Striking the Right Balance Between Security and Functionality

eschuman's picture
By Evan Schuman March 23, 2017  | Security News

Doing security well is hard work, but it should never block useful functionality for your customers. If security interferes with key software capabilities, the security must be tweaked. The answer should never be to abandon the functionality and certainly not to abandon the security. And yet two instances from this month suggest that is exactly what is happening. Let's start with election... READ MORE

What Does an Advanced Application Security Program Look Like?

sciccone's picture
By Suzanne Ciccone March 23, 2017  | Managing AppSec
an advanced application security program

This is the fourth and final entry in a blog series that looks at each stage of an application security program’s maturity and outlines your next steps as you move toward an advanced program. We typically see organizations fall within one of these four stages of application security: Reactive Baseline Expanded Advanced So, what does it look like when you reach the advanced stage? Based on... READ MORE

How to Get Started Using Java Cryptography Securely

msheth's picture
By Mansi Sheth March 17, 2017  | Research

Skip to the tl;dr Cryptography is the backbone of today's information systems. Its applications are all around us: secure email communications, storage of our login credentials, digital cash and mobile payments, to name just a few. Cryptography is one of the most complicated topics in information security, but the good news is we already have well-defined algorithms, implementations and... READ MORE

Your Next Steps if Your AppSec Program Is in the Expanded Stage

sciccone's picture
By Suzanne Ciccone March 16, 2017  | Managing AppSec
Expanded application security program

This is the third entry in a blog series that looks at each stage of an application security program’s maturity and outlines your next steps as you move toward an advanced program. We typically see organizations fall within one of these four stages of application security: Reactive Baseline Expanded (you're here!) Advanced If you are in the expanded application security stage, you... READ MORE

Beyond the Quadrant 2017

jlavery's picture
By Jessica Lavery March 15, 2017  | Managing AppSec
Beyond the magic quadrant - application security testing in 2017 and beyond.

This year’s Gartner Magic Quadrant for Application Security Testing₁ has published, and while many people read the report for the vendor assessments, the authors offered some insight into the overall application security market. In the report, first time AST Magic Quadrant authors Dionisio Zumerle and Ayal Tirosh commented that the “security testing is growing faster than any other... READ MORE

Strange But True Application Security Failures [INFOGRAPHIC]

jzorabedian's picture
By John Zorabedian March 15, 2017  | Security News
Strange application security failures

Mark Twain famously said, "truth is stranger than fiction." I doubt even he could invent the strange events that unfold daily in our newsfeeds. In the realm of cybersecurity, however, breaches and vulnerabilities are becoming so frequent as to be predictable. Nevertheless, some of the most notable breaches of the past year were shocking in their details. Look at the unexpected outcome... READ MORE

How We Were Able to Respond to Struts-Shock for our Customers

jlavery's picture
By Jessica Lavery March 14, 2017  | Security News
Struts-shock Response

The use of open source components in software development increases both the speed of software development as well as risk. Our recent State of Software Security report found that approximately 97 percent of Java applications contained at least one component with a known vulnerability. An open source component with a known vulnerability is an attractive target for cybercriminals. Instead of... READ MORE

A Few of My Lessons Learned Building an AppSec Program

cdomoney's picture
By Colin Domoney March 13, 2017  | Managing AppSec

I recently joined Veracode after spending five years building an application security program from the ground up at a global investment bank. This experience gives me a unique perspective on the struggles and hurdles our customers are facing, and puts me in a position to share my lessons learned and provide helpful information and advice for those starting or managing a growing application... READ MORE

Android App Holes Means You're On Your Own

eschuman's picture
By Evan Schuman March 13, 2017  | Security News

March brought with it yet more news of app security headaches. The latest is the discovery of "132 Android apps on Google Play infected with tiny hidden IFrames that link to malicious domains in their local HTML pages," according to the security firm that made the discovery. But before you dismiss this latest security hole with a yawn and a "so what else is new?," consider... READ MORE

Podcast: Skills You Need to Succeed in the Digital Economy

jlavery's picture
By Jessica Lavery March 13, 2017  | Security News

The growing need for proficient software developers to help power our digital economy has created a skills gap that companies are trying to fill. There are jobs, but there aren’t people with the right skills to fill them. This creates a great opportunity for those looking to switch or just staring their careers. But for what skills are companies looking? What can universities and... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu