Kodem

Discover the Risks in the Top Five Open-Source AI Libraries Get the results from the analysis we did on top five AI libraries on GitHub for: reachability, exploitability, fixability, and initial access potential. Read blog 👉 https://hubs.la/Q02WbS2l0 This analysis is designed to insights into securing AI infrastructure and understanding how these vulnerabilities might be leveraged in real-world environments. #github #developer #jira

Finally 😊 Remediation Guidance for Transitive Dependencies! An area most legacy SCA tools can’t handle! Kodem goes beyond direct vulnerabilities, providing actionable remediation guidance for transitive dependencies and upstream dependencies. Check it out... read blog ▶️▶️ https://hubs.la/Q02W8yx70 Both transitive dependencies and upstream dependencies are flagged and include actionable advice, so your builds are as secure as possible without hidden risks. #aws #engineering

Breaking the Code Scanning Echo Chamber 🔨 Many organizations are stuck in a cycle of endless vulnerability alerts from legacy SAST and SCA tools, without the crucial runtime context. This leads to wasted resources and missed critical threats. To stay ahead, security teams must understand how attackers really think: they target exposed surfaces, chain vulnerabilities together , and use advanced techniques to evade defenses. 🔑 The key? Mapping the attack chain from entry points to lateral movement. Learn about attack chain methodology ⛓️ https://hubs.la/Q02VzJnf0 #devops #sql #sre

🔔 87 critical apps 🔎11 scanned 😫 0 vulnerabilities fixed This is what we heard from a customer before they invested in Kodem. We understand the challenges posed by noisy SCA and SAST. At Kodem, we empathize with your frustrations and offer a solution. See how we do it >> https://hubs.la/Q02VpNSB0 Kodem's Runtime-powered SCA and SAST eliminate unnecessary noise, providing a fast, best-in-class accuracy set of findings. Here’s how: 🌟 Real Risk at Runtime: Pinpoints vulnerabilities in compiled and running code, providing accurate risk assessments for actionable results. 1️⃣2️⃣3️⃣ Prioritized Remediation: 1. Line of code: Pinpoints the specific line of code requiring attention. 2. Best place to fix: Identifies the optimal location for fixes to maximize the number of vulnerabilities resolved 😊 Self-service Resolution: Tailored advice for the application's components, dependencies, and owners.: 1. Owner identification: Automatically identifies the owner of the vulnerability 2. Generated code samples that are context-aware 3. Ticket system integration: Automatically generates and delivers tickets in the engineering team’s ticketing system of choice #appsec #secops #cloudnative

Is it true? You can have your cake and eat it too, even in AppSec? Join a lively discussion with de-FUD podcast hosts Nancy Wang Venture Partner, Felicis, and Ashish Popli, RiskEyeQue as they chat with Aviv Mussinger about cloud security, the right way to shift left... and cake 😀 Here's Nancy's summary of the discussion: 🎂 Having your cake Pinpointing only the vulnerabilities that are actively exploitable in your application 🍴 Eating it too Catching them during application development time - no need to wait for your app to re-deploy See a live demo of Kodem’s unique features, such as vulnerability chaining and context-aware remediation, aimed at enhancing security by shifting left and empowering developers. Learn about the importance of dynamic runtime intelligence, #AI-driven vulnerability management, and the collaborative effort required to push the boundaries of cloud security. We'll show you how to cut the noise in AppSec and also walk you through a LIVE demo of the Kodem platform 👀 Watch Interview 👀 https://hubs.la/Q02VB2j20 Podcast👂 https://hubs.la/Q02VB6WK0 #github #kubernetes

😎 What an amazing day at the 25th Annual UNC Charlotte Cybersecurity Symposium! One of the standout moments was Roy Talyosef's and Mahesh Babu's presentation to a full house, where they spoke on the subject of: Adversarial Intelligence: Redefining Application Security Through the Eyes of an Attacker. The booth was buzzing with energy as the Kodem team engaged with attendees, fielding questions about our innovative attack chain analysis and cutting-edge runtime intelligence. Thanks to the University of North Carolina at Charlotte for extending the invitation. We look forward to coming again.

Last chance to register - Food & Fun in Austin Enjoy an evening of food and fun while you discuss the latest application and product security trends with fellow Lonestar Application Security Conference (LASCON) attendees and security pros. Register 🌮https://hubs.la/Q02VnRGZ0 Thursday, October 24 7 to 10 PM The Perishing, 2415 E 5th St. Austin This is where security meets savory in an epic evening of innovation and indulgence. Listen to some great music, get down on the dance floor if you choose, challenge your new connections in the vintage arcade, and take part in an attempt to devour 500 empanadas before the night ends! You'll have a chance to the meet the Kodem team and a bunch of your peers! Mahesh Babu, Blake Dorsett, Chris Jones, Dennis V., Roy Talyosef, Christine Carrig. Don't miss out on this unique blend of security, entertainment, and culinary adventure! Limited space and the guest list is restricted to the first 100 people who respond. #cloudsecurity #devopsengineer #kubernetes

What does 'having your cake and eating it too' really mean for AppSec? 🍰 🎂 Having your cake: Pinpointing only the vulnerabilities that are actively exploitable in your application 🍽 Eating it too: Catching them during application development time - no need to wait for your app to re-deploy Join Ashish Popli and me on the de-FUD podcast as we chat with Aviv Mussinger, CEO behind Kodem Security. We'll show you how to cut the noise in AppSec and also walk you through a LIVE demo of the Kodem platform 👀 Want to see how it works? 🤓 Catch the episode here 👇 YouTube https://lnkd.in/g_p6GhH3 Spotify https://lnkd.in/grJ_hr8m #appsec #vulnerabilitymgmt #securebydesign #devsecops

Key benefit of an eBPF sensor 🐝 Functionality is loaded and executed at runtime without the need for a system reboot! Learn more in our brief 🐝 https://hubs.la/Q02VcD5Z0 If you want to write code that watches what’s going on at the kernel level, the best way to do that is with eBPF. 👉 eBPF programs run in a sandbox at the kernel level allowing Kodem access to system events while the sandbox prevents our code from doing anything that might have a negative impact on the system. 👉 eBPF programs can be loaded and executed at runtime without rebooting the system, allowing you to extend the behavior of the system at runtime. 👉 eBPF is very lightweight; Kodem’s solution uses a negligible percentage of an application’s resources, typically taking no more than 0.1% of CPU. Learn more about the benefits of eBPF and runtime intelligence >> https://hubs.la/Q02VcD5Z0 #codesec #linux #nodejs

Use Your Google Cloud credits and get Kodem’s powerful runtime security platform up and running in no time! Video: See how Kodem works with Google Cloud 👉 https://hubs.la/Q02TlwZ-0 With Kodem’s integration into Google Cloud, we actively scan, analyze, and respond to threats in real-time—across all clouds and every stage of the development lifecycle. Our platform enhances security with seamless integrations like Google Kubernetes Engine and Google Container Registry, ensuring your source code, libraries, container images, and clusters are protected from vulnerabilities and misconfigurations. Google Cloud Marketplace 👉 https://hubs.la/Q02Tlp-T0 Secure your applications without slowing down your development teams! #googlecloud #GoogleCloudPartners #docker