Podcasts

Detecting "Certified Pre-owned" Software and Devices

Preview Podcast for the RSAConference: Chris Wysopal, CTO Veracode - Hackers and Threats Track

Abstract: When was the last time you scanned a digital picture frame for malicious code? Today legitimate software and devices are coming "certified pre-owned”, but AV companies are not able to keep up with blacklisting efforts. This session will outline how to inspect statically for rootkit behavior, anti-debugging code, time bombs, backdoor credentials, data exfiltration, and mobile malicious behavior.

Watch this Video Podcast

Application Outsourcing Podcast

Outsourcing software development is a routing practice, but how do you know your externally developed code is not rife with malicious code or backdoors? Matt Moynahan, CEO of Veracode, discusses his company's system for examining code (even when its already made into a binary) with Network World's Jason Meserve.

Listen to this Audio Podcast

InfoSec Europe Conference

Matt Moynahan, CEO of Veracode, discusses the state of application security at the InfoSec Europe Conference.

Watch this Video Podcast

PCI Primer - Introduction to PCI Compliance

Mike Puglia, Director of Product Marketing at Veracode, provides an overview of PCI compliance for merchants and service providers.

Listen to this Audio Podcast

Veracode Announces Technology and Service Breakthroughs

Veracode CEO Matthew Moynahan speaks about Veracode's breakthrough technology and service.

Watch this Video Podcast

Veracode Talks Security with InfoWorld

CTO Chris Wysopal discusses Veracode’s on-demand software security testing solutions with InfoWorld.

Watch this Video Podcast

Automated Vulnerability Assessment

Veracode CEO Matt Moynahan discusses automated application vulnerability testing.

Listen to this Audio Podcast

How Vulnerabilities Get Into All Software

CTO Chris Wysopal discusses how vulnerabilities get into software with SearchSecurity.

Download this Audio Podcast

Software Security Testing: Strengthening Your Defense Strategy

Chris Wysopal, CTO of Veracode, discusses strengthening your defenses against application vulnerabilities with On Security.

Download this Video Podcast

Software Security Testing: Demanding Software Security

Veracode CTO Chris Wysopal, discusses his book, The Art of Software Security Testing with On Security.

Download this Video Podcast

Software Security Testing: Future of Software Flaws

Chris Wysopal, CTO of Veracode, discusses the current state and future of software flaws with On Security.

Download this Video Podcast

Veracode Shines Spotlight on Application Backdoors Threat

Veracode CTO Chris Wysopal discusses the increasing threat of application backdoors and how to detect them.

Listen to this Audio Podcast

Security Media Group: Interview with Veracode Founders

Security Media Group speaks with Veracode founders on their background and experiences at L0pht, @stake and Symantec.

Listen to this Audio Podcast

Security Bites Podcast: When Web Apps Attack

CNET's Robert Vamosi talks with Chris Wysopal of Vedacode on finding software flaws.

Listen to this Audio Podcast

Site Map | Responsible Disclosure Policy | Privacy Policy | Contact Us

Veracode offers the first on-demand, application security solution that provides automated application security testing through an easy-to-use, software-as-a-service delivery model. By providing code analysis and web application security testing as a service, organizations have no software or hardware to purchase, install, maintain or upgrade.

With Veracode, enterprises can use application security assessment to achieve code security and implement testing into their secure software development life cycle at key development milestones. For enterprises that want to improve SDLC security without sacrificing profitability or competitiveness, Veracode offers SecurityReview®. SecurityReview combines static, dynamic, and manual testing capabilities and scans code after it has been compiled—at the binary level or "byte" code level rather than the source level, as other solutions do. This offers two distinct advantages: One, binary code analysis is more efficient, so vulnerabilities can be found more quickly and with fewer false positives. And two, binary code analysis is the most complete application security testing method because all code can be scanned regardless of origin.

Information on other topics related to application security assurance, dynamic application security testing, XSS, SQL Injection, IT risk management, static code analysis, and offshore development are also available on this site and on the Veracode Blog.