Recently, Veracode’s Jim Lynch and Fred Pinkett, VP of Product Management at Security Innovations discussed key strategies that organizations need to adopt in order to implement a formalized Application Security Training program for development teams. The well attended webinar generated a number of questions from attendees. The following are some highlights of the Q&A at the end of the discussion.
It’s finally Friday and the start to a long weekend! Here are this week’s hot security topics, as reported by our esteemed peers in the industry:
Applications uploading data from your iPhone’s address book without permission: “iOS apps and the address book: who has your data and how they’re getting it,” a great article by Dieter Bohn details the source of the problem and how you can detect it yourself. It also includes a list of some of the other offenders that may surprise you as well as an ongoing conversation of over 150 comments.
Our very …
January 25th, 2012 saw the announcement of new data security regulations for the European Union (E.U.) – the idea being to ‘upgrade’ to the challenges of a new world. The previous Data Privacy Directive had been implemented in 1995 and didn’t reflect the changing data ownership and distribution model that exists today…Cloud storage concerns, jurisdictional issues, the sheer volume of information that now exists on each business and individual.
Vivian Reding, the EU Justice Commissioner, had the unenviable task of updating this historic law and making it ‘fit for purpose’ for modern business concerns, the first results can …
“On January 31, Veracode released our first platform update of 2012, including new scans for iOS, improved eLearning progress tracking and reporting, additional API methods, and better communication of expected turnaround times for applications.”
That was the headline of the release announcement that went out to our opted-in Veracode users about two weeks ago, and it does a pretty good job of summing up what was in the release. But I thought it might be interesting to lift the lid a little bit and talk about some of …
As most of the folks who work at Veracode know, I’m brand new to the IT security space. I’ve been in start-ups most of my career and I’ve touched many industry verticals, but this is my first foray into security. I’m not sure if it was a complete coincidence, but from the moment my initial discussions began with Veracode I started to hear about breaches almost every day. Our new CEO, Bob Brennan, and I discussed this phenomenon the other day. He’s only been at the company for ten weeks, and he too attested to suffering from this …
As you know, we love Security Testing! But there is a whole other world of software testing out there – functional, black box, white box, integration, unit, you know what I mean… One of my favorite resources on software testing is the Software Testing Club. They have a great blog, a quarterly printed publication called THE TESTING PLANET (Chris Wysopal was featured in the last iteration), and a very active community.
Introducing Mr Fails
I recently came across a very entertaining Software Testing …
According to market researcher DataMonitor the size of the global software market is forecast to have a value of $299.1 billion in 2014, an increase of 32.6% since 2009. According to them, the computer software market consists of systems and application software. Systems software comprises operating systems, network and database management and other systems software. Application software comprises general business productivity and home use applications, cross-industry and vertical market applications, and other application software. Let’s just take a moment to let the enormity of that number sink in – $299B dollars is a big market!
Now, let’s examine another market. According …
Welcome to our Weekly News Roundup. Read on to learn about the latest this week in the world of security, put together for you by our marketing team. Enjoy!
1. Android users potentially hit by malware attacks: Two possible Android attacks, one, according to Symantec, due to thirteen applications from three different developers that have been collecting data and performing tasks without the user’s knowledge (Millions Of Android Users Potentially Hit By New Malware Attack, by Oliver Haslam). Another is a bug unique to HTC smartphones that allows some applications to send the user’s Wi-FI network …
If your organization had an unlimited budget to spend on your enterprise security program, in what areas would you focus investments? Application security? Mobile strategy? Web Application Firewalls?
Wendy Nather from the 451 Group and Veracode’s CTO Chris Wysopal presented the latest research on enterprise security spend, and discussed how to “make the case” for security initiatives in a recent webinar. This popular webinar also generated a large number of questions from attendees, and the highlights of the Q&A session are posted below. You can access a full recording of the webinar here.
For those of you …
Powered by WordPress
Subscribe by RSS