The Ultimate Guide to Application Security
A curated Canadian edition of TechDay news, analysis, interviews, reviews, job moves, and related resources for Application Security.
What to know about Application Security
Application Security focuses on protecting software applications from vulnerabilities and cyber threats throughout their development and operational life cycles. This critical field addresses challenges such as runtime protection, secure coding practices, DevSecOps integration, API security, cloud-native environments, and mitigating attacks like DDoS, supply chain risks, and malicious bot traffic.
Exploring the latest stories in Application Security reveals how advancements like AI and automation are enhancing threat detection, vulnerability management, and developer workflows, while highlighting ongoing risks found in mobile apps, open source components, and cloud deployments. Readers can gain insights into best practices, emerging technologies, and strategies to safeguard applications against evolving cyber threats.
Whether you’re a developer, security professional, or business leader, staying informed about Application Security developments helps in building resilient software, maintaining compliance, and protecting user data in an increasingly complex digital landscape.
Canadian Application Security News
Regional stories with direct local relevance
World Backup Day 2026: In the age of AI, what are you really backing up?
AI disruptions and cyberattacks are forcing organisations to back up models, prompts and knowledge bases, not just files.
Check Point launches Canada-only data region for WAF
Check Point debuts Canada-only WAF data region, promising full data residency, lower latency and AI-driven protection for local organisations.
Bell Cyber & Radware launch AI-driven cloud security
Bell Cyber and Radware have unveiled an AI-driven, fully managed cloud security service to shield apps, APIs and sites from automated attacks.
Analyst Insights
Research and market analysis connected to Application Security
Cequence posts record quarter on agentic AI security
Averlon launches Precog to block exploitable risks
Salt Code enforces security policies in AI coding tools
Software Improvement Group named Gartner leader on debt
Cycode launches agentic development lifecycle security
Featured News
Humanoid robots, 0-day defence among Info-Tech trends for '27
Agentic AI, zero-day surge, sovereign cloud, and humanoid robots will define IT strategy in 2027, Info-Tech Research Group warns.
Exabeam: Ruthless efficiency can make agentic AI malicious
Behavioural analytics is becoming essential as AI agents can pursue tasks so efficiently that they may cause damage without any malicious intent.
Check Point Technologies: On vigilance, Mythos and beyond
AI-driven vulnerability scanning is forcing firms to rethink complacency as Check Point says existing defences still help against Mythos.
Exclusive: Reco COO on securing the AI inside your SaaS stack
Reco COO Zoe Hillenmeyer says enterprises typically underestimate their AI agent exposure by a factor of ten and that gap is widening.
Google Cloud CEO sets out enterprise AI agent plan
Enterprises will get one place to build, govern and run AI agents, as Google Cloud expands Gemini Enterprise across models, data and security.
'Human Risk' takes centre stage - Mimecast CEO
Mimecast chief warns human risk is now cybersecurity's 'eighth layer' as malicious insiders overtake negligence in Australian attacks.
UiPath Accelerates AI in Software Development and Testing
UiPath is pushing AI deeper into software testing, promising autonomous agents that transform quality assurance and developers' roles.
Expert Columns
Why ERP is not just another platform you can rebuild with AI code
As agentic development accelerates, workflow auditability becomes a bottleneck
World Backup Day 2026: In the age of AI, what are you really backing up?
The evolving role of the CSO: From technical guardian to business strategist
Secure by default: Moving beyond secure by design
Why the next endpoint and SASE disruption will not come from a security vendor
The security challenges in AI-assisted software development
AI surge exposes cloud security gaps, report warns
Agentic AI double agents expose dangerous security gaps
Why auto update is the most underrated security feature on your firewall
Interviews
Interviews and video coverage from the networkRecent Application Security News
Cloud202 launches Qubitz AI for cheaper business apps
Enterprises could cut AI app development costs by up to 80% as Cloud202 targets the gap between prototypes and secure production systems.
AI coding tools may raise enterprise software risk
Weaker oversight could turn AI-generated code into a costly drag, with security flaws and technical debt rising in enterprise projects.
AI coding tools raise debt & security risks, SIG warns
Enterprise teams using AI coding tools may face higher technical debt, security gaps and costs, according to new SIG research.
Broadcom expands Spring security for AI threat surge
Enterprises using Spring will get faster access to validated fixes as Broadcom responds to a 1700% surge in monthly security advisories.
Thoughtworks launches Agent/works for AI governance
Enterprise teams are getting a single control plane to track agent sprawl, tighten permissions and curb AI spending as autonomous systems spread.
Checkmarx partners with Carahsoft for public sector sales
Government agencies will gain wider access to application security tools as the partnership places Checkmarx products on Carahsoft's procurement channels.
Sports betting apps targeted by fraud, warns Approov
Major sporting events are giving fraudsters fresh ways to scrape data, hijack tokens and abuse APIs in genuine betting apps.
AISLE launches Snapshot for secure private cloud use
Regulated firms can now scan code for flaws without sending sensitive data to external AI services, as AISLE targets private deployments.
Organisations shift to continuous testing in security
With AI speeding up attacks, 53% of security leaders say point-in-time tests are already outdated by the time reports land.
Checkmarx partners Carahsoft to expand public sector sales
Government buyers will gain wider access to Checkmarx tools as Carahsoft opens procurement routes through reseller networks and federal contracts.
Saviynt adds AI agent runtime controls & verification
The new controls could help enterprises stop AI agents from exporting data or changing records when their actions stray beyond approved intent.
OpenAI acquires Ona to expand Codex enterprise workflows
Enterprise users could gain more secure long-running AI workflows as OpenAI folds Ona's cloud execution tools into Codex for production use.
Flux raises USD $5 million to track AI code output
The new capital will help the Boston startup expand sales and engineering as firms seek clearer oversight of AI-assisted coding and software risk.
Field Effect launches AI detection & response tool
Businesses face growing shadow AI risks as Field Effect folds monitoring and controls into its managed detection and response platform.
GitLab unveils tools for governed agentic software delivery
Enterprises could cut agent coding costs and compliance risks as the new releases add server-side repository access, audit tools and spend controls.
NetRise launches discovery partner programme for security
Customers will be able to buy software supply chain security with advisory and managed services as NetRise widens its route to market through partners.
Liquibase launches free CVE library for Community users
Older Liquibase Community users can now check release-by-release vulnerabilities in a free public library covering Docker images and binaries.
Zscaler launches zero-trust tools to secure AI agents
Enterprises face new risks as autonomous software agents spread through systems faster than older security tools can track or control.
Zscaler expands Project AI-Guardian with tech partners
The wider partnership push aims to help enterprises control AI risk across cloud, identity and data systems as deployments move into production.
JFrog adds Claude Code plugin for security oversight
Audit trails for AI-generated code could get easier as the plugin exposes packages, dependencies and provenance inside Claude Code.