You don’t need me to point you to stories such as this New York Times article that reported on data from Flurry, a mobile analytics firm to convince you that mobile app usage is growing exponentially. 25B downloads at the end of 2011, a 300% increase year over year. I mean Angry Birds Rio was on the Christmas list for my 6 and 3 year olds – even Santa is not immune from this demand!
It is for this reason that we chose to include statistics from Android apps in our recently …
What a busy week for the internet! With topics from attacks and hacks to protests, bloggers have been busy covering the most recent news in the cyber security industry, and we are here to wrap it all up. The following are some of this week’s biggest headlines, along with some of the best commentary on them, enjoy!
1. Zappos Attack: “Zappos Breach Notice: Lessons Learned,” by Tom Field (@SecurityEditor). Field interviews a privacy attorney as she provides her analysis and opinion of Zappos’ response. Points of interest include the decision to shut down the customer service phone …
Evan Fromberg, Sr. Director of Channel Sales and Business Development here at Veracode, recently wrote a guest post on Rackspace’s Cloud Blog. In his post, Evan talks about the emergence of a growing need for businesses of all sizes to increase speed to market.
He examines the impact of this trend on the adoption of cloud platforms, and what this means for the security of applications being migrated to the cloud. The post sheds light on some of the vulnerabilities in applications that are becoming more prevalent, and also reveals …
With the entire buzz about SOPA and the highly visible protests from some major sites today like Google, Reddit, Wikipedia and Wired, I’ve been looking for more factual posts on the web regarding this highly controversial topic.
Quick intro to SOPA: Simply put, SOPA (Stop Online Privacy Act) and its companion PIPA (Protect IP Act) are two anti-piracy bills intended to strengthen protections against copyright infringement and IP theft. SOPA battles the menace of piracy and intends to protect content creators by requiring that rogue sites be blocked by ISPs, prevented from …
January 15th was the 10th anniversary of Gates Trustworthy computing memo. We thought it would be interesting to ask a few Veracode employees what they were doing on that day 10 years ago. This is the second post on this topic. Yesterday’s post is here. Some of the answers are really funny! Can you guess who had blue hair in 2002?
Captain @stake Steve Roge was selling manual code reviews to Fidelity for $150 per hour and every consultant who worked on the …
You’ve probably read by now that online retailer Zappos suffered a security breach affecting over 24 million customers. As a Zappos customer, I received the email last night alerting me about the breach. I got a nearly identical email from their sister company, 6pm.com, as well. This is a clear sign that I buy too many shoes.
What’s interesting to me about this breach is that Zappos is renowned for their customer service, so watching how they communicate in the coming days and weeks should be an interesting case study. A few notable points so …
January 15th is the 10th anniversary of Gates Trustworthy Computing memo. The effects of this memo have already been discussed on Threatpost so I thought it would be interesting to take a different angle on commemorating this event – Where were you on 1/15/2002? I asked a mixed group of my colleagues at Veracode to answer this question. The group has a wide age range, and come from many different backgrounds. Some of the answers are really funny! I hope you enjoy!
Welcome to the first post in our new blog series, the Veracode Application Security Weekly News Roundup. Every Friday we will be compiling and releasing our list of the top news items of the week. This week features a handful of excellent articles from the cyber security world on topics like social media security, malware attacks on the U.S. government, and hacktivism.
1. Worm steals more than 45,000 Facebook logins
The theft of over 45,000 Facebook logins by a piece of malware called Ramnit has been grabbing a few headlines lately. Ramnit is a worm …
As a start to 2012, I wanted to share my thoughts on a topic of great interest to me – compliance. To start the discussion, I thought it would make sense to lay down a base line. This post covers the “What and Why” of compliance.
First question most people ask: What exactly is “Compliance”?
Wikipedia says: “In general, compliance means conforming to a rule, such as a specification, policy, standard or law. Regulatory compliance describes the goal that corporations or public agencies aspire to in their efforts to ensure that personnel are aware of and take steps to comply with relevant …
I am planning to purchase a Nissan Leaf, to lower my impact on our environment when I drive to work at Veracode. Some studies have put the electricity used to produce gasoline as roughly the same as the electricity needed to drive an electric car as far as the gasoline will take a typical internal combustion engine car. The exact numbers are hard to pin down and much debated, but obviously removing the gas from the equation and getting roughly the same effect has a much lower impact on our environment.
In learning about the Nissan Leaf I read …
It turns out that the security state of their applications is pretty abysmal too.
But first, let’s take a look at what the Government’s report card looks like for their job rating. Gallup has asked Americans each August since 2001 to indicate whether they have positive or negative views of a list of business and industry sectors. The 2011 update is from Gallup’s Aug. 11-14 survey.
The federal government has been near the bottom of the list in this survey in previous years, but is at the absolute bottom this …
New Gartner research has positioned Veracode in the Visionaries quadrant for Dynamic Application Security Testing (DAST) solutions. Gartner’s DAST Magic Quadrant report was published on December 28, 2011 and is now available to all Gartner research subscribers.
An an independent provider of IT and research advice, Gartner’s research analyzes the evolution of the dynamic application security testing market and evaluates vendors according to their business and technology vision, as well as their ability to execute against that vision in their products and services.
As readers may be aware, Veracode is in the process of transitioning our …
Here’s a feel good story to start the new year.
Just before the holidays, we detected a cross-site scripting (XSS) vulnerability while running a web application scan for one of our customers. Nothing special about that; we detect thousands of these things every week. But as we discussed this particular finding, we noticed that the layout of the website looked… familiar. As it turned out, the discussion forum where we found the XSS was a SaaS-based product called Lithium.
From Lithium’s website: “The world’s most innovative companies such as AT&T, Barnes & Noble, Best Buy, Sephora, Univision, Home Depot, and HP …
2011 has been a busy year for Veracode on the event circuit. The Veracode team has spoken at nearly 200 industry events this year. We racked up frequent flyer miles, collected a rainbow assortment of conference badges, and generally had fun presenting to all of you that attended the year’s major (and minor) industry and government forums.
Here are just a few highlights of some of our speaking opps this year…
RSA 2011
In the talk “Intelligence on the Intractable Problem of Insecure Software” Veracode’s Sam King, vice president of strategy and product marketing, and …
Subscribe by RSS
Powered by WordPress
