The Next.js team disclosed – CVE-2025-29927 vulnerability – that allows attackers to bypass authorization checks implemented in Next.js Middleware by manipulating the x-middleware-subrequest header.

Remote Code Execution CVE-2025-24813 vulnerability - See how Kodem runtime SCA and ADR can identify and block these attacks without specific CVE signatures

As organizations increasingly adopt AI, the demand for standardized frameworks to manage AI risks has grown - enter ISO 42001.

Product enhancements that empower entire teams to simplify their application security processes, prioritize issues based on impact and remediate vulnerabilities more precision.

See why organizations must adopt automated defenses, infrastructure protections, external validation, and a stronger security culture to combat modern cyber threats.

The evolving landscape of open-source security highlights the importance of preserving access, innovation, and trust for the developer community.

This report offers actionable insights to future-proof application security programs and workflows, based on input from industry leaders, practitioners, developers, and DevOps professionals.

Kodem introduces transformative updates for security teams: runtime-informed prioritization, actionable remediation guidance with detailed fixes, and runtime-driven function-level analysis across multiple languages.

CVE-2024-53677 is a critical file upload vulnerability affecting Apache Struts2 versions 2.0.0 through 6.3.0. At its core, the vulnerability stems from flaws in the deprecated “File Upload Interceptor” component. CVE-2024-53677 is a critical file upload vulnerability affecting Apache Struts2 versions 2.0.0 through 6.3.0. At its core, the vulnerability stems from flaws in the deprecated “File Upload Interceptor” component.

Explore our comparative study on reachability analysis in AppSec, highlighting modern solutions that integrate static and runtime data for precise vulnerability management and prioritization.

DevOps security can utilize free tooling to detect hard-coded secrets, generate SBOMs, and enforce best practices.

Cyber Defense Magazine annually spotlights top innovators and names Kodem Security as the winner of 2024 Top Application Security

OpenAI o1 model's iterative thinking and mid-attack adaptation mark a breakthrough in AI-enhanced penetration testing.

The disconnect between traditional AppSec approaches and attack methodologies emphasizes the need for security strategies to better align with real-world threats and attack techniques.

A group of critical vulnerabilities in the Common UNIX Printing System (CUPS) has emerged, affecting the majority of major Linux distributions.

This report evaluates the security posture of the top five open-source AI libraries on GitHub examining reachability, exploitability, fixability, and initial access potential i

Powerful CI and SCM Policy Updates Ensure the Security of Builds and PRs with Remediation Guidance for Transitive Dependencies

Kodem’s Monorepo Support helps manage dependencies while ensuring consistent security and pinpointing vulnerabilities.

Discover the key security issues in Scala, explore critical CVEs, and learn best practices to secure your Scala applications against vulnerabilities.

Best practices for addressing Rust security vulnerabilities. Rust-lang vulnerability examples and remediation tips.

New Jira integration brings runtime intelligence directly into the JIRA environment making it easier than ever for developers to identify and fix vulnerabilities efficiently.

Learn how Attack Path Analysis identifies potential attack routes, helping you break the attack chain and secure your application with precision.

How to secure critical infrastructure ‍and reduce AI security risks by focusing on defenses at runtime.

Which is better, eBPF or kernel modules for vulnerability detection and attack monitoring? Evidence points towards eBPF.

Effective cloud cost management can be achieved by implementing a self-managed NAT

Vulnerability Alert: CVE-2024-6387, dubbed regreSSHion, has been discovered in OpenSSH. Get remediation guidance now.

Kodem Security's Runtime-Powered SAST introduces a groundbreaking approach, reshaping the application security landscape.

Kodem’s integration with Google Cloud means we’re actively scanning, analyzing, and responding to threats in real-time, across all stages of the development lifecycle

Review software security requirements for Secure SDLC Regulations and SDLC security guidance on how to achieve compliance.

Kodem Security is thrilled to announce that it has been honored with the 2024 Fortress Award for Best Application Security Solution