Security News

Check in here for all the late-breaking AppSec news, including details about new vulnerabilities and recent breaches.

Why I came to CA Veracode

jfeiman's picture
By Joseph Feiman January 5, 2016  | Customer News | Security News 3

jfeiman-1.jpg Recently CA Veracode announced that I had left my position as a Research VP and Fellow at Gartner to join the company in its pursuit of securing the world’s software.  Some may ask, “why after almost two decades of helping shape the security market, have I decided to leave Gartner and work with a vendor?” I did not take the decision lightly, and... READ MORE

SAFECode Comes Up Short

anielsen's picture
By Anne Nielsen November 23, 2015  | Security News

safecode-principles-software-assurance-assessment.JPG SAFECode has released their Principles for Software Assurance Assessment - a buyer’s guide for businesses that purchase and use software for how they should think about the security of those products. While CA Veracode contributed to the paper, we feel the focus is on a level of maturity that is aspirational at best for the... READ MORE

Cybersecurity in Finance: Time for Change?

dbonderud's picture
By Doug Bonderud November 17, 2015  | Security News

Banks are investing big in cybersecurity. According to Lexology, HSBC has earmarked $1 billion for cybersecurity enhancements, while JPMorgan Chase has doubled down on spending with plans to hit $500 million by the end of 2015. Even financial institutions that aren't actively ramping up their resources are busy backing startups they hope will provide the next generation of cybersecurity. All... READ MORE

Security Leaders: Time for an About-Face?

dbonderud's picture
By Doug Bonderud November 16, 2015  | Security News

Chief information security officers (CISOs) are under fire. According to Bloomberg BNA, both CISOs and chief information officers (CIOs) are now at risk of being named in post-breach lawsuits because these executives, "by dint of their role and purported experience, assume a fiduciary duty to the shareholders." In response, both the ideal candidates and CISO job descriptions are... READ MORE

Healthcare Cybersecurity: Time for a Checkup?

dbonderud's picture
By Doug Bonderud November 9, 2015  | Security News

Discussions of cybersecurity are making their way into boardrooms — but that doesn't mean C-suite executives are fully up-to-date on threats, vulnerabilities and remediation techniques. As noted by The Wall Street Journal, just 11 percent of board members surveyed in a recent National Association of Corporate Directors study claimed a "high level" of knowledge about... READ MORE

Cybersecurity and Corporate Liability

eseymour's picture
By Eric Seymour November 5, 2015  | Security News

Security is now the second leading risk to a company’s brand – ahead of traditional risks related to safety, health, and the environment, according to Deloitte. It should come as little surprise that legal risk related to cybersecurity is becoming a major concern for corporate directors. Pressure is building for boards and management teams to deal with cybersecurity issues that can... READ MORE

Open Letter to Joe Biden - Consider security as your next career move

jlavery's picture
By Jessica Lavery October 22, 2015  | Security News

Dear Vice President Biden, Joe, may I call you Joe? For months, political pundits, voters and the Democratic Party have been asking “will he or won’t he” with regard to your potential presidential intentions. On Wednesday, when you stood in the White House Rose Garden and announced that you will not run for president in 2016, you marked the end of what CNN described as your... READ MORE

Chinese Using SQL Injection for Cyberattacks on Pharma & Technology Firms

pneray's picture
By Phil Neray October 21, 2015  | Security News

Summary Cyberattackers linked to the Chinese government are attacking pharmaceutical and technology firms to steal their intellectual property, with 13 attempts identified during the past 30 days alone. Many of the intrusions were done through Web server compromises, with SQL injection being the prefered vector of implanting malware scripts which provide privileged access to internal networks.... READ MORE

Cybersecurity in Manufacturing: Fact or Fabrication?

dbonderud's picture
By Doug Bonderud October 19, 2015  | Security News

Manufacturers face a significant challenge when it comes to cybersecurity. Along with the task of protecting internal network systems and trade secrets, IT professionals are also on the hook to develop defensible architecture for any Internet-enabled technology they develop and deploy. The result? Cybersecurity in manufacturing is often more fabrication than fact. According to CA Veracode's... READ MORE

Top 5 Lessons C-Level Executives Can Learn From British Security Professionals

sdrew's picture
By Shawn Drew October 16, 2015  | Security News

While suffering a cyberattack may be an eventuality these days, one organization's experience with cybercrime can be very different from another's. Anecdotal evidence from business leaders regarding information security can be interesting, but it's impossible to understand what's truly going on in the industry without gaining insight from hundreds of organizations. That's why... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu