Managing AppSec

When your application security program is up and running, you need best-practice advice on managing and growing the program. Our security experts will guide you through important steps like measuring the success of your program or expanding it to cover more of the application landscape.

CA Veracode Webinar Explains How to Beef Up Vulnerability Disclosure and Breach Response

ewade's picture
By Evan Wade August 28, 2015  | Managing AppSec

You don't have to be a top-flight security company to understand that breach response and vulnerability disclosure are a huge part of the security process. And you don't need to be a security expert to know that, while they're all very important at a high level, not all actionable flaws are created equal. It's a problem eminent security minds across the industry have spent lots of... READ MORE

Beyond the Quadrant: What the 2015 'Gartner Magic Quadrant for AST' Says About the AppSec Market

jlavery's picture
By Jessica Lavery August 24, 2015  | Managing AppSec

On August 6, Gartner published the 2015 edition of the "Magic Quadrant for Application Security Testing¹" – and once again, CA Veracode is positioned in the "Leaders" quadrant. Our position in the quadrant, as well as the subsequent write-up of the company's strengths and cautions, is exciting, as we feel it validates that we are the best pure-play provider of... READ MORE

Embracing Security Analytics and Automation: The Scalability of Security

ewade's picture
By Evan Wade August 24, 2015  | Managing AppSec

Depending on your role within an organization, metrics and security analytics can be invaluable benchmarking tools. They can provide ways to improve performance (personal or organizational), as well as paths to more busywork. But whatever you think about them, it's a given that you work with them daily. The statement holds true no matter the size of your company. Tiny companies and... READ MORE

Are CISOs Spending Too Much Time Focusing on Technology?

jlavery's picture
By Jessica Lavery August 21, 2015  | Managing AppSec

Following the onslaught of high-profile cyberattacks reported in the past 12 to 18 months, cybersecurity has become a more frequent topic in board-level conversations. This has created a need for CISOs to better understand board member perceptions and become more effective at communicating their cybersecurity strategies. However, a new study from Deloitte's CISO Transition Lab found CISOs... READ MORE

Breaking Down HIPAA, PCI DSS and Third-Party Risk Management

ewade's picture
By Evan Wade August 17, 2015  | Managing AppSec

If a problem or process is best served by its own named department, chances are it's pretty important. Take compliance. While your company may or may not employ its own dedicated team of industry regulation experts, there's a good chance some product you build or service you offer brushes up against a set of outside rules — and if not, that the code or infrastructure you hire a third party to... READ MORE

Automating Your CA Veracode Security Scans

Neil's picture
By Neil DuPaul August 13, 2015  | Managing AppSec
Automate security scans in your software development lifecycle, SDLC.

How Can I Save Time With CA Veracode Security Scans? At On-Line Strategies [OLS], many of the tools we use in our Software Development Lifecycle (SDLC) have helpful APIs, including CA Veracode. We leverage them to automate tasks that were once performed manually by developers or technical managers, such as running a CA Veracode static scan on a pending release. Today, our CA Veracode static scans... READ MORE

The Scalability Challenge, Part Three: Web App Development and Securing the Perimeter

ewade's picture
By Evan Wade August 13, 2015  | Managing AppSec

For somewhere that doesn't technically exist, the perimeter can be a pretty scary place. A big place, too, at least for businesses that publish apps and use the Internet as a main tool of their day-to-day operations. Put the two problems together and you have one of the biggest security and web app development challenges facing businesses today. CA Veracode sums up this problem in its "... READ MORE

For CISO Evolution, the Three Cs Are Key

dbonderud's picture
By Doug Bonderud August 4, 2015  | Managing AppSec

Data breaches are on the rise. According to a recent Forbes article, more than 675 million records were compromised last year. What's more, these breaches weren't limited to a single sector: retail, financial and even post-secondary institutions were all victimized. That means IT security must evolve, and that evolution starts with the Chief Information Security Officer (CISO). In a new... READ MORE

The Big Talk: Explaining Cybersecurity to Your CFO

ewade's picture
By Evan Wade August 3, 2015  | Managing AppSec

Saying one thing and doing another isn't exactly a new practice in the business world. That doesn't mean it's a good thing, however, especially when it comes to cybersecurity. Take these disturbing numbers from a recent Deloitte study, for instance: 74 percent of CFOs say digital security is a top priority, but only about half of CFOs expect at least moderate business disruption from... READ MORE

Gartner Report Details the Value of Security Programs and Creating an Executive Link

dbonderud's picture
By Doug Bonderud July 29, 2015  | Managing AppSec

Cybersecurity is a now a top priority for board members. According to Help Net Security's report on a recent NYSE Governance Services/CA Veracode survey, over 80 percent of respondents said security was discussed at "most or all" boardroom meetings. But there's a disconnect: Sixty-six percent of those surveyed said they were "not fully confident their companies are properly... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu