Suzanne Ciccone

Suzanne is part of the content team at CA Veracode, working to create resources that shed light on AppSec problems and solutions. 
Posts by Suzanne Ciccone

How CA Veracode Products Secure the Testing Stage

November 29, 2017

This is the second in a series of blogs on how CA Veracode products fit into each stage of the software lifecycle – from development to production. We want to emphasize lifecycle here, because we continue to hear the misconception that application security falls squarely and solely into the testing stage. In our 10+ years helping organizations secure their applications, we’ve learned that... READ MORE

How CA Veracode Products Secure the Coding Stage

November 2, 2017  | Managing AppSec

This is the first in a series of blogs on how CA Veracode products fit into each stage of the software lifecycle – from development to production. We want to emphasize lifecycle here, because we continue to hear the misconception that application security falls squarely and solely into the testing stage. In our 10+ years helping organizations secure their applications, we’ve learned that... READ MORE

Our 2017 State of Software Security Report: Top 5 Takeaways for CISOs

October 23, 2017  | Security News

We just published our State of Software Security 2017 (SoSS) report, and, as always, it is chock-full of valuable data and insights about the security of applications. Based on 400,000 application scans across our customer base over a recent 12-month period, this year’s report is a gold-mine of intelligence about how organizations are approaching AppSec, what’s working, and what isn’t. This... READ MORE

Podcast: Key Takeaways From CA Veracode's Latest State of Software Security Report

October 19, 2017  | Customer News | Research | Security News

Key SoSS Findings

CA Veracode just published its latest “State of Software Security” report, get it here. Based on CA Veracode Platform data, these “SoSS” reports have been offering a goldmine of intelligence about how organizations are approaching AppSec since 2011. This year’s report is no different. Evan Schuman recently sat down with CA Veracode’s Director of Product Management Tim Jarrett to discuss the... READ MORE

Podcast: What the Apache Struts 2 and the Irish Potato Famine Have in Common

September 28, 2017  | Managing AppSec

Apache Struts 2

More than you might think. Just as the reliance on a single species of vulnerable-to-blight potato created widespread devastation in 1800s Ireland, today’s reliance on vulnerable components creates a similar ripple effect. In both cases, compromise of a single vulnerability spread its consequences widely and rapidly. The Potato Famine’s consequences were obviously more devastating, but although... READ MORE

Podcast: Implications of the EU GDPR

September 4, 2017  | Managing AppSec

EU GDPR Blog Podcast

The EU General Data Protection Regulations (GDPR) go into effect in May 2018, and will introduce stark new data security requirements for any organization in the EU, or doing business in the EU. The requirements in this regulation surrounding data retention and personal information are unprecedented, and so are the fines for non-compliance. How will this play out in a world where information is a... READ MORE

Don't Be AppSec 'Helicopter Parents'

August 17, 2017  | Managing AppSec

Roles shifting can be disconcerting. Having a clear role and understanding your responsibilities and tasks is comforting. But getting too comfortable can be dangerous. Take parenting for example. Parents wouldn’t be doing their kids any favors by continuing to feed and dress them as if they were 4 when they’re 10. As children age, they start to do these basic tasks on their own, and the parent... READ MORE

Security Needs to Shift Left – and Right

July 25, 2017  | Managing AppSec

The move to Agile and DevSecOps development processes has fostered a lot of attention on the need to shift security testing left in the development cycle. And this is absolutely a pivot in the right direction. Moving security testing into the realm of the developer makes security testing faster, easier, more effective and less expensive. However, it’s important not to lose sight of the fact that... READ MORE

Podcast: What Our New Survey Reveals About the AppDev/Sec Relationship

July 21, 2017  | Managing AppSec

Appsec in Review Ep 7

CA Veracode recently partnered with ESG to conduct a survey of 400 IT, cybersecurity and developer professionals regarding their take on the benefits of AppSec for contemporary software development and deployment. The survey results revealed some positive trends, including the fact that many developers are focusing on security for security’s sake, rather than solely to meet compliance... READ MORE

How CA Veracode Integrations Enable Security at DevOps Speed

July 21, 2017

CA Veracode integrations speed the dev process

Speed and security are the name of the game in software development today. Why? Because software is now key to innovation and competitive advantage for every enterprise in every industry. This means that not only is the pace of software development rapidly increasing, but also that attacks against the application layer are proliferating. In turn, software development speed and security are now... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu