The Ultimate Guide to Application Security
A curated Canadian edition of TechDay news, analysis, interviews, reviews, job moves, and related resources for Application Security.
What to know about Application Security
Application Security focuses on protecting software applications from vulnerabilities and cyber threats throughout their development and operational life cycles. This critical field addresses challenges such as runtime protection, secure coding practices, DevSecOps integration, API security, cloud-native environments, and mitigating attacks like DDoS, supply chain risks, and malicious bot traffic.
Exploring the latest stories in Application Security reveals how advancements like AI and automation are enhancing threat detection, vulnerability management, and developer workflows, while highlighting ongoing risks found in mobile apps, open source components, and cloud deployments. Readers can gain insights into best practices, emerging technologies, and strategies to safeguard applications against evolving cyber threats.
Whether you’re a developer, security professional, or business leader, staying informed about Application Security developments helps in building resilient software, maintaining compliance, and protecting user data in an increasingly complex digital landscape.
Canadian Application Security News
Regional stories with direct local relevance
World Backup Day 2026: In the age of AI, what are you really backing up?
World Backup Day prompts organisations to rethink recovery as AI systems, prompts and training data become as vital to resilience as files and databases.
Check Point launches Canada-only data region for WAF
Check Point debuts Canada-only WAF data region, promising full data residency, lower latency and AI-driven protection for local organisations.
Bell Cyber & Radware launch AI-driven cloud security
Bell Cyber and Radware have unveiled an AI-driven, fully managed cloud security service to shield apps, APIs and sites from automated attacks.
Analyst Insights
Research and market analysis connected to Application Security
Check Point wins Frost & Sullivan recognition for WAF
Capsule Security raises $7 million to guard AI agents
Gigamon eyes AI-led surge in network observability
Survey finds organisations struggle to secure unstructured data
Codenotary launches AgentX for Linux security automation
Featured News
Google Cloud CEO sets out enterprise AI agent plan
Google Cloud's Thomas Kurian unveils Gemini Enterprise as an open, secure workplace AI platform linking models, data, chips and security.
'Human Risk' takes centre stage - Mimecast CEO
Mimecast chief warns human risk is now cybersecurity's 'eighth layer' as malicious insiders overtake negligence in Australian attacks.
UiPath Accelerates AI in Software Development and Testing
UiPath is pushing AI deeper into software testing, promising autonomous agents that transform quality assurance and developers' roles.
Grafana: Turning data chaos into developer efficiency and CFO savings
Grafana leans on AI-powered observability and Adaptive Telemetry to sharpen developer insight while slashing cloud bills by up to 50%.
Expert Columns
World Backup Day 2026: In the age of AI, what are you really backing up?
The evolving role of the CSO: From technical guardian to business strategist
Secure by default: Moving beyond secure by design
Why the next endpoint and SASE disruption will not come from a security vendor
The security challenges in AI-assisted software development
AI surge exposes cloud security gaps, report warns
Agentic AI double agents expose dangerous security gaps
Why auto update is the most underrated security feature on your firewall
Integrating AppSec for efficient DevSecOps
How AI is driving the convergence of networking and security
Interviews
Interviews and video coverage from the networkRecent Application Security News
Canada ahead of global average on password security
Canada slightly outperforms the global average on password security, but Zoho warns identity gaps, third-party access and legacy systems still loom large.
Vega spots Weaver E-cology attacks within days of patch
Vega says attackers began exploiting a critical Weaver E-cology remote code execution flaw within five days of the vendor patch, with no lasting foothold.
Saiga phishing kit returns to bypass multifactor auth
Barracuda spots Saiga 2FA phishing kit revival as attackers use dynamic pages and cookie theft to sidestep multifactor authentication.
Kamiwaza launches AI platform for regulated sectors
Kamiwaza AI debuts version 1.0 platform for healthcare, banking and government users, promising governed access and hardened infrastructure.
Chainguard launches compliant EKS add-ons in AWS Marketplace
Chainguard brings compliant EKS add-ons to AWS Marketplace, giving regulated organisations FIPS 140-3 validated Kubernetes components with zero known CVEs.
Tenable finds GitHub workflow flaw in Microsoft repo
Tenable flags GitHub workflow flaw in Microsoft's Windows-driver-samples repo that could let attackers run code and reach secrets.
Cloudflare warns of AI code review prompt injection
Cloudflare says indirect prompt injection can fool AI code reviewers, with malicious scripts slipping past models when buried in large files and comment noise.
Qilin drives 43% rise in ransomware attacks
Qilin-linked ransomware attacks jumped 43% in March, NCC Group says, as AI-fuelled deception and software flaws widen the threat picture.
OpenObserve raises USD $10 million for Observability 3.0
OpenObserve wins USD $10 million backing to expand its Observability 3.0 platform, adding AI SRE and LLM monitoring for enterprise customers.
Intruder launches AI pentesting for faster validation
Intruder's new AI Pentesting tool aims to validate scanner findings in minutes, easing pressure on security teams facing faster-moving threats.
Keeper Security launches Agent Kit for AI coding agents
Keeper Security launches Agent Kit to let AI coding assistants handle secrets and admin tasks without exposing credentials in chat logs.
Intruder launches AI pentesting to cut vulnerability triage
Intruder launches AI Pentesting to help security teams validate scanner findings faster as pressure mounts over shrinking exploit windows.
Virtana adds AWS Bedrock Guardrails support to AI Factory
Virtana expands AI Factory Observability with AWS Bedrock Guardrails support, giving security teams deeper insight into enterprise LLM behaviour and anomalies.
AI is biggest cyber threat to CISOs, NCC Group warns
Artificial intelligence heightens cyber risk for chief information security officers as ransomware attacks rise 22% in March, NCC Group says.
Bots make up 53% of web traffic, Thales report says
Thales says AI-driven bots now account for 53% of web traffic, as malicious automation surges and API attacks intensify across finance.
.webp)
Qualys warns cloud risk now stems from identity design
Qualys report says cloud breaches are increasingly driven by identity design, delegated trust and slow remediation as AI widens exposure.
GitLab deepens Anthropic Claude integration for governance
GitLab adds Anthropic's latest Claude models to Duo Agent Platform, giving enterprises cloud-based access with governance, compliance and audit controls.
Oracle NetSuite launches AI coding skills for developers
Oracle NetSuite rolls out AI coding skills for developers, aiming to speed custom app building and reduce errors across 25 platforms.
API attacks surge as AI exposure raises cyber risk
Akamai survey finds APIs are now cybercriminals' main target, with AI-linked interfaces under attack and incidents costing organisations more than USD $700,000.
MathWorks adds AI copilot tools to MATLAB & Simulink
MathWorks adds Simulink Copilot and Polyspace Copilot in R2026a, bringing generative AI tools to embedded design, code analysis and verification.