Managing AppSec

When your application security program is up and running, you need best-practice advice on managing and growing the program. Our security experts will guide you through important steps like measuring the success of your program or expanding it to cover more of the application landscape.

[VIDEO] Top 5 Tips on Application Security Policies

sciccone's picture
By Suzanne Ciccone May 2, 2018
Tips on improving your AppSec policy

Policies are a critical part of your application security program; you need them to frame your program, set goals, measure success, and report on progress. But they can also stall your program if they work against, and not with, developer processes and priorities. With the shift to DevOps, and developers working in a faster and more incremental way, it might be a good time to ensure your policy... READ MORE

What the CA Veracode Verified Standard Tier Looks Like

sciccone's picture
By Suzanne Ciccone April 30, 2018
What the Standard Verified Tier looks like

We recently revamped and relaunched our CA Veracode Verified program. To better suit the needs of organizations that are producing and updating apps at DevOps speed, we are moving away from attesting to the security of an application at one point in time, and, rather, attesting to the security of the overall development process of an application. In this way, your prospects and customers can rest... READ MORE

Customer Success Story: Why CAP COM Chose CA Veracode

gcoleman's picture
By Gregg Coleman April 18, 2018  | Secure Development
Banking and Finance AppSec

When you work in the banking industry, security is a part of everything you do. And just as important as protecting the money is protecting the integrity of the software it all flows through. But for us at CAP COM Federal Credit Union (CAP COM), ensuring that we were producing secure code had become a bigger priority. As part of redefining our software development lifecycle (SDLC), CAP COM began... READ MORE

Looking Ahead to RSA: What You’ll See at Booth N3309

SKing's picture
By Sam King April 12, 2018  | Managing AppSec
Find out what we're highlighting at RSA this year.

RSA 2018 is fast approaching, and all of us at CA Veracode are gearing up and getting ready. I’m excited to return this year, and looking forward to both sharing what’s new with us, and learning more about what others have been working on this year. Although the size of this conference can be overwhelming, bringing so many security professionals together creates a truly unique source of knowledge... READ MORE

Survey: How Teams are Using Software Components in the Age of DevOps

Neil's picture
By Neil DuPaul April 10, 2018  | Managing AppSec
Software component security.

New research: Only 52% of developers using components in their apps update them when a new vulnerability is announced Open source components have gone mainstream. With every company undoubtedly becoming a software company, open source and commercial components are a vital element in developing applications at the speed of DevOps. But while they’re a powerful tool for adding features and... READ MORE

It’s Complicated - Operational Security for Developers

pherzog's picture
By Pete Herzog March 28, 2018  | Managing AppSec
Application porosity - opsec for developers

The life of a commercial software developer is a difficult one. Or at least we have to assume it is because of how many of them half-ass it when code starts to get complicated. Okay, maybe that’s unfair. Maybe it’s not all half-assing. It’s complicated. Literally. There’s many functions that are overly complex. They are so complex with so many variables and interactions as to be actually... READ MORE

DevSecOps Beyond the Myths: Cutting Through the Hype and Getting to Results

SKing's picture
By Sam King March 27, 2018
Learn more about myths vs facts of DevSecOps

There’s been a lot of talk and buzz about DevOps and DevSecOps, precipitated by mega technology trends and cybersecurity events shaping our industry. So my colleagues and I were excited to be part of a recent Virtual Summit on “Assembling the Pieces of the DevSecOps Puzzle,” which aimed to move the conversation from defining DevSecOps to enacting it. We are spending a lot of time helping our... READ MORE

Podcast: AppSec's Effect on the Bottom Line

sciccone's picture
By Suzanne Ciccone March 21, 2018
How integrating security into the development lifecycle can boost profits.

Traditionally, most executives have thought of security as a necessary evil – an investment that was needed solely to avoid a bad outcome, but not something that would bring in new customers or boost revenue. But that seems to be changing. CA Technologies recently surveyed IT and business leaders to find out how well organizations are integrating security throughout the development process – a... READ MORE

Do IT Pros Consider Security When Purchasing Software?

sciccone's picture
By Suzanne Ciccone March 19, 2018
How to make security a competitive advantage

Traditionally, security was about cost avoidance. It was thought of like insurance – something you have to have in case something bad happens, but not something that would boost the bottom line or attract customers. But in today’s environment, we are increasingly seeing that security is about more than cost avoidance; done right, it creates a competitive advantage. The results of a recent IDG... READ MORE

Introducing CA Veracode Verified

amay's picture
By Asha May March 15, 2018
Get your app Verified.

Are you struggling to respond to customer and prospect concerns about the security of your application? Do you know what good application security looks like, or how to get there? CA Veracode is pleased to announce the CA Veracode Verified program. With CA Veracode Verified, you prove at a glance that you’ve made security a priority, and that your security program is backed by one of the most... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu