Podcast: How the Role of Technologists has Evolved with the Rise of the Digital Economy

jlavery's picture
By Jessica Lavery April 9, 2017  | Security News

The rise of the digital economy has created professional opportunities for those entering technology careers, but is has also changed the core responsibilities of technologists. Our dependence on software to fuel the digital economy and as a result business objectives means it is no longer enough for CTOs and CISOS to be focused on technology and security; they must also speak the language of... READ MORE

Give Developers Training That Actually Helps

Developer training that helps.

Do you have a security education program for your developers? I hope so. Although developers are certainly capable of writing quality, secure code, most were never trained in security. They just don't know what they don't know. When I was actively developing enterprise software, I would visit the bookstore to purchase books on the technologies that I was using. These books were hundreds... READ MORE

Streamlining Scan Results: Introducing Veracode Custom Cleansers

jjanego's picture
By Jon Janego April 6, 2017  | Customer News
Veracode Custom Cleansers speed scan results.

Developers face increased pressure to ship code rapidly, and are responding by adopting rapid development methodologies like CI/CD. In turn, application security needs to align with development processes and support this move toward more rapid development cycles. But this support is not solely about speed, it’s also about (1) understanding how developers use scanning results and (2)... READ MORE

Leading the Transformation of Secure Software Development for our Application Economy

cwysopal's picture
By Chris Wysopal April 5, 2017  | Secure Development
Transforming the application economy.

When Christien Rioux and I started Veracode more than ten years ago, we did so with the mission of securing the world’s software. We believe all software should undergo some level of security testing. Throughout our history that mission remained constant despite the rapid evolution of how software was built, bought and deployed. You see, though the world was changing, it changed in such a... READ MORE

Get Security Results Earlier in the Development Process: Introducing Veracode Accelerated Results

jjanego's picture
By Jon Janego April 5, 2017  | Customer News
Veracode's new Accelerated Results feature

Software is increasingly becoming key to every enterprise’s innovation, competitive advantage, and bottom line. At the same time, it’s also increasingly becoming cyberattackers’ favorite target. Consequently, in the world of software security testing, slow and late are out. “The earlier the better” doesn’t apply in all circumstances, but it is certainly the... READ MORE

The Princess and the Dragon: A Modern AppSec Fairy Tale

pherzog's picture
By Pete Herzog March 30, 2017  | Secure Development
Vulnerability vs Threat

Do you know the story about the princess who saved her kingdom from a dragon? I'd be surprised if you heard of this particular fairy tale, because I invented it to teach a lesson about secure software development. In this story, a king sacrificed poor children to appease a dragon, which is not a very nice thing for a king to do. But the important part is why he thought this was a good way to... READ MORE

A Veracode Program Manager’s Perspective: Best Practices for Scaling an AppSec Program

gjames's picture
By Griff James March 30, 2017  | Customer News
Scaling an AppSec program

“Amateurs talk tactics, professionals study logistics.” -- General Robert Barrow, Commandant of the USMC In military circles, “cyber” is spoken of in the same terms as the traditional spheres of conflict, namely land, air and sea. To that end, General Barrow’s quote is particularly apt. Unlike the other realms of conflict where armies, navies and air forces protect... READ MORE

Cryptographically Secure Pseudo-Random Number Generator (CSPRNG)

msheth's picture
By Mansi Sheth March 29, 2017  | Research
Cryptographically Secure Pseudo-Random Number Generator (CSPRNG)

Skip to the tl;dr This is the second entry in a blog series on using Java cryptography securely. The first entry provided an overview and covered some architectural details, using stronger algorithms and some debugging tips . This entry covers Cryptographically Secure Pseudo-Random Number Generators. This blog series should serve as a one-stop resource for anyone who needs to implement... READ MORE

4 Features of Veracode Greenlight Developers Are Guaranteed to Love

jworthington's picture
By Janet Worthington March 28, 2017  | Customer News
4 features developers will love about Veracode Greenlight

Leveraging our proven, SaaS-based static engine, Veracode Greenlight finds security defects in your code and provides contextual remediation advice to help you fix issues in seconds, right in your IDE. This powerful solution will “greenlight” your code and make your job easier. Here’s how: 1. Get Security Feedback in Seconds DevOps speed and security roadblocks don’t mix.... READ MORE

Veracode Visual Studio Extension, Now in the Visual Studio Marketplace

TJarrett's picture
By Tim Jarrett March 28, 2017  | Customer News
Integrating AppSec into the SDLC

Application security cannot be solved with a tool alone. There are significant organizational challenges, like gaining buy-in from various areas of your organization, helping developers to fix security flaws and making sure that security becomes part of the testing process. It’s truly a cultural shift. As such, adoption of application security will only be successful if you eliminate as much... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu