SCA stories

Endor Labs unveils AURI, a security intelligence platform embedding reachability-led checks into AI coding assistants and CI/CD pipelines.

Manifest research reveals executives overestimate AI security readiness, as AppSec teams warn of unmanaged tools, blind spots and rising risk.

Security debt hits 82% of organisations as legacy flaws linger over a year, with third-party code driving most critical vulnerabilities.

Ecommpay launches a free fraud guide for online retailers as UK payment fraud hits GBP £1.17 billion and AI-driven scams rapidly escalate.

Rapid AI and cloud adoption is fuelling a new wave of cyber risk, as Tenable warns of exposed software supply chains and “ghost” identities.

ActiveState launches a 79m-component secure open source catalogue to centralise software supply chains and cut enterprise vulnerability risk.

FDATA names Sumsub policy lead Kat Cloud to its board, signalling a sharper focus on identity, fraud and security in North American open finance.

Armis launches AI-native Centrix platform to secure application code, aiming to cut false alarms and safeguard AI-assisted development.

Veracode upgrades its Package Firewall and testing tools to block malicious software packages before they enter development pipelines.

CloudBolt signs a multi-year AWS pact to tighten sales alignment and boost cloud management, FinOps and Kubernetes optimisation tools.

Checkmarx has been named a leader in the IDC MarketScape ASPM 2025 report for its AI-driven, developer-focused application security platform.

Black Duck has launched a GitHub app to automate security scans, helping development teams identify vulnerabilities early and streamline application security.

GitHub has partnered with Endor Labs, integrating advanced security software to help developers swiftly identify and manage critical vulnerabilities within the platform.

Endor Labs has launched AI Model Discovery, a feature helping businesses identify and manage open source AI models, enhancing application security.