How Rapyd Used Kodem to Shift from Volume to Impact
Rapyd, a global fintech platform operating in over 100 countries, partnered with Kodem to modernize its application security program. Faced with mounting vulnerabilities and a shortage of specialized AppSec talent, Rapyd needed more than another scanner—it needed a platform that could think like an expert. Kodem delivered measurable reductions in triage time, rework, and risk exposure by focusing on what attackers can actually exploit.
Vulnerability Alert: CVE-2025-25257: Pre-Auth SQL Injection to Full RCE in Fortinet FortiWeb Fabric Connector
CVE-2025-25257 is a critical vulnerability in Fortinet FortiWeb Fabric Connector. It allows unauthenticated SQL injection, which attackers escalate into remote code execution (RCE) on affected appliances.
Vulnerability Alert: CVE-2025-47812: Wing FTP Server Remote Code Execution Vulnerability (Null Byte Injection)
CVE-2025-47812 is a critical vulnerability affecting Wing FTP Server versions prior to 7.4.4. This severe security flaw enables unauthenticated attackers to execute arbitrary code remotely (RCE) by exploiting inadequate validation of input containing null bytes (%00) in the authentication process
EPSS vs. Exploitability: Why Probability ≠ Risk in Your Environment
The Exploit Prediction Scoring System (EPSS) is a data-driven model that predicts the likelihood a given software vulnerability will be exploited in the wild.
Multi-Agent Architectures: The Next Leap in Application Security
Most security tools today, static analyzers, fuzzers, even single-agent LLMs, struggle to find complex, multi-step vulnerabilities. But the emerging model of multi-agent collaboration can fundamentally transform vulnerability discovery. Argusee’s recent results are just a glimpse of what's possible.
Exploit Trigger Detection: A new frontier in Application Protection
Application Detection and Response (ADR) technologies are essential for identifying and mitigating runtime attacks. Yet, many existing approaches struggle to detect nuanced, logic-based vulnerabilities effectively.
Navigating 2025 Secure SDLC Regulations
Understanding domestic and international regulatory landscapes is crucial to ensuring compliance and enhancing security postures. This blog post explores key software security mandates worldwide, including those from the United States, European Union, and Asia-Pacific, providing a comprehensive guide on navigating these complex regulations for a secure software development lifecycle.
Kodem’s Approach to ADR: Rethinking Application Detection & Response
Application Detection and Response (ADR) is emerging as the next evolution in application security, aiming to catch and stop attacks from within the application itself at runtime. Recent incidents like the Next.js middleware vulnerability CVE-2025-29927 – an authentication bypass triggered by a single HTTP header – underscore why traditional approaches often fall short.
.png)
May 2025 Edition of Kodem Kernels
Product enhancements that empower entire teams to simplify their application security processes, prioritize issues based on impact and remediate vulnerabilities more precision.
Agentic Red Teams Are Here: Autonomous Vulnerability Discovery Ushers in a New Security Paradigm
Agentic red teams, AI-powered multi-agent systems capable of offensive security testing, have arrived as a timely and necessary innovation to fill this critical gap in the cybersecurity landscape.
.png)