Suzanne Ciccone

Suzanne is part of the content team at CA Veracode, working to create resources that shed light on AppSec problems and solutions. 
Posts by Suzanne Ciccone

You Can’t Keep Up With the Security Demand

July 12, 2016  | Intro to AppSec

Developers are cranking out code faster than ever, and the threat landscape is growing and changing at an equally fast pace – all while the number of skilled security professionals is at an all-time low. If your application security strategy is to test code after it’s completed, then scramble to fix whatever’s broken, or worse, patch vulnerabilities in code as you hear about... READ MORE

Top Metrics to Demonstrate the Need to Expand an Application Security Program

July 12, 2016  | Managing AppSec

You’ve started an application security initiative, yet you know you need to do more. But how do you prove the need to do more? Whether you’re making the case to executives or developers, we’ve found it’s hard to argue with numbers. Collecting a few key metrics will create a clear picture of where you are falling short, and where you need to expand your program. Every... READ MORE

Bad Things Happen When You Don’t Measure Your AppSec Program

May 23, 2016  | Managing AppSec

If you’re going to spend time, money and effort implementing an application security program, don’t lose your progress by neglecting to collect and share metrics. With strong metrics, you not only prove that your program is making a positive impact, but also identify where and how it’s working – or not working. What happens if you don’t measure? Bad things like these... READ MORE

In AppSec, What You Measure Is as Important as What You Do

May 18, 2016  | Managing AppSec

If you’ve ever wrapped a gift and ended up with a big stripe of the box showing down the middle, you know “measure twice, cut once” is a popular saying for a reason. The need to give equal attention to measuring and doing holds true for a plethora of activities and industries, and application security (AppSec) is no exception. You can implement all the latest and greatest AppSec... READ MORE

Top 3 Reasons Why Neglecting Application Security Is Risky Business

May 10, 2016  | Intro to AppSec

Vtech, TalkTalk, OPM, Premera … you’ve seen the headlines about all the destructive breaches in 2015. Want to avoid the same fate? The best way to reduce your risk of a breach is to implement an application security program. Most organizations have sufficiently secured the network and hardware layers, but have yet to focus their attentions, or budgets, on the security of the... READ MORE

Software Vendors: How to Overcome the Top 3 Developer Objections to Application Security

May 8, 2016  | Managing AppSec

Software vendors will increasingly be on the hook to provide evidence that their code is secure. With mounting pressure from customers, regulations and even competitors, vendors are finding they need to make application security a priority. But as software vendors start their application security journey, the first roadblock they often hit is the development organization. And that can be a... READ MORE

Top 4 Ways Vulnerabilities Creep Into Your Software

April 12, 2016  | Intro to AppSec

Software makes the world go round these days, and it’s also causing a lot of problems. The U.S. Department of Homeland Security recently found that 90 percent of security incidents result from exploits against defects in software. It sometimes seems like we’re just rolling out the red carpet for cyberattackers with our applications. Why is software so riddled with security defects?... READ MORE

Why You Need Your Boss’ Buy-In for Application Security

March 14, 2016  | Managing AppSec

Want your application security program to succeed? Get your boss on board. You need your CISO’s buy-in, and not just for scanning or pen testing a few business-critical apps – but for building a mature, robust program that secures every application the organization builds, buys or assembles. Here’s why: Reason 1: You need your boss to be a champion for your program with the C-... READ MORE

3 Steps To Getting Started With Web Application Security

February 23, 2016  | Intro to AppSec

Companies are producing more applications today than ever before, and with this increased production comes increased risk.  Many enterprises recognize the need for application security but aren’t making it a priority.  This is usually because application security is mistakenly seen as an overly complex and expensive endeavor. What those responsible for securing the applications at... READ MORE

Why Ignoring Development and Security Teams Undermines Application Security

February 11, 2016  | Managing AppSec

47913936_ml.jpg In an era of increasingly sophisticated data hacks and attacks, there's a critical need to move beyond protecting your business’s perimeter. To thoroughly safeguard your organization, your enterprise must adopt an approach that addresses systems and software throughout their lifecycles. A key piece of this strategic approach? Application security. According... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu