Best Practices for Complying with Emerging Application Security Regulations

TJarrett's picture
By Tim Jarrett August 14, 2017  | Managing AppSec
best practices for managing appsec regulations

In a previous blog post, we discussed how the proliferation of data breaches has caught the attention of regulators, which are increasingly focused on cybersecurity and application security. Case in point: Two recent major regulations – the EU Global Data Protection Regulation (EU GDPR) and NY State Department of Financial Services (NY DFS) Cybersecurity Regulations – are unprecedented in their... READ MORE

Application Security Virtual Summit: Attend a Top AppSec Conference from Your Desk

jzorabedian's picture
By John Zorabedian August 14, 2017  | Intro to AppSec
AppSec Virtual Summit

Veracode is hosting our first application security virtual summit on Tuesday, August 22, and there’s something for everybody — whether you’re a security, developer, or IT ops pro, a practitioner or manager. The summit, which we’re calling “Application Security: What, Why and How,” features a star-studded lineup of the industry’s top experts, and a schedule chock-full of interesting and... READ MORE

What You Need to Know About the Latest Trends in AppSec Regulations

TJarrett's picture
By Tim Jarrett August 8, 2017  | Security News
trends in appsec regulations

As major data breaches continue to expose customers’ sensitive data and cause major monetary and reputation damage to organizations, regulators are taking notice. Two recent major regulations – the EU Global Data Protection Regulation (EU GDPR) and NY State Department of Financial Services (NY DFS) Cybersecurity Regulations – are unprecedented in their scope and depth. Considering the prominence... READ MORE

What Do Microservices Mean for AppSec?

bpitta's picture
By Brian Pitta August 7, 2017  | Managing AppSec
microservices are like tapas vs. a traditional meal -- how this shift will affect AppSec

I am not a fan of tapas. I’ll take the 22-oz. bone-in ribeye over small plates any day. My wife is the opposite; she loves them. With more tapas bars opening and existing restaurants adopting a “small plate” menu, I find myself losing the battle of steakhouse vs. tapas quite often. After several meals (if that’s what you call them), I will admit I’ve started to see some of the appeal: pick what... READ MORE

5 Ways Veracode Helps You Fix Software Flaws

jjastrzebski's picture
By Jim Jastrzebski August 2, 2017  | Customer News
How Veracode helps you work around software flaws.

As important as application security testing is, it's really just the first step in a continuous process to identify and fix flaws. And, depending on your application, you may have hundreds of flaws which require remediation. Some of the most common questions I hear when consulting with customers, particularly new customers, are, “how can I make sure I’m remediating the flaws I find,” followed by... READ MORE

Securing Web Apps in a DevOps World (Notes From Black Hat 2017)

DevOps at Black Hat

Zane Lackey of Signal Sciences spoke at Black Hat 2017 on a topic near and dear to my heart: Practical Tips for Defending Web Applications in the Age of DevOps. DevOps — and really, any Agile or Agile-like rapid software development approach — is a huge enabler for business. Changes to software are envisioned, implemented, tested, and deployed incredibly fast. Deployments can happen multiple... READ MORE

Security Needs to Shift Left – and Right

sciccone's picture
By Suzanne Ciccone July 25, 2017  | Managing AppSec
Shift security both left and right

The move to Agile and DevSecOps development processes has fostered a lot of attention on the need to shift security testing left in the development cycle. And this is absolutely a pivot in the right direction. Moving security testing into the realm of the developer makes security testing faster, easier, more effective and less expensive. However, it’s important not to lose sight of the fact that... READ MORE

We're Already at Cyberwar (and We're Losing)

jzorabedian's picture
By John Zorabedian July 25, 2017  | Security News
Cyberwar and Election Hacking

Let’s face it – cyberwar is no longer science fiction. Our economies – and our democratic system – are under attack. Security researchers are often reluctant to attribute attacks to particular nation states. But it’s become increasingly clear that Russia attempted to meddle in the 2016 U.S. presidential election, and perhaps other elections in the UK and Europe. Last summer, Russia-backed hackers... READ MORE

Announcing Updates to Veracode Integrations to Microsoft Visual Studio Team Services, Team Foundation Server and Visual Studio

TJarrett's picture
By Tim Jarrett July 24, 2017  | Secure Development
Updates to Veracode integrations

We are pleased to announce updates to the Veracode integrations to Microsoft Visual Studio Team Services (VSTS) and Team Foundation Server (TFS), and to Visual Studio. The VSTS/TFS integration makes static and dynamic security findings available as work items in the VSTS/TFS issue tracker, and automatically updates the related defects when they are fixed or have approved mitigations. The Visual... READ MORE

Podcast: What Our New Survey Reveals About the AppDev/Sec Relationship

sciccone's picture
By Suzanne Ciccone July 21, 2017  | Managing AppSec
AppSec in Review Episode 7

Veracode recently partnered with ESG to conduct a survey of 400 IT, cybersecurity and developer professionals regarding their take on the benefits of AppSec for contemporary software development and deployment. The survey results revealed some positive trends, including the fact that many developers are focusing on security for security’s sake, rather than solely to meet compliance requirements.... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu