Application attacks are on the rise. According to F5’s The State of the State of Application Exploits in Security Incidents, 56% of the largest incidents in the last five years tie back to web app security issues. With the constant evolution of security “best practices,” it can feel near impossible to maintain the best security posture for all of your apps. Maintaining the agility to simultaneously pursue new customer-facing apps and opportunities only adds to this complexity. To that end, we’re excited to announce several enhancements to our OpenID Connect and SAML apps to help you improve your overall app security posture. These new and upcoming security enhancements for apps enable you to Achieve zero downtime for apps: support for overlapping client secrets allow for seamless client-secret rotation. Increase security posture: support for Private Key JWT, PKCE verification, signed request objects, and per-app SAML certificates allow for security best.