech2026-02-17T22:38:01.285Z https://appsecuritystandards.org/vendors/trail-of-bits2026-02-17T22:38:20.580Z https://appsecuritystandards.org/vendors/fossid2026-02-17T22:38:26.211Z https://appsecuritystandards.org/vendors/kusari2026-02-17T22:37:21.995Z https://appsecuritystandards.org/vendors/traceable-by-harness2026-02-17T22:38:19.994Z https://appsecuritystandards.org/vendors/rainforest-technologies2026-02-17T22:38:10.939Z https://appsecuritystandards.org/vendors/gitguardian2026-02-17T22:37:29.223Z https://appsecuritystandards.org/vendors/nova82026-02-17T22:38:06.133Z https://appsecuritystandards.org/vendors/guardsquare2026-02-17T22:38:02.678Z https://appsecuritystandards.org/vendors/invicti2026-02-17T22:37:41.166Z https://appsecuritystandards.org/vendors/cloudflare2026-02-17T22:38:28.973Z https://appsecuritystandards.org/pages/about2026-05-02T19:00:26.603Z https://appsecuritystandards.org/pages/submit-vendor2026-04-29T18:08:12.213Z https://appsecuritystandards.org/pages/contact2026-04-29T17:41:00.362Z https://appsecuritystandards.org/resources/what-is-application-security2026-04-28T18:13:28.400Z https://appsecuritystandards.org/resources/the-state-of-application-security-in-modern-software2026-04-28T16:12:04.237Z https://appsecuritystandards.org/pages/terms-and-conditions2026-03-30T12:01:31.391Z https://appsecuritystandards.org/pages/privacy2026-03-09T14:36:02.308Z https://appsecuritystandards.org/webinars https://appsecuritystandards.org/tools