Answers to the Top 10 Customer FAQs

Veracode Customer FAQs

At Veracode, we work hard to support our customers in meeting the goals of your application security program. As a Manager of Customer Success Management (CSM), I work with our CSMs to help hundreds of customers beginning their journey to a mature AppSec program, and many who are just starting out with Veracode. Veracode Services and Support Teams hear a lot of the same questions from numerous... READ MORE

How to Hire and Build Developers Into Full Spectrum Engineers

pchestna's picture
By Pete Chestna May 31, 2017  | Secure Development
Hiring and Training Full Spectrum Engineers

As you look at candidates for your DevOps teams, it’s critical to find developers who exhibit qualities of a full spectrum engineer – generalists who can do it all. You need people who will add velocity and not be dependent on others to complete their work. It’s likely that you will not find someone who has every skill you need, so look to find people with the potential to grow and learn at speed... READ MORE

Security Starts With a Scope: Answer These Questions Before You Code

pherzog's picture
By Pete Herzog May 30, 2017  | Secure Development
Security Starts With Scope

Have you ever walked into a room to get something and the moment you got there you forgot what it was that you wanted? That memory glitch is caused by a refresh in your working memory that happens when you enter a new space or environment. Apparently the evolutionary algorithm at work in humans developed this way to increase your situational awareness and keep prehistoric you from becoming a... READ MORE

Best Practices for the Adoption of Open Source Software

cdomoney's picture
By Colin Domoney May 26, 2017  | Managing AppSec
best practices for open source component use

In a previous blog post, I discussed the differing perspectives security and development teams have about the use of open source components. Taking these perspectives into account, what is the best way to enable the use of open source components in your organization? Forbidding their use entirely is not a viable option and, in fact, would be detrimental to both developers and the organization as... READ MORE

5 Things Developers Need to Thrive as a Full Spectrum Engineer

pchestna's picture
By Pete Chestna May 24, 2017  | Secure Development
How to Be a Full Spectrum Engineer

The rise of DevOps has given rise to a new type of developer, what I call the full spectrum engineer (FSE). In my previous blog post in this series, I looked at the evolution of software development from requiring specialists to developers who can do it all. So what does it take to thrive in a DevOps environment and succeed as a full spectrum engineer? Here are five things you need to do to make... READ MORE

Podcast: Our Take on the WannaCry Ransomware Attack

sciccone's picture
By Suzanne Ciccone May 23, 2017  | Security News
WannaCry Podcast Veracode

On Friday, May 12, an unprecedented cyberattack affected approximately 200,000 computers across 150 countries. By exploiting a vulnerability in Microsoft Windows, a combined worm/ransomware attack called WannaCry shut down hundreds of thousands of computers and demanded payment in order to regain access. In episode 5 of our AppSec in Review podcast, Evan Schuman and Veracode's Brian Fitzgerald... READ MORE

Get Ready for the Full Spectrum Engineer

pchestna's picture
By Pete Chestna May 18, 2017  | Secure Development
Full Spectrum Engineer

I’ve been a software engineer for over 25 years. Over that time, there has been a pendulum in the industry that swings between demand for developers as specialists or generalists. As new architectures, development methodologies, and organizational structures emerge, development teams need specialists. As technologies and methodologies become assimilated, developers need to adapt and incorporate... READ MORE

5 Simple Strategies for Building Security Into Your DevOps Process

DevSecOps Process

Securing any development framework – whether Waterfall, Agile or DevOps – requires changes of culture, process, and technology. But unlike the straightforward flow of Waterfall, where security comes at the end of the process, it's less clear where security fits in Agile and DevOps. As Securosis analyst Adrian Lane points out, Agile development includes "whatever work gets done in a sprint... READ MORE

Why Code Quality and Code Security Remain Two Separate Ideas

The OWASP Top 10 list of the most critical web application security risks is finally being updated for the first time since 2013. A release candidate was published in April 2017, and the most significant takeaway was what was not on the list; namely, anything new. This is the first update in four years, and the list of vulnerabilities has not changed substantially. The same vulnerabilities – some... READ MORE

The Changing Influence of Developers

jlavery's picture
By Jessica Lavery May 16, 2017  | Secure Development

Movies and television shows featuring software developers and ethical hackers would have you believe they are all anti-social shut-ins who care little about business, their careers or the impact their code has on the world. Instead they are focused almost solely on producing code for code’s sake. When they are shown as part of a business, these fictional developers are generally marginalized by... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu