Application Security Threat Report for 2024 Released by Digital.ai

Taylor Graham — Wed, 15 May 2024 18:00:33 +0000

Digital.ai unveiled findings from its 2024 Application Security Threat Report, which quantifies and emphasizes the widespread risks facing applications operating beyond corporate firewalls, colloquially termed “in the wild”. The report highlights a surge in application attacks, indicative of cybercriminals exploiting the growing dependence on web, mobile, and desktop applications.

The Application Security Threat report examined data about threats identified from monitoring applications under active protection: the likelihood of an app being attacked rose 8% YoY, with gaming apps and financial services apps facing the highest risk of attack at 76% and 67% respectively. The top reasons for the increase in breached applications:

Tool democratization, like reverse-engineering tools in the hands of hackers
Increased “jailbreaking” has taken root within the community of hackers
The surging use of AI/ML increases the productivity of malware developers

“We’re seeing that the appetite for cybercriminals continues to be insatiable,” said Wing To, General Manager of Intelligent DevOps and Security, Digital.ai. “Threat actors are exploiting AI and low-code technologies to attack a growing number of apps—and benefiting from increased precision. Customer-centric enterprises are prioritizing protective measures for the applications their customers rely on daily.”

2024 also saw a significantly sharper uptick in specialized attacks—attacks that violate an application’s integrity through, for example, a malicious change in application code. The likelihood of an app being run with modified code:

iOS based apps grew from 6% to 20% YoY;
Android based apps grew from 28% to 63% YoY

Specific to mobile applications, both Android and iPhone attacks are surging; Android apps are more likely to be targeted with environmental attacks (94%) than iPhone apps (70%) due to their Open-Source operating system.

The study found no link between the popularity of an app and frequency of attack.

Survey Methodology

Digital.ai has hundreds of application security customers worldwide who protect over 1 billion instances of applications. The data in this report is anonymized and aggregated global customer data collected over a four-week period from February 1 to February 28, 2024. “Risk,” in this case, is measured from the enterprise creating the application’s perspective. In other words, if 100 enterprises create 100 apps and 58 of those apps experience an attack on one or more instances of that app, the report will state that 58% of apps were under attack.

To read the full Application Security Threat 2024 report, visit the website here.

Digital.ai Boosts AI Across the Software Delivery Lifecycle

The post Application Security Threat Report for 2024 Released by Digital.ai appeared first on Digital IT News.

Digital.ai Boosts AI Across the Software Delivery Lifecycle

Taylor Graham — Fri, 21 Jul 2023 13:00:33 +0000

Digital.ai unveiled advancements in AI capabilities across its solutions that provide customers with enhanced software delivery capabilities and insights for better decision making. Digital.ai’s AI-Powered DevSecOps Platform reflects enterprise demand to use AI to improve decision making, help govern and orchestrate the release of software created and optimized by generative AI tools, and automate software delivery workflows further with AI.

Enhanced AI Solutions to Improve Predictive Decision Making
Digital.ai has enhanced each of its Predictive Intelligence solutions to help alleviate static information and lack of insights across the software delivery lifecycle to help predict risk, remove software delivery bottlenecks, and speed up CI/CD pipelines. Enhanced AI-powered intelligence capabilities include:

Flow Acceleration to accelerate DevOps workflows and predict cycle times.
Quality Improvement to prevent defect leakage through early detection and assess code quality effectiveness.
Change Risk Prediction to identify risky changes, reduce change failures, and allow teams to identify and manage risk before production.
Service Management Process Optimization to anticipate future service risks, mitigating risks of major incidents.

“Digital.ai has a rich history of leading AI/ML in software delivery, for more than a decade we have been working with enterprise customers around this topic. We were born from a founding principle to help customers better understand the end-to-end business process of software development and delivery by breaking down data silos and applying analytics, machine learning and artificial intelligence across end-to-end software delivery processes,” said Wing To, General Manager of Intelligent DevOps at Digital.ai. “These new advancements in Digital.ai’s Predictive Intelligence solutions continue to redefine how enterprise teams use the power of AI to boost intelligence to identify bottlenecks, analyze delivery trends and uncover risks.”

Managing the Impact of Generative AI and LLM
While the potential of AI tools like large learning models and code-assist in the software development domain has shown impressive coding productivity enhancements, compliance, security, legal and quality issues remain. Building on a rich history in enabling large enterprises to orchestrate releases across complex DevSecOps delivery practices and infrastructures, Digital.ai helps enterprises manage governance, risk and compliance of code being created or optimized via AI in core areas, including:

Govern Releases and Mitigate Exposure by automating and confirming scans to understand 3rd party IP, security and quality concerns.
Identify Higher Risk Code Changes with automatic scoring methods that identify and rank code changes with a higher risk.
Empower Developers with Self Service and Best Practices through workflow templates built from Industry standards.
Establish Policies and Regulatory Controls to ensure releases address security vulnerabilities and improve performance.

Leveraging AI to Further Automate DevSecOps Workflows
To harness productivity gains from the rapid adoption of AI-assisted software development, Digital.ai is utilizing the power of AI to automate and accelerate software delivery workflows with the upcoming features: Test Creation to simplify editing and creating test cases based on updated or new feature requirements; User Story Generation to automatically turn product descriptions in requirements and user stories; Knowledge Assistance to identify useful information in planning and DevOps repositories, and Threat Insight to inform security experts on recommended changes to protected apps by analyzing historical trends.

“There is little doubt that this next wave of AI has and will continue to change how teams plan, build, test, secure, deliver and monitor software. At Digital.ai, we have been building up for this moment for over a decade,” said Derek Holt, CEO of Digital.ai. “Our DevSecOps Platform has a proven track record in helping the world’s largest enterprise organizations to responsibly leverage AI to deliver software and automate delivery workflows. Today’s announcement regarding the evolution of our market-leading portfolio marks a major milestone in allowing the world’s largest enterprises to leverage AI safely and responsibly.”

Availability
The latest improvements to Predictive Intelligence solutions on Digital.ai’s AI-Powered DevSecOps Platform are generally available today.

Additional information about Digital.ai can be found at the website HERE.

Mendix 10 Prepares Enterprises for Low-Code Composability

The post Digital.ai Boosts AI Across the Software Delivery Lifecycle appeared first on Digital IT News.

Digital.ai – Digital IT News

Application Security Threat Report for 2024 Released by Digital.ai

Digital.ai Boosts AI Across the Software Delivery Lifecycle