The Ultimate Guide to Application Security
A curated Kiwi edition of TechDay news, analysis, interviews, reviews, job moves, and related resources for Application Security.
What to know about Application Security
Application Security focuses on protecting software applications from vulnerabilities and cyber threats throughout their development and operational life cycles. This critical field addresses challenges such as runtime protection, secure coding practices, DevSecOps integration, API security, cloud-native environments, and mitigating attacks like DDoS, supply chain risks, and malicious bot traffic.
Exploring the latest stories in Application Security reveals how advancements like AI and automation are enhancing threat detection, vulnerability management, and developer workflows, while highlighting ongoing risks found in mobile apps, open source components, and cloud deployments. Readers can gain insights into best practices, emerging technologies, and strategies to safeguard applications against evolving cyber threats.
Whether you’re a developer, security professional, or business leader, staying informed about Application Security developments helps in building resilient software, maintaining compliance, and protecting user data in an increasingly complex digital landscape.
Kiwi Application Security News
Regional stories with direct local relevance
Safety isn't just a launch state, it's a discipline
AI wellbeing coaches face persistent probing, and the company says health tools must be monitored daily as attacks grow more sophisticated.
Wellington startup launches Metaport for agency risk
Wellington startup Dcentrica has unveiled Metaport, a platform giving digital agencies real-time visibility of security and maintenance risk.
Capture The Bug adds US tech leaders for North American push
Hamilton-born Capture The Bug taps top US tech leaders to drive North American growth as demand rises for continuous security testing.
'Be very, very suspicious': Neighbourly breach makes users vulnerable - expert
Neighbourly breach puts up to a million users at risk as stolen GPS data and messages hit dark web, experts urge extreme vigilance online.
Rapid7 partners with Duo for strategic distribution in New Zealand
New Zealand's cybersecurity expenditure could boost as Rapid7 appoints Duo, a branch of Sektor, for strategic distribution.
Top cybersecurity achievements celebrated at 2023 iSANZ Awards
New Zealand's cybersecurity heroes, including KPMG's Philip Whitmore and BNZ teams, were honoured at the 2023 iSANZ Awards for advancing digital resilience nationwide.
Analyst Insights
Research and market analysis connected to Application Security
Citrix adds MCP Gateway to NetScaler for AI traffic
Data Theorem launches AI security platform for apps
Gartner names Tenable leader in AI exposure assessment
Secure Code Warrior launches AI adoption model for CISOs
Checkmarx named leader in Gartner supply chain quadrant
Featured News
Exabeam: Ruthless efficiency can make agentic AI malicious
Behavioural analytics is becoming essential as AI agents can pursue tasks so efficiently that they may cause damage without any malicious intent.
Check Point Technologies: On vigilance, Mythos and beyond
AI-driven vulnerability scanning is forcing firms to rethink complacency as Check Point says existing defences still help against Mythos.
Exclusive: Reco COO on securing the AI inside your SaaS stack
Reco COO Zoe Hillenmeyer says enterprises typically underestimate their AI agent exposure by a factor of ten and that gap is widening.
Certes says be ready to protect data before Q Day hits
Only 3% of Australian businesses have started preparing for post-quantum cryptography, leaving sensitive data exposed to harvest-now, decrypt-later attacks.
Upwind Expands to Sydney: Real Time Cloud Security for APJ
The Sydney move follows a USD $250 million funding round as the cloud security firm bets on real-time protection for fast-growing AI workloads.
AI agents multiply risk, says DigiCert chief product officer
Many firms cannot see where their AI agents are, leaving identity, policy and supply-chain risks to grow as deployments scale.
Google Cloud CEO sets out enterprise AI agent plan
Enterprises will get one place to build, govern and run AI agents, as Google Cloud expands Gemini Enterprise across models, data and security.
Expert Columns
Buying more tools won't scale your security ambitions, operational maturity will
Safety isn't just a launch state, it's a discipline
A strategic blueprint for governing AI-enabled software development
Why ERP is not just another platform you can rebuild with AI code
As agentic development accelerates, workflow auditability becomes a bottleneck
Why organisations in Asia Pacific are rethinking their AI deployment strategies
The evolving role of the CSO: From technical guardian to business strategist
From 398 to 200 Days: Understanding the TLS Certificate Lifespan Reduction
Secure by default: Moving beyond secure by design
Why the next endpoint and SASE disruption will not come from a security vendor
Interviews
Interviews and video coverage from the networkRecent Application Security News
Radware and Spark NZ enter cybersecurity partnership
Radware and Spark NZ have signed a partnership agreement to offer application and network security services in New Zealand.
Snyk expands reach across NZ market with new structure and leadership roles
Snyk is expanding its reach across the NZ market, aiming to further cement its place in the developer-focused security space.
Auldhouse significantly expands cybersecurity training offerings
Auldhouse set to become one of New Zealand's leading cybersecurity training providers, gaining official rights to the world's top cybersecurity certifications.
NZ financial firms bolster secure software development with Checkmarx
Two major financial institutions in New Zealand have refreshed their application security measures with the help of security specialist Checkmarx.
Chillisoft to distribute Imperva security solutions
Chillisoft adds Imperva to its cybersecurity portfolio, offering enterprise data security, web application, BOT protection, and CDN solutions.
The three-pronged security approach to multi-cloud environments
As enterprises adopt multi-cloud strategies, vArmour simplifies security with a three-pronged approach: auto-discovery, policy computation, and enforcement.
Google Cloud puts Cloud Run sandboxes into preview
Developers can now isolate AI-generated code and user scripts inside Cloud Run, reducing the risk of exposing credentials or host data.
NCC Group maps security gaps across AI coding agents
Weak default safeguards and uneven sandboxing could leave developers exposed to command execution before workspace trust is granted.
Google backs 33 cybersecurity startups in AI shift
New tools for governing AI agents are moving to the fore as Google picks 33 cybersecurity startups for its first cybersecurity forum cohort.
IBM & Red Hat launch Lightwell for open source fixes
Enterprises can now patch older open source software without disruptive upgrades, as IBM and Red Hat target stubborn vulnerability backlogs.
XBOW wins AWS application security competency status
The AWS badge could help XBOW win more enterprise deals as buyers seek continuous testing that shows which vulnerabilities are exploitable.
AI speeds coding but not enterprise software delivery
Enterprises risk slower returns from AI as manual approvals and release bottlenecks keep software lead times stuck at 30 to 45 days.
ManageEngine launches marketplace with 170 extensions
Enterprises can now add more tailored IT tools after the new Marketplace passed 170 extensions and 10,000 downloads worldwide.
Ory unveils Agent DX for enterprise AI coding agents
Developers can now add authentication and access controls earlier in AI-built apps, as Ory's free plugins plug identity tools into coding agents.
AI-generated code is in production at 44.7% of firms
More than half of engineering teams are now using AI to write code, but weak oversight is leaving security, dependency and performance risks in production.
Dawnguard launches security platform & raises USD $6.3m
North American expansion is now being funded as the startup targets cloud risks introduced at the design stage, not after deployment.
LexisNexis & Promon team up on mobile fraud defence
Fraud teams will gain extra app-level signals as the firms combine mobile protection with identity intelligence to catch tampering and abuse.
Google Cloud uses AI agents to secure software lifecycle
Its internal security team says automated agents now speed vulnerability checks, patching and production monitoring as attacks intensify.
Reco launches agent security for enterprise AI risk
Enterprise security teams are being pushed to track what AI agents can access and do across apps, identities and workflows before data is exposed.
NCC Group joins OpenAI Daybreak cyber partner programme
The tie-up gives NCC Group early access to GPT-5.5-Cyber, as OpenAI seeks trusted testers for defensive uses of its cyber tools.