Jessica Lavery

Jessica is part of the content team at Veracode. In this role she strives to create and promote content that will engage, educate and inspire security professionals around the topic of application security. Jessica’s involvement with the security industry goes back more than a decade at companies like Astaro, and Sophos where she held roles in corporate communication and marketing.
Posts by Jessica Lavery

DevOps Connect: Rugged DevOps Seminar – Make Code Not War

March 1, 2016  | Security News

On Monday, the RSA Conference featured a full-day DevOps Connect Seminar. In order to attend some of the other sessions, I had to pop in and out of the seminar, so I wasn’t able to see the entire agenda. However, the portions I was able to attend seemed a little like déjà vu, as I imagine they would for anyone from Veracode. One of the main topics in the opening remarks was that DevOps and... READ MORE

How to Explain Cybersecurity to the Board Using a Simple Metaphor: FIRE

March 1, 2016  | Security News

All the high-profile breaches of the past few years have put more attention on cybersecurity than ever before. As a result, what was once, at best, a bullet point during board meetings is now a topic the board is eager to understand better. This increased attention is great, but many security leaders aren’t used to this level of scrutiny from the board, so they aren’t sure how to talk... READ MORE

Recap: RSA Conference 2016

March 1, 2016  | Security News

Acting as one of Veracode’s content producers has its perks. One of those perks is being able to attend RSA and having the privilege of sitting in as many sessions as I can fit into a day. Yesterday was the first day of the RSA Conference, and the area around the Moscone Center was already bustling. I attended a variety of sessions, and there was one common thread among all the presentations –... READ MORE

Combatting the Top Four Sources of Vulnerabilities

February 18, 2016  | Managing AppSec

In the past I’ve asked “Why Appsec?” and then answered my own question – “Because Application-Layer Breaches ARE Damaging Businesses”. We are seeing more breaches due to application layer attacks than ever before – according to research done by the Department of Homeland security, 90 percent of security incidents are the result of exploits against... READ MORE

Why you need an AppSec Quick Win

February 18, 2016  | Managing AppSec

web-apps-perimeter.png Application security does not get the attention it deserves. So, when you finally get the green light to start an application security program, the first thing you should be thinking is “how do I make sure my boss and other stakeholders recognize our successes so I can expand the program”. And when a business invests in something as complex as... READ MORE

glibc – This Will Not Be the Last Open Source Component Vulnerability We See

February 17, 2016  | Security News

46610717_ml.jpg On Tuesday, February 16th, Google researchers issued a vulnerability disclosure for glibc (CVE-2015-7547). Though the media has dubbed this an “extremely severe bug,” it seems the majority of news articles and responses to this disclosure have been both measured and appropriate. This is surprising since the media typically hypes branded vulnerabilities,... READ MORE

Where do vulnerabilities come from?

February 11, 2016  | Intro to AppSec

I’ll tell you one thing, it isn’t the stork! It’s not the explicit fault of the developers either. Vulnerabilities come from a combination of insecure coding practices, an ever-shifting threat landscape, the use of vulnerable components and code and idiosyncrasies of programming languages. And despite the growing reliance on and risks related to software, these problems persist... READ MORE

What Is Application Security?

January 20, 2016  | Intro to AppSec

what-is-application-security-veracode-1.jpg The past few years have seen a tremendous increase in the number and severity of successful attacks aimed at the application layer. In fact, recent studies indicate that attacks on the application layer are growing by more than 25 percent annually (Akamai Q3 2015 State of the Internet - Security Report). The news headlines are filled with... READ MORE

Why Doesn’t Application Security Get Enough Attention?

January 19, 2016  | Intro to AppSec

39760934_ml.jpg It is almost impossible to comprehend why application security isn’t getting more attention. In 2014 alone, there were eight major breaches through the application layer, resulting in more than 450 million personal or financial records stolen. And we aren’t talking about small breaches at companies no one has heard of. Target, JPMorgan Chase, Community... READ MORE

Why Appsec? Because Application-Layer Breaches ARE Damaging Businesses

January 12, 2016  | Intro to AppSec

To say we at Veracode talk about the proliferation of applications and the dire need to secure these apps a lot would be a massive understatement. Securing the software that runs today's businesses, and frankly our lives, is our passion. 27827367_m.jpg We are so immersed in the concept of ensuring the world's software is secure, that we often forget this isn't the main... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu