Enabling our customers to create software quickly and securely has always been our mission, and it remains so today. While the safety and health of our employees is a top priority right now, so is the health of our customers’ software, especially considering some of the industries they support. We…

A great AppSec program requires more than just scanning. It takes seamless processes and services designed to help developers fix flaws and write more secure code. The following is a list of the characteristics that we have found among our customers with world-class AppSec programs. Consider…

You wouldn’t be very effective if you didn’t prioritize your to-do list. Treating “prep for board meeting tomorrow” and “organize in-box” with the same level of urgency would slow you down at best, seriously impact your job performance at worst. Similarly, neglecting to prioritize your application…

I’ve worked in program management at Veracode for the past six years, and during that time, I have seen a lot of different approaches to deploying AppSec policies. Typically, the security team (CISO/CIO led) deploys an AppSec policy that applies to developers and engineers. However, with the rapid…

I have spent the entirety of my career in the area of services management and delivery, specifically around compliance, risk and security. I have had the good fortune of seeing over 1,300 program deployments across all size companies spanning every industry. Today, I am the Director of Program…