Kodem | Resources

When o3 found a Zero-Day

The Beginning of AI-Native Security Research

May 28, 2025

Exploit Trigger Detection: A new frontier in Application Protection

Application Detection and Response (ADR) technologies are essential for identifying and mitigating runtime attacks. Yet, many existing approaches struggle to detect nuanced, logic-based vulnerabilities effectively.

May 27, 2025

Navigating 2025 Secure SDLC Regulations

Understanding domestic and international regulatory landscapes is crucial to ensuring compliance and enhancing security postures. This blog post explores key software security mandates worldwide, including those from the United States, European Union, and Asia-Pacific, providing a comprehensive guide on navigating these complex regulations for a secure software development lifecycle.

May 23, 2025

So Our CTO Is Making Us Move to Cursor… Next Week…

By someone who used to review every PR, and now reviews AI-generated diffs. Software development is about to look very different.

May 15, 2025

Kodem’s Approach to ADR: Rethinking Application Detection & Response

Application Detection and Response (ADR) is emerging as the next evolution in application security, aiming to catch and stop attacks from within the application itself at runtime. Recent incidents like the Next.js middleware vulnerability CVE-2025-29927 – an authentication bypass triggered by a single HTTP header – underscore why traditional approaches often fall short.

May 14, 2025

Toward a Unified Application Data Model for Agentic AppSec

Kodem unified data model allows reasoning about “what’s happening” in the app—at every layer, in every stage—at once.

April 21, 2025

Agentic Red Teams Are Here: Autonomous Vulnerability Discovery Ushers in a New Security Paradigm

Agentic red teams, AI-powered multi-agent systems capable of offensive security testing, have arrived as a timely and necessary innovation to fill this critical gap in the cybersecurity landscape.

April 1, 2025

Deep Runtime Evidence & Function-Level Visibility

Pinpoint real exposure with Kodem’s unique approach, as seen in real-world example of CVE-2025-29927 in Next.js.

March 27, 2025

Vulnerability Alert: CVE-2025-29927: Next.js Middleware Authorization Bypass

The Next.js team disclosed – CVE-2025-29927 vulnerability – that allows attackers to bypass authorization checks implemented in Next.js Middleware by manipulating the x-middleware-subrequest header.

March 24, 2025

Vulnerability Alert: Remote Code Execution vulnerability CVE-2025-24813

Remote Code Execution CVE-2025-24813 vulnerability - See how Kodem runtime SCA and ADR can identify and block these attacks without specific CVE signatures

March 19, 2025