Secure Development

We'll walk you through the critical step of integrating security into the software development lifecycle (SDLC). You'll hear from the experts on everything from working with developers, to the best ways to assess code for security and the latest development trends and technologies.

Companies Worldwide Are Adopting Agile Development Techniques

ppaganini's picture
By Pierluigi Paganini April 1, 2015

Secure Agile development is a mature, iterative, collaborative methodology that splits the overall development process into smaller phases, or "sprints." A growing number of companies worldwide are adopting Agile, believing it's an efficient way to design robust applications that are resilient to cyberattacks. The best way to understand the global diffusion of Agile development is to survey... READ MORE

Charting a New Course for Secure Software Development

jrosenberg's picture
By Joanna Rosenberg March 25, 2015

The landscape of application software development is undergoing rapid transformation. New platforms for server and client, new development tools, new languages, newfound status, and new deployment methodologies mean the already quick pace of change has gotten faster.  In the meantime, developers must learn to chart this new course while building in and maintaining secure coding standards.... READ MORE

Agile Adoption Is the Winning Choice for Secure Software Development

ppaganini's picture
By Pierluigi Paganini March 25, 2015

When it comes to product development today, Agile adoption is more important than ever. That's because Agile allows for the quick design of robust applications that are resilient to cyberattacks. In many cases, traditional waterfall development doesn't cut it, because it necessitates significant effort and numerous time-consuming steps. And since you don't typically get the opportunity to revisit... READ MORE

Exploit Profile: All About SQL Injection

ewade's picture
By Evan Wade January 26, 2015

You've heard it before, and you'll hear it again: SQL injection is no joke. Why the repetition? It's that serious a threat. As the number-one exploit on the OWASP Top 10 list of digital security issues (and one of the easiest attacks to successfully pull off), injection is a major tool for novice scripters and skilled hackers alike. With little more than basic knowledge and a sufficiently... READ MORE

5 Flaws a Secure Agile Development Process Can Help You Avoid

jmontesi's picture
By John Montesi December 22, 2014  | Secure Development

You know what they say: "Measure twice, cut once." But no matter how often code is considered, measured or tested, there will be problems developers simply forget to account for. It's easy to assume that pulling an API from a trusted site like Facebook means you'll be safe, but, well, you know what happens when you assume. Before you start developing your next product, identify... READ MORE

Secure Agile Development. Think like a Developer.

pchestna's picture
By Pete Chestna November 5, 2014

As you lead your organization in securing software development and delivery, you will come across several challenges – despite the recent growth and increased adoption of the agile methodology. Application vulnerabilities and coding issues are typically time-consuming to find, document, and fix with traditional testing tools. Short agile sprints don’t lend themselves to these long processes;... READ MORE

Only You Can Prevent an XSS Attack — Here's How

jmontesi's picture
By John Montesi October 27, 2014  | Secure Development

preventing-xss-attacks.jpg The only thing worse than guys spouting industry buzzwords at random is guys spouting negative industry buzzwords at random. For every mention of "disruption" and the "Internet of Things," there's also a reference to an "XSS attack" or "Heartbleed" or some other common cybersecurity threat. Despite how common... READ MORE

What Microsoft's Agile Development Plans Mean for Application Security

sdrew's picture
By Shawn Drew October 17, 2014  | Secure Development

microsoft-agile-development.jpg Waterfall development has been a staple of technology's largest software houses for decades, but now even the most blue-chip tech firms are considering more nimble approaches. Agile development has proven its power over the past few years, and Microsoft looks to be shifting its development process to take advantage of its benefits — including... READ MORE

The Agile Dope Slap

gnicastro's picture
By Greg Nicastro October 9, 2014

the-agile-dope-slap.jpg Here's the truth: Agile is not a panacea, particularly when you're working with multiple Scrum teams on various continents with unavoidable interdependencies. That said — in the context of Winston Churchill's claim that "democracy is the worst form of government except all those other forms that have been tried from time to time" — Agile is the worst form of... READ MORE

Secure Agile Development: New Blog Series by Analyst Firm

pneray's picture
By Phil Neray September 19, 2014

image001.png CA Veracode is sponsoring new independent research on the topic of secure agile development – see below for a summary of the content, which will eventually be published as a complete white paper. The research is being conducted by Securosis, a small, well-respected analyst firm with strong ties to the security community. It will initially be published as a series of blog... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu