What Could Be Worse Than the Government’s Approval Rating?

Posted by Sam King in ALL THINGS SECURITY, January 9, 2012 | Comments (3)  

It turns out that the security state of their applications is pretty abysmal too.
But first, let’s take a look at what the Government’s report card looks like for their job rating. Gallup has asked Americans each August since 2001 to indicate whether they have positive or negative views of a list of business and industry sectors. The 2011 update is from Gallup’s Aug. 11-14 survey.

The federal government has been near the bottom of the list in this survey in previous years, but is at the absolute bottom this …

» Read the blog post in full here

Veracode Named a Visionary in Gartner DAST Magic Quadrant Published in December 2011

Posted by Sam King in ALL THINGS SECURITY, January 5, 2012 | Comments (0)  

New Gartner research has positioned Veracode in the Visionaries quadrant for Dynamic Application Security Testing (DAST) solutions. Gartner’s DAST Magic Quadrant report was published on December 28, 2011 and is now available to all Gartner research subscribers.

An an independent provider of IT and research advice, Gartner’s research analyzes the evolution of the dynamic application security testing market and evaluates vendors according to their business and technology vision, as well as their ability to execute against that vision in their products and services.

As readers may be aware, Veracode is in the process of transitioning our …

» Read the blog post in full here

Vulnerability Response Done Right

Posted by Chris Eng in RESEARCH, January 5, 2012 | Comments (3)  

Here’s a feel good story to start the new year.

Just before the holidays, we detected a cross-site scripting (XSS) vulnerability while running a web application scan for one of our customers. Nothing special about that; we detect thousands of these things every week. But as we discussed this particular finding, we noticed that the layout of the website looked… familiar. As it turned out, the discussion forum where we found the XSS was a SaaS-based product called Lithium.

From Lithium’s website: “The world’s most innovative companies such as AT&T, Barnes & Noble, Best Buy, Sephora, Univision, Home Depot, and HP …

» Read the blog post in full here

Mobile Security – Android vs. iOS

Posted by Niru Raghavan in INFOGRAPHICS, January 4, 2012 | Comments (13)  

With the dominance of iOS and the rising popularity of Android devices in the mobile marketplace, the security of these devices is a growing concern and focus for smartphone users. This infographic examines the security features of Android and iOS, and also takes a look at their strengths and weaknesses.

Android vs iOS infographic

Veracode Security Guides

CSRF
XSS
SQL Injection
Data Security Resources

Data Privacy
Data Loss Prevention
Data Breach

» Read the blog post in full here

Powered by WordPress