Software Security Archives

The Vuln Surge is Coming. CSA is Telling Us How to Survive It

Alan Shimel | April 12, 2026 | AI, cloud security alliance, Cybersecurity, exploit automation, industry collaboration, MythosReady, risk mitigation, Software Security, Vulnerability Management, vulnerability surge

The Cloud Security Alliance’s MythosReady report offers a calm, rational roadmap for navigating the AI-driven vulnerability surge. But two critical questions about exploit automation and the painful transition ahead deserve more attention ...

Security Boulevard

RSAC 2026 Innovation Sandbox | Clearly AI: Automated Software Security Platform Empowered by AI

NSFOCUS | March 18, 2026 | AI Security, Blog, Innovation Sandbox, rsac, Software Security

Company Profile Founded in 2024, Clearly AI is a company focused on automating enterprise security and privacy audits, headquartered in Seattle, Washington, USA. The company was co-founded by Emily Choi-Greene and Joe ...

NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

OMB Rolled Back the Rules. Security Did Not Get Easier

Sonatype | March 10, 2026 | Compliance, Federal, government, risk management, SBOM, software bill of materials, Software Security

The U.S. Office of Management and Budget (OMB)'s decision to rescind M-22-18 and M-23-16 and replace them with M-26-05 has been framed as a win for flexibility and a rollback of security ...

2024 Sonatype Blog

LLMs, AI, cyberattacks, access, identity, 1Password, Exabeam, LogRhythm, GenAI, censorship, model, RBAC, secure, Fortinet, SASE, Opal, access privileges, cloud security, GenAI, generative AI cloud compromise LLM

The New Security Reality: When AI Accelerates Both Attack and Defense

Moshe Bar | March 3, 2026 | agentic defense platforms, AI Integration, AI-driven vulnerability discovery, autonomous defense, Cybersecurity Automation, cybersecurity evolution, DevOps cycle, Large language models (LLMs), machine speed operations, risk assessment, security posture, Software Security, threat landscape, Vulnerability Exploitation, Vulnerability Management

Discover how the integration of large language models is transforming software security, lowering barriers for attackers, and necessitating autonomous defense platforms to keep pace with emerging threats ...

Security Boulevard

NDSS 2025 – JBomAudit: Assessing The Landscape, Compliance, And Security Implications Of Java SBOMS

Marc Handelman | February 28, 2026 | Applications & Policies, appsec education, cybersecurity education, Infosecurity Education, NDSS 2025, NDSS Symposium, Network Security, Security Conferences, Session 14A, Software Security

Session 14A: Software Security: Applications & Policies Authors, Creators & Presenters: Yue Xiao (IBM Research), Dhilung Kirat (IBM Research), Douglas Lee Schales (IBM Research), Jiyong Jang (IBM Research), Luyi Xing (Indiana University ...

Infosecurity.US

NDSS 2025 – CASPR: Context-Aware Security Policy Recommendation

Marc Handelman | February 27, 2026 | Applications & Policies, appsec education, NDSS 2025, NDSS Symposium, Network Security, Security Conferences, Session 14A, Software Security

Session 14A: Software Security: Applications & Policies Authors, Creators & Presenters: All From The Institute of Information Engineering, Chinese Academy of Sciences: Lifang Xiao, Hanyu Wang, Aimin Yu, Lixin Zhao, Dan Meng ...

Infosecurity.US

NDSS 2025 – Enhancing Security In Third-Party Library Reuse

Marc Handelman | February 27, 2026 | Applications & Policies, appsec education, cybersecurity education, Infosecurity Education, NDSS 2025, NDSS Symposium, Network Security, Security Conferences, Session 14A, Software Security

Session 14A: Software Security: Applications & Policies Authors, Creators & Presenters: Shangzhi Xu (The University of New South Wales), Jialiang Dong (The University of New South Wales), Weiting Cai (Delft University of ...

Infosecurity.US

NDSS 2025 – Retrofitting XoM For Stripped Binaries Without Embedded Data Relocation

Marc Handelman | February 26, 2026 | appsec education, Code and Compiler, cybersecurity education, Infosecurity Education, NDSS 2025, NDSS Symposium, Network Security, Security Conferences, Session 13D, Software Security

Session 13D: Software Security: Code and Compiler Authors, Creators & Presenters: Chenke Luo (Wuhan University), Jiang Ming (Tulane University), Mengfei Xie (Wuhan University), Guojun Peng (Wuhan University), Jianming Fu (Wuhan University) PAPER ...

Infosecurity.US

NDSS 2025 – Translating C To Rust: Lessons From A User Study

Session 13D: Software Security: Code and Compiler Authors, Creators & Presenters: Ruishi Li (National University of Singapore), Bo Wang (National University of Singapore), Tianyu Li (National University of Singapore), Prateek Saxena (National ...

Infosecurity.US

NDSS 2025 – type++: Prohibiting Type Confusion With Inline Type Information

Marc Handelman | February 25, 2026 | appsec education, Code and Compiler, cybersecurity education, Infosecurity Education, NDSS 2025, NDSS Symposium, Network Security, Security Conferences, Session 13D, Software Security

Session 13D: Software Security: Code and Compiler Authors, Creators & Presenters: Nicolas Badoux (EPFL), Flavio Toffalini (Ruhr-Universität Bochum, EPFL), Yuseok Jeon (UNIST), Mathias Payer (EPFL) PAPER type++: Prohibiting Type Confusion with Inline ...

Infosecurity.US

Software Security

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On