Study found less than 25 percent of developers test components for vulnerabilities at every release
Company evaluated based on ability to execute and completeness of vision
Program provides software buyers with a standard for understanding any vendor’s security posture
Study Finds That Less Than 28 Percent of Organizations are Actively Monitoring the Components That Could Lead to Security Breaches
New support for Python Boto3 framework and Scala to ensure static application testing in software development for secure coding practices
Custom Cleansers, Accelerated Results, Greenlight Auto-Scan and Perl language enable Secure DevOps by expanding ability to make automated security testing part of the development process.
Tony Caine to Serve as Executive Vice President and General Manager of International Operations, Leslie Bois as Vice President, Global Channel
New solution enables secure coding to be achieved at the speeds needed for DevOps and high-velocity software development.
Independent research commissioned by CA Veracode highlights improvements made in secure development, as well as areas for future improvements in secure application delivery.
New plug-in allows DevOps teams to rapidly embed security into software development lifecycles.
CA Veracode today released the findings in its annual State of Software Security Report (SoSS). The seventh edition of the report presents metrics drawn from code-level analysis of billions of lines of code across 300,000 assessments performed over the last 18 months.
New Offerings Deepen Coverage for Popular Web and Mobile Languages, While Helping Users of Older Mission-Critical Applications Improve Security
Survey data reveals that although majority of respondents feel as though their software and applications are secure, many lack the proactive, layered security programs necessary to combat today’s vulnerabilities
These announcements are evidence of CA Veracode’s aggressive strategy to transform application security, extending it across the entire software lifecycle to reduce risk, manage compliance and shorten deployment times for secure software applications, while making secure coding practices a more seamless and positive part of the development processes.
Combining driver sentiment with in-depth interviews from organizations such as Fiat-Chrysler, Seat, Scania, Delphi and German industry body ADAC, new research sheds light on key questions, such as: What are the cybersecurity implications of the connected car? Who is responsible for ensuring the applications are secure? Where does product liability lie? What are the issues and approaches for personal data and privacy?
The report reveals how application security is viewed and addressed by healthcare providers across the US. The number one concern of these executives was the exploitation of vulnerabilities in web, mobile and cloud-based applications. Survey respondents cited the potential for loss of life due to compromised networks or medical devices, brand damage due to theft of patient information and regulatory enforcement as their top fears related to such security breaches.
The report shows that four out of five applications written in PHP, Classic ASP and ColdFusion that were assessed by CA Veracode during the period covered by the report failed at least one of the OWASP Top 10, an industry-standard security benchmark. Given the volume of PHP applications developed for the top three content management systems (CMS) - WordPress, Drupal and Joomla, which represent more than 70 percent of all CMSs in use today – these findings raise concern over potential security vulnerabilities in millions of websites.