Evan Wade

Evan Wade is a professional freelance writer, author, and editor from Indianapolis. His time as a sales consultant with AT&T, combined with his current work as a tech reporter, give him unique insight into the world of mobile/Web security and the steps needed to properly secure software products. Follow him on Twitter.
Posts by Evan Wade

CA Veracode and Mayo Clinic CISOs on Navigating the Ever-Changing Role of the Chief Information Security Officer

September 14, 2015

As technology changes, so do the roles that create and support it. Case in point: the role of the chief information security officer, which has seen so much change that it's almost unrecognizable compared to the duties it served to fill even two years ago. That, in turn, has sparked a serious amount of discussion — one that goes all the way to the heaviest hitters the tech security... READ MORE

The Scalability Challenge, Part Four: Security Regulations, Scaling and Automation

September 2, 2015  | Managing AppSec

If you've read the existing pieces in CA Veracode's "Addressing the Scalability Challenge" series (a collection of blog posts spurred by a whitepaper of the same title), then you know that scaling your security efforts can be a challenge. The threatscape businesses face is larger than ever, and it only grows (read: scales) as organizations find new and exciting ways to implement... READ MORE

CA Veracode Webinar Explains How to Beef Up Vulnerability Disclosure and Breach Response

August 28, 2015  | Managing AppSec

You don't have to be a top-flight security company to understand that breach response and vulnerability disclosure are a huge part of the security process. And you don't need to be a security expert to know that, while they're all very important at a high level, not all actionable flaws are created equal. It's a problem eminent security minds across the industry have spent lots of... READ MORE

Embracing Security Analytics and Automation: The Scalability of Security

August 24, 2015  | Managing AppSec

Depending on your role within an organization, metrics and security analytics can be invaluable benchmarking tools. They can provide ways to improve performance (personal or organizational), as well as paths to more busywork. But whatever you think about them, it's a given that you work with them daily. The statement holds true no matter the size of your company. Tiny companies and... READ MORE

SOS: Security Remediation and the Future of Training

August 19, 2015  | Security News

In some ways, training is one of the most inherently scalable practices a growing business can implement. What's easier than putting a bunch of employees in a conference room or requiring them to sign into a web-based program, after all? In other ways, however, crucial tasks such as coaching and continuing education don't always get the treatment they deserve, especially as an... READ MORE

Breaking Down HIPAA, PCI DSS and Third-Party Risk Management

August 17, 2015  | Managing AppSec

If a problem or process is best served by its own named department, chances are it's pretty important. Take compliance. While your company may or may not employ its own dedicated team of industry regulation experts, there's a good chance some product you build or service you offer brushes up against a set of outside rules — and if not, that the code or infrastructure you hire a third party to... READ MORE

The Scalability Challenge, Part Three: Web App Development and Securing the Perimeter

August 13, 2015  | Managing AppSec

For somewhere that doesn't technically exist, the perimeter can be a pretty scary place. A big place, too, at least for businesses that publish apps and use the Internet as a main tool of their day-to-day operations. Put the two problems together and you have one of the biggest security and web app development challenges facing businesses today. CA Veracode sums up this problem in its "... READ MORE

A Systematic Approach Yields More Benefits Than Just Security Compliance

August 11, 2015  | Intro to AppSec

Regulations, such as those finance and healthcare must adhere to, are put in place to protect people's data. Patients, customers, employees and anyone else whose sensitive information is stored and transmitted generally don't like having it improperly handled. Makes sense, right? While real-world examples vary, and most sets of regulations cover far more than customer data alone, that... READ MORE

To Effectively Secure the Perimeter, Knowing Where Your Apps Stand and Using Automation Is Essential

August 10, 2015  | Intro to AppSec

In the software world, a lot of problems comprise two segments: the why, and the how. Usually, it's the how that gets results. Take the increasingly important practice of perimeter management. Sure, we all know why it's important to secure the perimeter, so to speak, by keeping our sites, apps and so on locked down, but knowing how to keep them airtight is what really matters. So, what... READ MORE

Prevent SQL Injection With Systematic Security

August 5, 2015

SQL injection is serious business — and your efforts to prevent SQL injection should be, too. Emphasis on prevent. While reactive measures are obviously crucial when breaches occur, a proactive approach is also necessary when you encounter an attack as varied as injection. While you can never completely rule out an attack with so many creative applications, giving attackers as little... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu