LambdaTest announced the launch of the HyperExecute MCP Server, an enhancement to its AI-native test orchestration platform, HyperExecute.
Apiiro introduced Risk Detection at Design Phase, a new, AI-driven capability that automatically analyzes feature requests to identify risks and proactively initiate security reviews or threat models at the earliest stage of the application development lifecycle.
With this new capability, application security (AppSec) practitioners can now scale their secure software development lifecycle (SSDLC) processes by mitigating security and compliance risks before a single line of code is written.
Apiiro customers can proactively address security, data privacy, infrastructure, compliance, and other risks at the onset of development, saving significant time and costs while minimizing rework and accelerating secure software delivery.
Apiiro’s detection of risky feature requests is built on cutting-edge AI technology, including Apiiro’s native private LLM. This model, not accessible by ChatGPT or any other public LLM services, ensures customer privacy and compliance by automatically analyzing feature requests and proactively identifying potential risks associated with:
- Architecture design and security controls: requests for changes in APIs, network, databases, web servers, web clients, logging, serialization and other component configurations, architecture designs, and deployment of new or changed components.
- Sensitive data handling: storing and/or processing sensitive information like PII, PHI payment data fields as part of the application data flow, changing encryption mechanisms, data migrations, writing sensitive data to logs, and using sensitive data as an API return type.
- User permissions and access management: user authentication and authorization, login or registration processes, and changing user permissions.
- Generative AI technology: adding or changing generative AI tools, frameworks, technologies, and the data that is exposed to them.
- Third-party integrations, and open source dependencies: changing or adding open source dependencies and integrations with third-party services.
For each risky feature request, enriched by the code architecture generated by its Deep Code Analysis (DCA) technology, Apiiro’s native private LLM model automatically generates contextual questions for a security review and produces threat stories using the STRIDE model. This automation eliminates the need for manual security processes, accelerating development velocity and deployment of secure code to the cloud, ultimately driving business growth. In addition, Apiiro enhances design risk context by automatically mapping to specific code commits, repositories, and pull requests, providing deeper insight into how potential risks may manifest in the actual codebase.
“Amidst the ever-changing complexity of modern software development processes and application architectures, Apiiro is committed to delivering complete risk-based visibility and protection from design to runtime,” said Moti Gindi, chief product officer at Apiiro. “Building secure software starts with secure design, and the new AI-Driven Risk Detection at Design Phase from Apiiro takes the ‘shift left’ approach a step further, addressing risks even before a single line of code is written. This first-of-its-kind functionality leverages the power of AI to ensure customers have the context required to facilitate efficient security reviews and evolve from a reactive to a proactive approach to application security.”
Industry News
Cloudflare announced Workers VPC and Workers VPC Private Link, new solutions that enable developers to build secure, global cross-cloud applications on Cloudflare Workers.
Nutrient announced a significant expansion of its cloud-based services, as well as a series of updates to its SDK products, aimed at enhancing the developer experience by allowing developers to build, scale, and innovate with less friction.
Check Point® Software Technologies Ltd.(link is external) announced that its Infinity Platform has been named the top-ranked AI-powered cyber security platform in the 2025 Miercom Assessment.
Orca Security announced the Orca Bitbucket App, a cloud-native seamless integration for scanning Bitbucket Repositories.
The Live API for Gemini models is now in Preview, enabling developers to start building and testing more robust, scalable applications with significantly higher rate limits.
Backslash Security(link is external) announced significant adoption of the Backslash App Graph, the industry’s first dynamic digital twin for application code.
SmartBear launched API Hub for Test, a new capability within the company’s API Hub, powered by Swagger.
Akamai Technologies introduced App & API Protector Hybrid.
Veracode has been granted a United States patent for its generative artificial intelligence security tool, Veracode Fix.
Zesty announced that its automated Kubernetes optimization platform, Kompass, now includes full pod scaling capabilities, with the addition of Vertical Pod Autoscaler (VPA) alongside the existing Horizontal Pod Autoscaler (HPA).
Check Point® Software Technologies Ltd.(link is external) has emerged as a leading player in Attack Surface Management (ASM) with its acquisition of Cyberint, as highlighted in the recent GigaOm Radar report.
GitHub announced the general availability of security campaigns with Copilot Autofix to help security and developer teams rapidly reduce security debt across their entire codebase.
DX and Spotify announced a partnership to help engineering organizations achieve higher returns on investment and business impact from their Spotify Portal for Backstage implementation.
Appfire announced its launch of the Appfire Cloud Advantage Alliance.