The Ultimate Guide to Application Security
A curated Indian edition of TechDay news, analysis, interviews, reviews, job moves, and related resources for Application Security.
What to know about Application Security
Application Security focuses on protecting software applications from vulnerabilities and cyber threats throughout their development and operational life cycles. This critical field addresses challenges such as runtime protection, secure coding practices, DevSecOps integration, API security, cloud-native environments, and mitigating attacks like DDoS, supply chain risks, and malicious bot traffic.
Exploring the latest stories in Application Security reveals how advancements like AI and automation are enhancing threat detection, vulnerability management, and developer workflows, while highlighting ongoing risks found in mobile apps, open source components, and cloud deployments. Readers can gain insights into best practices, emerging technologies, and strategies to safeguard applications against evolving cyber threats.
Whether you’re a developer, security professional, or business leader, staying informed about Application Security developments helps in building resilient software, maintaining compliance, and protecting user data in an increasingly complex digital landscape.
Indian Application Security News
Regional stories with direct local relevance
Indian firms lag on software supply chain security
A JFrog study says weak package and container defences are leaving Indian organisations exposed as AI use adds new checks for developers.
JFrog unveils Mumbai speaker line-up on AI software risks
Indian firms are moving to tighten software controls as AI agents and code generation raise new security and auditability risks.
Why DevOps transparency matters more than speed in cloud-native scale
In cloud‑native DevOps, transparency-not raw speed-now determines how safely, cheaply and reliably teams can scale complex systems.
From participation to influence: redefining women's leadership in india's technology transformation era
As India's tech economy surges, women's leadership must shift from presence in teams to real influence over high‑stakes digital decisions.
Azul enhances Java security detection, cutting false positives by 99%
Azul's new Java security tool cuts false positives by 99%, boosting detection accuracy and helping DevOps teams focus on real risks in production code.
Radware enhances security for major Indian airport
Radware has secured a contract to enhance cybersecurity for a major Indian airport to combat a 265% rise in cyber threats, delivering vital protection.
Analyst Insights
Research and market analysis connected to Application Security
Salt Code enforces security policies in AI coding tools
Software Improvement Group named Gartner leader on debt
Cycode launches agentic development lifecycle security
Cognizant launches Secure AI Services for enterprises
JFrog unveils Mumbai speaker line-up on AI software risks
Featured News
Exabeam: Ruthless efficiency can make agentic AI malicious
Behavioural analytics is becoming essential as AI agents can pursue tasks so efficiently that they may cause damage without any malicious intent.
Check Point Technologies: On vigilance, Mythos and beyond
AI-driven vulnerability scanning is forcing firms to rethink complacency as Check Point says existing defences still help against Mythos.
Exclusive: Reco COO on securing the AI inside your SaaS stack
Reco COO Zoe Hillenmeyer says enterprises typically underestimate their AI agent exposure by a factor of ten and that gap is widening.
Google Cloud CEO sets out enterprise AI agent plan
Enterprises will get one place to build, govern and run AI agents, as Google Cloud expands Gemini Enterprise across models, data and security.
'Human Risk' takes centre stage - Mimecast CEO
Mimecast chief warns human risk is now cybersecurity's 'eighth layer' as malicious insiders overtake negligence in Australian attacks.
UiPath Accelerates AI in Software Development and Testing
UiPath is pushing AI deeper into software testing, promising autonomous agents that transform quality assurance and developers' roles.
Expert Columns
Why organisations in Asia Pacific are rethinking their AI deployment strategies
The evolving role of the CSO: From technical guardian to business strategist
Why DevOps transparency matters more than speed in cloud-native scale
Leading security in the AI era: Why CISOs must secure AI while using AI to secure the enterprise
Secure by default: Moving beyond secure by design
Why the next endpoint and SASE disruption will not come from a security vendor
From participation to influence: redefining women's leadership in india's technology transformation era
The security challenges in AI-assisted software development
Hybrid mesh security emerges to counter AI cyber risks
How AI-powered log management unlocks observability
Interviews
Interviews and video coverage from the networkRecent Application Security News
F5 announces advancements in multi-cloud networking partnerships
F5 reinforces its multi-cloud leadership, unveiling partnerships with NetApp, Red Hat, and Console Connect amid market growth projections.
Sysdig expands cloud security with new SaaS region in India
Sysdig expands its cloud-native security platform into India with a new SaaS region, addressing the growing cloud economy and increasing demand for local data sovereignty.
Supply chain software security: Remediating the Curl effect
These statistics provide a convincing perspective on how this vulnerability in Curl makes security across the software supply chain sort of defenseless.
Wallarm launches flat-rate AWS infrastructure discovery
Cloud security teams can now map AWS estates without metered costs rising as visibility improves, easing budget pressure on larger organisations.
Synack expands CREST pathways with two new certifications
Security buyers get a stronger benchmark as CREST-certified testers gain faster access to Synack's vetted red team for client engagements.
.webp)
Broadcom expands Spring security with faster patches
Java developers using Spring will get faster fixes as Broadcom backs day-zero patch access and more secure dependency builds for paying customers.
BeyondTrust joins Anthropic's Project Glasswing push
The partnership could help uncover critical flaws faster as AI-driven attacks and machine identities raise the stakes for infrastructure security.
Anthropic expands Project Glasswing to 150 organisations
The wider rollout targets critical infrastructure and software maintainers after early users found more than 10,000 serious flaws.
Offroad lands USD $7 million to tackle identity risk
Security teams may gain relief from manual identity investigations as Offroad targets risks from human, machine and AI access with USD $7 million.
SecureIQLab publishes APAC cloud WAAP validation reports
Independent tests are giving APAC buyers a clearer basis to compare cloud WAAP products as web and API attacks intensify.
Insight launches managed defence for AI-driven flaws
Mid-sized firms facing faster exploits can now outsource patching, exposure scanning and threat monitoring under one contract.
Sonatype flags 176 npm packages in dependency attack
Developers using npm could have secrets exposed as 176 malicious packages were set up to hijack dependency resolution and run postinstall malware.
OpenClaw adds NVIDIA SkillSpector to ClawHub checks
The registry is tightening checks after malicious uploads exposed a gap between declared skill purpose and actual behaviour.
New Relic touts Microsoft partnership as bookings rise
Marketplace bookings through Microsoft rose by double digits as New Relic deepened integrations aimed at helping customers manage AI-era software risk.
Rubrik uses Anthropic Mythos to probe software flaws
Early access to Anthropic's Mythos in Australia is helping Rubrik scan its code for flaws before attackers can exploit them.
GitHub launches Copilot desktop app for agentic work
Developers can now manage multiple AI coding agents in one place as GitHub tests a desktop Copilot app with worktree automation and review tools.
HackerOne launches AI platform to close security gap
Rising vulnerability volumes are outpacing fix times, prompting HackerOne to roll out an AI system that feeds confirmed threats into developer tools.
Secure Code Warrior launches AI governance learning
Companies can now tie AI code-use risks to developer training, with Secure Code Warrior aiming to prove compliance at commit level.
Windows 11 sandbox flaw lets attackers escape with one click
Microsoft patched a CVE-2025-59199 flaw in October after researchers showed a single click could let low-integrity code escape Windows 11's sandbox.
DevOps platform vulnerabilities rise in 2025 report
More than half of patched flaws in major DevOps tools were high or critical in 2025, putting software supply chains at greater risk.