Security News

Check in here for all the late-breaking AppSec news, including details about new vulnerabilities and recent breaches.

Can Security And The App Economy Learn To Get Along?

eschuman's picture
By Evan Schuman November 1, 2016  | Security News
Will the app economy ever care about security?

The App Economy is streamrolling along and has the very legitimate potential to rewrite so much of how businesses use technology. Uber obliterated Yellow Taxis, Pandora and Spotify has all but made FM radio irrelevant and streaming video has forced TV and movie theaters to sit in the back seat. But here's the frightening part: Security has also been demoted. Consider a recent study where,... READ MORE

Why I Joined CA Veracode: Colin Domoney

cdomoney's picture
By Colin Domoney October 31, 2016  | Customer News | Security News
Software powers the world.

I recently joined CA Veracode after spending five years managing application security at a global investment bank. I’m sharing a bit about my background and reasons for joining CA Veracode in the hope that my experience helps others trying to work security into software development. Software’s foundational role My career as a developer began in South Africa, where I learned... READ MORE

*Sigh* More Proof Of App Weak Security

eschuman's picture
By Evan Schuman October 27, 2016  | Security News
Proof of weak app security.

It's becoming increasingly clear to IT how critical it is to keep applications secure. One problem, though, with keeping apps secure is making sure that they at least started out secure, which is harder than it should be. Consider this scary piece from Engadget where they found that security in the mobile Android world—specifically apps in Google's Play Store—is rather... READ MORE

Bridging the Cybersecurity Information Gap in Higher Education

amcguinness's picture
By Amanda McGuinness October 25, 2016  | Security News
To fix the security skills gap, we need to go back to school.

Cybersecurity professionals are some of the most highly sought after candidates in the job market. With most businesses taking advantage of web applications to streamline their operations, every company is a software company - and they all need security. Before now, the position of security professional remained a bit cryptic. More traditional roles in marketing or sales demonstrated obvious... READ MORE

The App Security Battle Is Winnable, But Only If You Suit Up

eschuman's picture
By Evan Schuman October 20, 2016  | Security News
Suit up for fixing app security.

How dangerous are your app security holes? Sadly, they are quite dangerous and getting far more so. In a study released Tuesday (Oct. 18) that examined billions of lines of code from 300,000 assessments performed over the last 18 months, a stunning 97 percent of Java applications contained at least one component with a known vulnerability. To be fair, that probably isn't that surprising. Nor... READ MORE

Message Encryption Is Great—Depending On Who Has The Key

eschuman's picture
By Evan Schuman October 14, 2016  | Security News
Message encryption.

Corporate execs are understandably worried these days about all of their electronic communications. Whether messages can be intercepted by corporate spies working for the opposition, government investigators snooping for terrorists or cyberthieves looking to steal what they can get, anything that is intercepted can wind up somewhere else. See Edward Snowden. It's therefore quite... READ MORE

DevOops Redux: A Chat with Chris Gates and Ken Johnson

Neil's picture
By Neil DuPaul October 12, 2016  | Security News

This week at OWASP AppSec USA there's a schedule packed with great sessions focusing on devops, shifting left, automation and more. I was lucky enough to get some time from Chris Gates, Sr Security Engineer, Uber and Ken Johnson's, CTO nVisium, busy schedule to ask them a few questions related to their session at AppSec, DevOops: Redux - a defense oriented follow up to their popular talk... READ MORE

Five signals that the future is strong for Boston’s Women in Tech

mloughlin's picture
By Maria Loughlin October 11, 2016  | Security News
RevBoston 2016 Badass Women

This weekend I was among 21 women recognized as a Rev Boston “Badass” woman in tech. My co-honorees and I are senior leaders in tech who work at landmark institutions (e.g. Boston Children’s Hospital), high-flyer local companies (e.g. CA Veracode, WayFair, HubSpot, Carbon Black, CarGurus), as well as mid-size and tiny startups (e.g. Toast, Drizly, TetraScience, clypd,... READ MORE

Has The Media Finally Figured Out The Importance Of App Security?

eschuman's picture
By Evan Schuman October 7, 2016  | Security News
Image of crowd of press representatives.

It certainly has taken long enough, but it seems like non-tech media outlets have figured out that applications make wonderful entry points for cyberthieves. Given the layers of complexity that many enterprise apps feature today, it's hardly surprising that they boast massive security holes. That message seems to be finally sinking in. Consider just a few recent media reports, from NBC News... READ MORE

How to Get Developers and Security to Win-Win This Cyber Security Awareness Month

jzorabedian's picture
By John Zorabedian October 5, 2016  | Security News

October is National Cyber Security Awareness Month (NCSAM), a commendable public-private initiative focused on training businesses and users in practicing better digital hygiene. If there’s one drawback to awareness programs like NCSAM, it’s the potential for awareness to spike in the short-term and fall off in the long-term. Without follow-up training and continuous learning,... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu