Back to updates

Vulnerability Management - 1

2026 (1)

January (1)

security: Case study: Securing AI application supply chains

Microsoft Security Blog

2026-01-30

The article argues that securing AI-powered applications requires a holistic supply-chain approach beyond protecting prompts, including monitoring frameworks, SDKs, and orchestration layers, plus enforcing strong runtime controls so security teams can detect, respond to, and remediate risks before exploitation.

2025 (2)

December (1)

github: Code scanning alert assignees are now generally available

GitHub

2025-12-16

GitHub has made code scanning alert assignees generally available. Teams can now assign individual code scanning alerts to specific people to create clear ownership and improve tracking and remediation of security vulnerabilities.

September (1)

github: Dependabot alerts now support production context prioritization in public preview

GitHub

2025-09-10

GitHub Dependabot alerts can now use production context from external artifact registries (for example, JFrog Artifactory) and CI/CD workflows to filter and prioritize alerts. The capability is available as a public preview, letting teams focus remediation on vulnerabilities that affect production artifacts and deployments.