One of the great things about the Veracode platform is the insight we get from examining our anonymized customer data – not only information about the vulnerability landscape (as published in the State of Software Security report) but insight into the composition of the applications that we scan. As I alluded in my last post, one of the things we record when scanning applications is the presence of frameworks and other supporting technologies, and we’ve been at work mining that data to understand what developers use to …

Happy Friday everybody, and welcome to another installment of our Weekly News Roundup. It certainly was another busy week in the application security world, with several cyber attacks, new regulations, and updated security measures making headlines. Veracode’s Marketing team rounded up some interesting articles on some of the biggest topics of the week. Give them a read and enjoy.

1. New Data Protection Laws: “EU to Propose New Data Breach, Privacy Regulations” by Brian Prince (@threatpost). Over the weekend the European Union announced that they would soon be proposing new laws that …

In continuation of yesterday’s piece on Chris Wysopal’s discussion with cyber-security guru Richard Clarke, this second installment focuses on questions asked by webinar participants in the live webcast. Remember, you can always download and view the recorded versions of our webinars here.

Q: Are you concerned about the merge to electronic healthcare records?

RC: Yes – part of the healthcare reform package has requirements that accelerate the reliance on electronic file records in medicine. There’s some real incentives in the bill that force the industry into doing it relatively quickly. The …

Following a dramatic increase in the number and severity of breaches in 2011, Chris Wysopal and internationally-renowned cyber security expert Richard Clarke discuss the changing cyber threat environment, the evolving cyber legislation landscape, and steps you can take to strengthen your organization’s resilience to the current threat environment while complying with evolving regulations.

This well-attended webinar generated a huge volume of questions from attendees, so we’ve decided to cut it into two parts. Stay tuned for the second segment tomorrow, but in the mean time, be sure to download and view …

In case you haven’t heard, Veracode has been nominated for two awards at the 2012 Social Security Blogger Awards: Best Corporate Security Blog and Single Best Blog Post or Podcast of the Year. Let me first say that we are absolutely thrilled to be nominated for these awards and are honored to be listed amongst so many other great blogs. We are asking that readers take a minute to show their support and vote for our blog here. It should be noted that you need to be a security blogger to cast a vote.

Many of the …

You don’t need me to point you to stories such as this New York Times article that reported on data from Flurry, a mobile analytics firm to convince you that mobile app usage is growing exponentially. 25B downloads at the end of 2011, a 300% increase year over year. I mean Angry Birds Rio was on the Christmas list for my 6 and 3 year olds – even Santa is not immune from this demand!

It is for this reason that we chose to include statistics from Android apps in our recently …

What a busy week for the internet! With topics from attacks and hacks to protests, bloggers have been busy covering the most recent news in the cyber security industry, and we are here to wrap it all up. The following are some of this week’s biggest headlines, along with some of the best commentary on them, enjoy!

1. Zappos Attack: “Zappos Breach Notice: Lessons Learned,” by Tom Field (@SecurityEditor). Field interviews a privacy attorney as she provides her analysis and opinion of Zappos’ response. Points of interest include the decision to shut down the customer service phone …

Evan Fromberg, Sr. Director of Channel Sales and Business Development here at Veracode, recently wrote a guest post on Rackspace’s Cloud Blog. In his post, Evan talks about the emergence of a growing need for businesses of all sizes to increase speed to market.

He examines the impact of this trend on the adoption of cloud platforms, and what this means for the security of applications being migrated to the cloud. The post sheds light on some of the vulnerabilities in applications that are becoming more prevalent, and also reveals …

With the entire buzz about SOPA and the highly visible protests from some major sites today like Google, Reddit, Wikipedia and Wired, I’ve been looking for more factual posts on the web regarding this highly controversial topic.

Quick intro to SOPA: Simply put, SOPA (Stop Online Privacy Act) and its companion PIPA (Protect IP Act) are two anti-piracy bills intended to strengthen protections against copyright infringement and IP theft. SOPA battles the menace of piracy and intends to protect content creators by requiring that rogue sites be blocked by ISPs, prevented from …