No Result
View All Result
  • Login
Monday, July 13, 2026
theadvisertimes.com
  • Home
  • Business
  • Financial Planning
  • Personal Finance
  • Investing
  • Money
  • Economy
  • Markets
  • Stocks
  • Trading
  • Home
  • Business
  • Financial Planning
  • Personal Finance
  • Investing
  • Money
  • Economy
  • Markets
  • Stocks
  • Trading
No Result
View All Result
theadvisertimes.com
No Result
View All Result
Home Market Analysis

Why AppSec Needs A New Operating Model

by theadvisertimes.com
3 months ago
in Market Analysis
Reading Time: 4 mins read
A A
0
Why AppSec Needs A New Operating Model
Share on FacebookShare on TwitterShare on LInkedIn


Application security testing (AST) has reached an inflection point. The market is crowded, capabilities overlap, and detection alone is no longer a source of durable differentiation. DevOps platforms embed security features; cloud-native application protection platform vendors continue to push left; application security posture management specialists offer open-source scanning technologies; and AI frontier labs such as Anthropic and OpenAI experiment with new approaches to code security. The result is a noisy ecosystem where most tools can find issues but far fewer can reliably tell teams which ones matter and how to fix them.

Detection is becoming commoditized; context is not.Static application security testing, dynamic application security testing, software composition analysis, secrets scanning, infrastructure-as-code scanning, and container image scanning are table stakes. What separates leaders from laggards is the ability to correlate findings with real world context: exploitability, reachability, runtime exposure, and business impact. Buyers increasingly expect security tools to identify which vulnerabilities are actually exploitable in production and to produce fixes that developers can trust. This shift explains why prioritization, validation, and remediation are now the battlegrounds of application security.
LLMs are reshaping how security tools reason about risk.Large language models excel at correlating disparate data sources such as code repositories, dependency heuristics, security scanners, runtime signals, and workflows, into coherent insights. Applied well, this enables lower false positives, more actionable findings, and remediation that reflects how software is actually built and deployed. New entrants can leverage these strengths to address long-standing criticisms of legacy AST approaches but typically are not replicating their depth or breadth of coverage. The value is no longer in how much you detect but in how well you understand and act on what you detect.
Software development itself is becoming agentic, generating insecure code at scale.AI coding assistants, autonomous coding agents, and AI driven workflows are moving from experimentation to daily use. These systems generate code, select dependencies, modify infrastructure, and execute instructions at machine speed. But AI coding agents commonly ship unauthenticated or improperly authorized endpoints, trust client-supplied data for security critical decisions (e.g., prices, roles, state), and omit basic controls such as input validation, rate limiting, and server-side checks, resulting in code that works functionally but is exploitable by default. They also frequently reuse insecure patterns (string-built queries, unsafe file handling, eval/exec) because they optimize for correctness and brevity, not risk.

Traditional application security (AppSec) models designed for human-paced development and discrete scanning stages are poorly suited to this reality. Securing agentic development requires controls that operate continuously, reason autonomously, and intervene in real time.

Introducing Agentic Development Security (ADS)

ADS is not a single product category or a rebranding of existing tools. It is a new security paradigm focused on protecting AI-powered software development end to end. ADS spans prevention, detection, prioritization, and remediation while providing continuous intelligence across code, dependencies, workflows, and running applications. Crucially, it treats security decisions as autonomous, policy-driven actions, not just alerts handed to overburdened teams.

ADS platforms must identify and mitigate application layer risks unique to AI-driven applications. This includes detecting classes of flaws outlined in the OWASP Top 10 for Large Language Model Applications such as prompt injection, unsafe output handling, excessive agency, and missing controls across both development and runtime contexts. As agentic applications mature, this capability will need to extend beyond single-model interactions to analyze multiagent workflows, tool invocation chains, autonomous decision paths, and policy enforcement gaps. The goal is not just model safety but assurance that AI-powered applications behave predictably, securely, and within intended operational boundaries.

Core ADS Capabilities Cluster Around A Few Themes

Rather than isolated tools, ADS platforms combine multiple intelligence and control layers that will continue to evolve:

AI-driven code and dependency analysis that goes beyond pattern matching to assess exploitability, logic flaws, and real risk in context
Guardrails for AI-assisted coding that guide agents and developers toward secure outcomes and prevent unsafe instructions from executing
Intelligent triage and prioritization that continuously ranks findings based on exposure and business impact
Automated remediation for both code and dependencies, producing validated fixes that preserve functionality
Dynamic testing of live applications and APIs that adapts to application behavior and modern architectures to detect OWASP Top 10 for LLM Applications flaws
Policy-driven software development lifecycle quality gates enforced by autonomous agents rather than manual review
Supply chain and toolchain protection, including AI coding agents, extensions, Model Context Protocol servers, agent skills, pipelines, and artifacts
Governance, reporting, and risk analytics that provide durable insight over time, not just point-in-time results

Today, no single vendor delivers the full ADS vision.Some vendors excel at analysis of the code, others at the analysis of the supply chain, others at runtime intelligence or governance. What’s missing is a unified operating model that treats security as an autonomous, continuous function aligned to agentic development. This fragmentation is not surprising; the paradigm is still forming, but it creates both risk and opportunity for buyers and vendors alike.

Forrester will evaluate this emerging space.Our upcoming agentic development security landscape report and Forrester Wave™ evaluation will identify the vendors pushing the market forward, clarify how capabilities align to this new model, and help security and development leaders understand where today’s tools fall short — and where they lead.

As development becomes agentic, security must do the same. Incremental improvements to legacy AppSec will not be enough. If you’re evaluating how AI coding agents change your application security strategy, creating AI applications, or want to understand which vendors are shaping agentic development security, watch for Forrester’s upcoming ADS landscape and Wave and reassess whether your current AppSec model is built for an agentic future — or schedule a meeting with me.



Source link

Tags: AppSecmodeloperating
ShareTweetShare
Previous Post

Cheesy Potato Soup and Bread Machine Dinner Rolls ($10 Family Dinner Idea)

Next Post

Medicare Advantage Prior‑Authorization Denials Jumped 56% — New April Rules Aim to Fix It

Related Posts

Oil Field Chemicals Market: Sustainable Solutions & Emerging Technologies

Oil Field Chemicals Market: Sustainable Solutions & Emerging Technologies

by theadvisertimes.com
July 13, 2026
0

The Oil Field Chemicals Market is witnessing steady expansion as oil and gas producers prioritize operational efficiency, asset integrity, and...

The Agentic Age Needs A Cognitive Operating Model

The Agentic Age Needs A Cognitive Operating Model

by theadvisertimes.com
July 13, 2026
0

Last October, I published a blog proposing a different mental model for AI agents: Treat them as cognitive skills and products,...

WTI Bulls Vs. Bears: The Next Big Oil Price Move!

WTI Bulls Vs. Bears: The Next Big Oil Price Move!

by theadvisertimes.com
July 13, 2026
0

is trading on the 4-hour timeframe in a recovery phase after rebounding from the $69 low. However, prices continue to...

Overcoming Fear of Channel Conflict to Drive Sales Growth

Overcoming Fear of Channel Conflict to Drive Sales Growth

by theadvisertimes.com
July 12, 2026
0

What if the friction currently stalling your partner relationships is actually the clearest indicator of untapped revenue potential? For many...

Building Trust with Channel Partners: The 2026 Operational Guide

Building Trust with Channel Partners: The 2026 Operational Guide

by theadvisertimes.com
July 11, 2026
0

Did you know that 97% of channel marketing leaders identify driving partner-led pipelines as their top strategic priority for 2026,...

How to Motivate Channel Partners: A Strategic Guide for 2026

How to Motivate Channel Partners: A Strategic Guide for 2026

by theadvisertimes.com
July 10, 2026
0

Partner-sourced deals close 46% faster and have a 53% higher win rate than direct sales, yet many organizations still struggle...

Next Post
Medicare Advantage Prior‑Authorization Denials Jumped 56% — New April Rules Aim to Fix It

Medicare Advantage Prior‑Authorization Denials Jumped 56% — New April Rules Aim to Fix It

I hated small talk for thirty years because I thought it was shallow – until I noticed that every meaningful relationship I’ve ever had started with a conversation about the weather, a shared queue, or a throwaway comment that neither of us expected to lead anywhere

I hated small talk for thirty years because I thought it was shallow – until I noticed that every meaningful relationship I’ve ever had started with a conversation about the weather, a shared queue, or a throwaway comment that neither of us expected to lead anywhere

  • Trending
  • Comments
  • Latest
Should You Offer a Concession to Get Your Apartment Leased Faster?

Should You Offer a Concession to Get Your Apartment Leased Faster?

June 15, 2026
How I Maximize My Sapphire Reserve Dining Credit

How I Maximize My Sapphire Reserve Dining Credit

July 10, 2026
Fourth of July 2026 Freebies and Deals

Fourth of July 2026 Freebies and Deals

July 3, 2026
5 things financial therapists want every advisor to know

5 things financial therapists want every advisor to know

June 26, 2026
The 10 Largest NYC Tech Startup Funding Rounds of June 2026 – AlleyWatch

The 10 Largest NYC Tech Startup Funding Rounds of June 2026 – AlleyWatch

July 6, 2026
Prime Day, June 2026: How Retailers Competed With Amazon

Prime Day, June 2026: How Retailers Competed With Amazon

June 29, 2026
US stocks today: US stocks end lower as Iran tensions dampen risk appetite; chipmakers drop

US stocks today: US stocks end lower as Iran tensions dampen risk appetite; chipmakers drop

0
Bolivia Considers Recognizing USDT for Payments Amid Dollar Shortage

Bolivia Considers Recognizing USDT for Payments Amid Dollar Shortage

0
How Outdated EBT Cards Are Fueling a Surge in SNAP Benefit Theft

How Outdated EBT Cards Are Fueling a Surge in SNAP Benefit Theft

0
Will the Trump Admin Buy Into OpenAI & Save Softbank?

Will the Trump Admin Buy Into OpenAI & Save Softbank?

0
Waller says Fed shouldn’t ‘fight the last war’ on inflation but warns hikes still possible

Waller says Fed shouldn’t ‘fight the last war’ on inflation but warns hikes still possible

0
Exclusive: Delaware Secretary of State partners with Norm Ai to propose the AIC, a legal entity for agents

Exclusive: Delaware Secretary of State partners with Norm Ai to propose the AIC, a legal entity for agents

0
How Outdated EBT Cards Are Fueling a Surge in SNAP Benefit Theft

How Outdated EBT Cards Are Fueling a Surge in SNAP Benefit Theft

July 13, 2026
US stocks today: US stocks end lower as Iran tensions dampen risk appetite; chipmakers drop

US stocks today: US stocks end lower as Iran tensions dampen risk appetite; chipmakers drop

July 13, 2026
Waller says Fed shouldn’t ‘fight the last war’ on inflation but warns hikes still possible

Waller says Fed shouldn’t ‘fight the last war’ on inflation but warns hikes still possible

July 13, 2026
Exclusive: Delaware Secretary of State partners with Norm Ai to propose the AIC, a legal entity for agents

Exclusive: Delaware Secretary of State partners with Norm Ai to propose the AIC, a legal entity for agents

July 13, 2026
Will the Trump Admin Buy Into OpenAI & Save Softbank?

Will the Trump Admin Buy Into OpenAI & Save Softbank?

July 13, 2026
Bolivia Considers Recognizing USDT for Payments Amid Dollar Shortage

Bolivia Considers Recognizing USDT for Payments Amid Dollar Shortage

July 13, 2026
theadvisertimes.com

Get the latest news and follow the coverage of Business & Financial News, Stock Market Updates, Analysis, and more from the trusted sources.

CATEGORIES

  • Business
  • Cryptocurrency
  • Economy
  • Financial Planning
  • Investing
  • Market Analysis
  • Markets
  • Money
  • Personal Finance
  • Startups
  • Stock Market
  • Trading

LATEST UPDATES

  • How Outdated EBT Cards Are Fueling a Surge in SNAP Benefit Theft
  • US stocks today: US stocks end lower as Iran tensions dampen risk appetite; chipmakers drop
  • Waller says Fed shouldn’t ‘fight the last war’ on inflation but warns hikes still possible
  • Our Great Privacy Policy
  • Terms of Use, Legal Notices & Disclosures
  • About Us
  • Contact Us

© Copyright 2024 All Rights Reserved
See articles for original source and related links to external sites.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Home
  • Business
  • Financial Planning
  • Personal Finance
  • Investing
  • Money
  • Economy
  • Markets
  • Stocks
  • Trading

© Copyright 2024 All Rights Reserved
See articles for original source and related links to external sites.