How a Single Phone Call Can Compromise Your Company

ckirsch's picture
By Chris Kirsch September 13, 2017
Social Engineering CTF at DEF CON

I’d read about social engineering for a few years before I first stepped into the Social Engineering Village at DEF CON 20. But I didn’t grasp the power of this type of attack until I watched a live call during which employees of major companies simply offered up all the information needed to breach their systems – no technology required. I was hooked. In case you’re not familiar with social... READ MORE

Confessions of an Insecure Coder

lmercer's picture
By Laurie Mercer September 11, 2017  | Managing AppSec
How SQL injection happens

My name is Laurie Mercer, and I have introduced a security vulnerability into software. The year was 2004. As I travelled to work, Franz Ferdinand and The Killers blared on my cool new iPod. I was a developer, my first proper job after graduating with a degree in computer science and moving to the big city. Responsible for implementing functional changes, I would code new forms and business logic... READ MORE

Podcast: Implications of the EU GDPR

sciccone's picture
By Suzanne Ciccone September 4, 2017  | Managing AppSec
EU GDPR Podcast

The EU Global Data Protection Regulations (GDPR) go into effect in May 2018, and will introduce stark new data security requirements for any organization in the EU, or doing business in the EU. The requirements in this regulation surrounding data retention and personal information are unprecedented, and so are the fines for non-compliance. How will this play out in a world where information is a... READ MORE

Jenkins World 2017: DevSecOps, It’s Not You, It’s Not Me, It’s We

jcoletta's picture
By Joe Coletta August 24, 2017  | Security News

At Jenkins World on Aug. 31, Veracode’s Pete Chestna (@PeteChestna) will join fellow industry experts, including DevOps.com’s Alan Shimel and Forrester’s Robert Stroud, to address the hurdles organizations face as they try to create a DevSecOps culture. DevSecOps adoption is on the rise – and there’s no doubt that the practice can cause some friction and hinder the development process. Recent... READ MORE

Top 4 Ways Veracode Integrations Make Security's Job Easier

cwysopal's picture
By Chris Wysopal August 23, 2017  | Managing AppSec
Veracode integrations make security's job easier

The Veracode Application Security Platform integrates seamlessly with the development, security and risk-tracking tools you already use. And, our flexible API allows you to create your own custom integrations or use community integrations, built by the open source community and other technology partners. But what do these integrations mean for a security professional charged with AppSec? How do... READ MORE

Don't Be AppSec 'Helicopter Parents'

sciccone's picture
By Suzanne Ciccone August 17, 2017  | Managing AppSec
Security's role shifts in a DevSecOps world

Roles shifting can be disconcerting. Having a clear role and understanding your responsibilities and tasks is comforting. But getting too comfortable can be dangerous. Take parenting for example. Parents wouldn’t be doing their kids any favors by continuing to feed and dress them as if they were 4 when they’re 10. As children age, they start to do these basic tasks on their own, and the parent... READ MORE

Veracode Survey Research Identifies Cybersecurity Skills Gap Causes and Cures

jzorabedian's picture
By John Zorabedian August 17, 2017  | Security News
DevSecOps Global Skills Survey

The shortage of cybersecurity professionals is on pace to reach 1.5 million empty positions globally by 2020, according to Frost & Sullivan. Yet, as the digital economy relies on rapid innovation in software, the growing demand for developers with security skills is also dangerously outpacing supply. Now, a survey of development and IT professionals, conducted by Veracode and DevOps.com, has... READ MORE

Big Win! Veracode Sweeps Web Application Security Category in CRN’s 2017 Annual Report Card

lbois's picture
By Leslie Bois August 16, 2017  | Security News

I am thrilled to announce that Veracode has swept the Web Application Security category of CRN®‘s 2017 Annual Report Card (ARC) awards program. Veracode was selected as the highest rated web application security vendor by solution providers in a satisfaction survey which evaluated vendors based on product innovation, support and partnership.       This year marks the 32nd... READ MORE

Best Practices for Complying with Emerging Application Security Regulations

TJarrett's picture
By Tim Jarrett August 14, 2017  | Managing AppSec
best practices for managing appsec regulations

In a previous blog post, we discussed how the proliferation of data breaches has caught the attention of regulators, which are increasingly focused on cybersecurity and application security. Case in point: Two recent major regulations – the EU Global Data Protection Regulation (EU GDPR) and NY State Department of Financial Services (NY DFS) Cybersecurity Regulations – are unprecedented in their... READ MORE

Application Security Virtual Summit: Attend a Top AppSec Conference from Your Desk

jzorabedian's picture
By John Zorabedian August 14, 2017  | Intro to AppSec
AppSec Virtual Summit

Veracode is hosting our first application security virtual summit on Tuesday, August 22, and there’s something for everybody — whether you’re a security, developer, or IT ops pro, a practitioner or manager. The summit, which we’re calling “Application Security: What, Why and How,” features a star-studded lineup of the industry’s top experts, and a schedule chock-full of interesting and... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu