Laura Paine

Laura Paine is a senior web content developer at CA Veracode, focused on research, product and current events. She is a contributor to CA Technologies Security.com blog and repsonsible for publishing CA Veracode's State of Software Security Report. Prior to taking this position in content marketing, Laura was the global public relations and analyst relations manager for the business unit.  Follow Laura on Twitter and LinkedIn.
Posts by Laura Paine

New Apache Struts Vulnerability Highlights Need for Software Composition Analysis

August 24, 2018

On Aug. 22, the Apache Software Foundation announced that a new critical remote code execution vulnerability was found in Apache Struts 2 (CVE-2018-11776). According to the Semmle Security Research Team, who first identified and reported the vulnerability, this flaw is "more critical" than the Struts vulnerability behind the massive data breach that exposed the personal information of 143 million... READ MORE

State of Software Security: Insight Into Government Sector Application Security And Guidance For Policy Makers

May 15, 2018

In 2015, the United States Office of Personnel Management (OPM) announced that it had been the target of two massive data breaches. These breaches are thought to be a result of gaining valid user credentials to the systems they were hacking through social engineering, as well as through a malware package which installed itself within OPM’s network and established a backdoor. Attackers then... READ MORE

Video: State of the Current Threat Landscape (RSA 2018)

May 8, 2018

During this year's RSA Conference, Highwire PR and WSJ Pro Cybersecurity hosted several panel discussions, including this one with CA Veracode CTO Chris Wysopal. Chris joined Andrea Limbago, chief social scientist at Endgame, Michael Daniel, president and CEO of Cyber Threat Alliance, to talk about the current and evolving threat landscape. Throughout the panel, you'll learn more about... READ MORE

CA Veracode recognized for world-class Channel Program and Channel Chief for Second Consecutive Year

April 27, 2018

For the second year in a row, CA Veracode has received several accolades from CRN, a brand of The Channel Company and one of the industry’s top sources for news and analysis for the IT channel. CA Veracode’s world-class Partner Program received the 5-Star Rating in CRN’s 2018 Partner Program Guide, and Leslie Bois, vice president, global channels and alliances, was named to its prestigious... READ MORE

ACS Center’s Michael Figueroa Discusses the Technical Disconnect in Election Security

April 4, 2018

When officials explore the issues surrounding election integrity in the United States, one obstacle tends to frame those discussions: the huge chasm that exists between the technology sophistication of cyber attackers intent on disrupting U.S. elections, and the technology sophistication of the officials who run those elections. Even an attack as low-tech as an email phishing campaign, where... READ MORE

State of Software Security: Checking the Pulse of the Healthcare Industry

March 30, 2018

Over the past year, our scans of thousands of applications and billions of lines of code found a widespread weakness in applications, which is a top target of cyber attackers. And when you zoom in from a big picture view down to a micro-level, there are a few industries that are struggling to keep up with the rapidly changing cybersecurity landscape and combat the tactics of malicious actors... READ MORE

CA Veracode Named a Leader in the Gartner Magic Quadrant for Application Security for the Fifth Report in a Row

March 20, 2018

For the fifth consecutive report, Gartner placed CA Veracode as a Leader in the 2018 Magic Quadrant for Application Security Testing1.  Gartner chooses leaders for the report based on a company’s completeness of vision and ability to execute in the application security testing (AST) market. In recent years, we’ve witnessed the rise in adoption of DevSecOps and Modern Software Factory... READ MORE

Podcast: CA Veracode’s 2018 Development Resolutions with Maria Loughlin

February 1, 2018

Earlier this year, we looked at what 2018 has in stock for open source, and we wanted to continue this trend to dive a little bit deeper into the resolutions the developer community may have for the New Year. For some, it’s a matter of striving to write smaller batches of code that are more testable, better for security stance, or getting more of the enterprise to internalize that quality code is... READ MORE

Forrester Analyst Amy DeMartine on What to Expect in Open Source in 2018

January 11, 2018

2018 Open Source Software

When it comes to open source and security, one of the most popular words that pops into the head of security aficionados and professionals is “dread.” Certainly that perception is driven by open source’s reputation – it is seen as fast, easy, low cost and, well, risky. With unknown hands touching the code – and a surprisingly low number of developers maintaining common components – it’s... READ MORE

Podcast: Are We at Risk For Data Breach Disclosure Fatigue?

December 21, 2017

Risk of Data Breach Disclosure Overload

What is the fundamental purpose of data breach disclosures? To help the company breached? To help other companies in a similar position? To help the customers of the breached company? To help law enforcement? At its most extreme, should it ever be about shaming a company that had poor security? Depending on the circumstances, it can be about all of the above. Focus on the customer. That’s a... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu