Don't Be AppSec 'Helicopter Parents'

sciccone's picture
By Suzanne Ciccone August 17, 2017  | Managing AppSec
Security's role shifts in a DevSecOps world

Roles shifting can be disconcerting. Having a clear role and understanding your responsibilities and tasks is comforting. But getting too comfortable can be dangerous. Take parenting for example. Parents wouldn’t be doing their kids any favors by continuing to feed and dress them as if they were 4 when they’re 10. As children age, they start to do these basic tasks on their own, and the parent... READ MORE

Big Win! Veracode Sweeps Web Application Security Category in CRN’s 2017 Annual Report Card

lbois's picture
By Leslie Bois August 16, 2017  | Security News

I am thrilled to announce that Veracode has swept the Web Application Security category of CRN®‘s 2017 Annual Report Card (ARC) awards program. Veracode was selected as the highest rated web application security vendor by solution providers in a satisfaction survey which evaluated vendors based on product innovation, support and partnership.       This year marks the 32nd... READ MORE

Best Practices for Complying with Emerging Application Security Regulations

TJarrett's picture
By Tim Jarrett August 14, 2017  | Managing AppSec
best practices for managing appsec regulations

In a previous blog post, we discussed how the proliferation of data breaches has caught the attention of regulators, which are increasingly focused on cybersecurity and application security. Case in point: Two recent major regulations – the EU Global Data Protection Regulation (EU GDPR) and NY State Department of Financial Services (NY DFS) Cybersecurity Regulations – are unprecedented in their... READ MORE

Application Security Virtual Summit: Attend a Top AppSec Conference from Your Desk

jzorabedian's picture
By John Zorabedian August 14, 2017  | Intro to AppSec
AppSec Virtual Summit

Veracode is hosting our first application security virtual summit on Tuesday, August 22, and there’s something for everybody — whether you’re a security, developer, or IT ops pro, a practitioner or manager. The summit, which we’re calling “Application Security: What, Why and How,” features a star-studded lineup of the industry’s top experts, and a schedule chock-full of interesting and... READ MORE

What You Need to Know About the Latest Trends in AppSec Regulations

TJarrett's picture
By Tim Jarrett August 8, 2017  | Security News
trends in appsec regulations

As major data breaches continue to expose customers’ sensitive data and cause major monetary and reputation damage to organizations, regulators are taking notice. Two recent major regulations – the EU Global Data Protection Regulation (EU GDPR) and NY State Department of Financial Services (NY DFS) Cybersecurity Regulations – are unprecedented in their scope and depth. Considering the prominence... READ MORE

Securing Web Apps in a DevOps World (Notes From Black Hat 2017)

DevOps at Black Hat

Zane Lackey of Signal Sciences spoke at Black Hat 2017 on a topic near and dear to my heart: Practical Tips for Defending Web Applications in the Age of DevOps. DevOps — and really, any Agile or Agile-like rapid software development approach — is a huge enabler for business. Changes to software are envisioned, implemented, tested, and deployed incredibly fast. Deployments can happen multiple... READ MORE

Security Needs to Shift Left – and Right

sciccone's picture
By Suzanne Ciccone July 25, 2017  | Managing AppSec
Shift security both left and right

The move to Agile and DevSecOps development processes has fostered a lot of attention on the need to shift security testing left in the development cycle. And this is absolutely a pivot in the right direction. Moving security testing into the realm of the developer makes security testing faster, easier, more effective and less expensive. However, it’s important not to lose sight of the fact that... READ MORE

We're Already at Cyberwar (and We're Losing)

jzorabedian's picture
By John Zorabedian July 25, 2017  | Security News
Cyberwar and Election Hacking

Let’s face it – cyberwar is no longer science fiction. Our economies – and our democratic system – are under attack. Security researchers are often reluctant to attribute attacks to particular nation states. But it’s become increasingly clear that Russia attempted to meddle in the 2016 U.S. presidential election, and perhaps other elections in the UK and Europe. Last summer, Russia-backed hackers... READ MORE

Announcing Updates to Veracode Integrations to Microsoft Visual Studio Team Services, Team Foundation Server and Visual Studio

TJarrett's picture
By Tim Jarrett July 24, 2017  | Secure Development
Updates to Veracode integrations

We are pleased to announce updates to the Veracode integrations to Microsoft Visual Studio Team Services (VSTS) and Team Foundation Server (TFS), and to Visual Studio. The VSTS/TFS integration makes static and dynamic security findings available as work items in the VSTS/TFS issue tracker, and automatically updates the related defects when they are fixed or have approved mitigations. The Visual... READ MORE

Podcast: What Our New Survey Reveals About the AppDev/Sec Relationship

sciccone's picture
By Suzanne Ciccone July 21, 2017  | Managing AppSec
AppSec in Review Episode 7

Veracode recently partnered with ESG to conduct a survey of 400 IT, cybersecurity and developer professionals regarding their take on the benefits of AppSec for contemporary software development and deployment. The survey results revealed some positive trends, including the fact that many developers are focusing on security for security’s sake, rather than solely to meet compliance requirements.... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.