News

Our latest business and technology news

View: All | Press Releases | In the News | Events

In the News Jan 24 2018 DevOps.com

How Developers Can Take a More Proactive Approach to Security

Developers tend to get thrown under the bus when it comes to application security, but recent data shows that developers do, in fact, care about security. Take mitigation for example. Developers don’t try to rig the system by rejecting findings as false positives or as mitigated by design. Developers documented mitigations for just 14.4 percent of all flaws found by CA Veracode’s platform in the past year.

In the News Jan 24 2018 TechBeacon

5 trends app sec teams should watch in 2018

Much has changed in software security over the last year. Nation state-directed attacks demonstrated the significant danger posed by software vulnerabilities and raised the pressure on developers to secure their software. Attackers used exploits leaked from the National Security Agency (NSA), for example, to spread ransomware, including the costly WannaCry and NotPetya attacks.

In the News Jan 23 2018 DevOps.com

CA Technologies Survey Uncovers DevSecOps Challenges

Chris Wysopal, CTO for the CA Veracode portfolio of security testing tools CA Technologies acquired last year, said the survey results make it clear many organizations are still wrestling with the concept of DevSecOps. Many of them may be far along the path to building a culture around DevOps, but more often than not, security teams haven’t been included in those processes, says Wysopal.

In the News Jan 22 2018 Information Security Buzz

2.9 Million Norwegians Healthcare Data Allegedly Breached

It’s being reported that a hacker or hacker group might have stolen healthcare data for more than half of Norway’s population, according to reports in local press. The attack took place on January 8 and came to light this week when Health South-East RHF, a healthcare organization that manages hospitals in Norway’s southeast region, announced a security breach on its website.

In the News Jan 22 2018 Information Security Buzz

Schneider Electric Says Software Bug Exploited In Watershed Hack

It has been reported by that Schneider Electric SE has disclosed that hackers exploited a flaw in its software in a watershed hack discovered last month that halted plant operations at an industrial facility.

In the News Jan 22 2018 Tech Native

Women in Cybersecurity: Why Closing the Gender Gap is Critical

When discussing the lack of women in technology fields, the conversation generally starts around basic questions: What is it about tech fields that discourages women from participating, and what can people in the field do to attain a better balance?

In the News Jan 19 2018 SC media

Trisis nation-state authored malware leaked onto internet

Schneider Electric accidentally puts malware online that could shut down power plants. Nation state authored malware has been mistakenly put online that could enable hackers to compromise safety systems at power plants.

In the News Jan 09 2018 Huffington Post UK

Why The Government Wants You To Update Your Software

It’s amazing when you watch a lightbulb moment happen – especially when you’ve spent a great deal of your professional live devoted to it. Read more from CA Veracode's Chris Wysopal (@WeldPond).

In the News Jan 08 2018 SC Media

Security issue found in AMD's Platform Security Processor

Security researchers have discovered a flaw in the AMD PSP (Platform Security Processor), which could enable hackers to execute code in a security module that stores data such as passwords, certificates, and encryption keys.

In the News Jan 05 2018 Reuters

Businesses cautious in installing patches to fix chip flaw

Chances that a fix to a major microchip security flaw may slow down or crash some computer systems are leading some businesses to hold off installing software patches, fearing the cure may be worse than the original problem.

In the News Jan 05 2018 SC Media

The secure state of security: closing the security skills gap

Developers aren't choosing to ignore security issues - they don't have the skills or resources to create secure code due to a critical deficit in developer security training, especially how to manage vulnerable components effectively.

In the News Jan 04 2018 The Security Ledger

Google details CPU flaws, claims AMD, ARM and Intel all affected

Google has come forward to claim responsibility for discovering a pair of serious security holes in Intel processors that run almost 9 in 10 computers in the world. And worse: the company has echoed a statement by Intel yesterday that the flaws are not specific to that company’s chips.

In the News Jan 03 2018 Dark Reading

Open Source Components, Code Volume Drag Down Web App Security

If there's something of a déjà vu-like quality to vendor and analyst reports summing up the state of Web application security these days its because they all inevitably arrive at the same conclusion: Web apps are becoming more insecure, not less.

In the News Dec 27 2017 Silicon

OWASP 2017: The second

Which web risks are new, which are the same as four years ago? And where the problem lies, explains Julian Totzek-Hallhuber, Solution Architect at application security expert CA Veracode.

In the News Dec 22 2017 CIO

Why you need to worry about the security of open source software in 2018 and beyond

The speed of open source deployment by enterprises everywhere puts software security into question.

In the News Dec 22 2017 DevOps.com

Are Your Web Applications Prepared for the Holidays?

CA Veracode's Joe Pelletier (@joepelletier) shares three best practices to secure your website for the coming retail boom. 

In the News Dec 21 2017 SD Times

2017: Security was not an afterthought

Year after year businesses face challenges when it comes to security, and 2017 was no different. Instead of trying to lecture the industry about the importance of application security testing, organizations tried to find new ways to bring security front and center.

In the News Dec 20 2017 Information Age

EXCLUSIVE: Cyber security predictions from CUJO AI

A recent study by CA Veracode revealed that only 14% of high severity vulnerabilities are fixed in less than 30 days, which drives the conclusion that 86% take longer than 30 days.

In the News Dec 20 2017 Channelnomics

CA Veracode details building channel infrastructure

CA Veracode has made great strides transitioning from a chiefly direct sales model to a partner-led business within the space of 12 months. 

In the News Dec 14 2017 eSecurity Planet

Just 28 Percent of Business Leaders Have Heard of the Equifax Breach

Only 28 percent of business leaders have heard of the Equifax breach, just 31 percent are aware of the 2014 eBay data breach, and just 34 percent have heard of WannaCry ransomware, a recent CA Veracode survey of 1,403 business leaders in the U.S., the U.K. and Germany found.

In the News Dec 13 2017 CSO

3 Big Application Security Trends of 2017

The application security headlines of the year 2017 seemed like more of the same grim news, but some AppSec trends are reasons to be hopeful.

In the News Dec 13 2017 SearchSecurity

Breach awareness low among executives, CA Veracode survey says

According to a new survey from CA Veracode, breach awareness regarding recent major cyber incidents was low among executives, managers and directors, surprising some experts.

In the News Dec 12 2017 Software Testing News

CA Veracode urges businesses to secure software

CA Veracode today released research revealing the large gap between software creation and software security, outpacing the urgency to secure the process. The security company’s report ‘Securing the Digital Economy’ highlights how investment in software and digital transformation is moving fast, with around one in five business leaders indicating that their software budget which supports digital transformation projects has increased by more than 50% over the past three years.

In the News Dec 12 2017 Computer Business Review

1 in 4 UK business leaders lack basic cybersecurity understanding

A shocking revelation of cybersecurity ignorance among UK business leaders has shown that as many as a quarter do not understand common cyberattacks. Ransomware and phishing are among basic attack variants that UK business leaders are in the dark about, proving that even major, global data breaches are not enough to capture the attention of all. Spending has been increasing across the board as organisations pursue digital transformation, but this has not prompted UK business leaders to learn more about the risks involved.

 

 

contact menu