Blog

Insights from application security experts and industry leaders

Featured

Kodem just built the world’s only Dev to Prod Agentic Taskforce in Cyber

Jul 28, 2025

At RSAC 2025, we launched Kai, the first AI-native application security engineer. Today, we’re expanding it into a fully agentic task force that truly performs AppSec tasks from start to finish. 

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Kodem’s Approach to ADR: Rethinking Application Detection & Response

Application Detection and Response (ADR) is emerging as the next evolution in application security, aiming to catch and stop attacks from within the application itself at runtime. Recent incidents like the Next.js middleware vulnerability CVE-2025-29927 – an authentication bypass triggered by a single HTTP header – underscore why traditional approaches often fall short.

May 14, 2025
Runtime Intelligence

May 2025 Edition of Kodem Kernels

Product enhancements that empower entire teams to simplify their application security processes, prioritize issues based on impact and remediate vulnerabilities more precision.

May 1, 2025
Kodem Kernels - Product Updates

Toward a Unified Application Data Model for Agentic AppSec

Kodem unified data model allows reasoning about “what’s happening” in the app—at every layer, in every stage—at once.

April 21, 2025
Application Security

Agentic Red Teams Are Here: Autonomous Vulnerability Discovery Ushers in a New Security Paradigm

Agentic red teams, AI-powered multi-agent systems capable of offensive security testing, have arrived as a timely and necessary innovation to fill this critical gap in the cybersecurity landscape.

April 1, 2025
Application Security

Deep Runtime Evidence & Function-Level Visibility

Pinpoint real exposure with Kodem’s unique approach, as seen in real-world example of CVE-2025-29927 in Next.js.

March 27, 2025
Vulnerabilities

Vulnerability Alert: CVE-2025-29927: Next.js Middleware Authorization Bypass

The Next.js team disclosed – CVE-2025-29927 vulnerability – that allows attackers to bypass authorization checks implemented in Next.js Middleware by manipulating the x-middleware-subrequest header.

March 24, 2025
Vulnerabilities

Vulnerability Alert: Remote Code Execution vulnerability CVE-2025-24813

Remote Code Execution CVE-2025-24813 vulnerability - See how Kodem runtime SCA and ADR can identify and block these attacks without specific CVE signatures

March 19, 2025
Vulnerabilities

Vulnerability Alert: tj‑actions/changed‑files

Vulneraiblity in the GitHub tj‑actions/changed‑files Action—employed by over 23,000 repositories—has been compromised by an attacker.

March 18, 2025
Vulnerabilities

ISO 42001: What it Means for AI Security and Application Security Teams

As organizations increasingly adopt AI, the demand for standardized frameworks to manage AI risks has grown - enter ISO 42001.

March 12, 2025
Application Security

February 2025 Edition of Kodem Kernels

Product enhancements that empower entire teams to simplify their application security processes, prioritize issues based on impact and remediate vulnerabilities more precision.

February 26, 2025
Kodem Kernels - Product Updates

Breaking the Developer Security Mold: A Call for Automated & Distributed Defenses

See why organizations must adopt automated defenses, infrastructure protections, external validation, and a stronger security culture to combat modern cyber threats.

February 7, 2025
Application Security

Press Release: Security Rivals Unite to Launch “Opengrep” Following Semgrep Clampdown

The evolving landscape of open-source security highlights the importance of preserving access, innovation, and trust for the developer community.

January 23, 2025
Kodem News
Application Security