Senior Product Manager for Veracode’s application security platform including reporting, analytics and API feature sets as well are Veracode’s technology evolution from a monolithic architecture into MicroServices. Anne partners with Veracode customer’s to manage application security risk through new product features and functionality while enabling Veracode’s best in class scanning technologies.
- Using Median Time to Resolve Efficiently
Customers that have embraced DevOps often ask me for the best metrics to measure their program. I always advocate focusing on policy compliance as the number one metric for understanding your risk, as this provides a succinct measurement of the security of your applications. However, if you are looking to measure and motivate development teams, policy compliance doesn’t give you the granularity… READ MORE
Stay up to date on Application Security
- Should You Be Measuring Flaw Rate?
Metrics — or perhaps more accurately, the right metrics — are crucial for understanding what’s really happening in your AppSec program. They serve a dual purpose: They demonstrate your organization’s current state, and also show what progress it’s making in achieving its objectives. We typically recommend our customers measure their compliance against their own internal AppSec policy, plus scan… READ MORE
Veracode’s RESTful APIs use Hash-based Message Authentication Code (HMAC) for authentication, which provides a significant security advantage over basic authentication methods that pass the username and password with every request. Passing credentials in the clear is not a recommended practice from a security perspective; encryption is definitely preferred for obvious reasons, but HMAC goes a… READ MORE
- Women in Business: Take the Risk!
We recently hosted Gloria Larson, the President of Bentley University and one of Boston Magazine's “50 Most Powerful People,” at Veracode to talk about diversity with a specific focus on women in business. Our General Manager Sam King and Gloria had a discussion about: President Larson’s career and experience, culminating in her current leadership role The data on diversity in business The role… READ MORE
- Women in Technology: Don’t Worry, It’s Worse Than You ThinkApril 14, 2017 | Security News
Veracode recently hosted a movie night to watch CODE: Debugging the Gender Gap, followed by a group discussion. Two things struck me at this event: Gender diversity in technology is getting worse, not better. This problem won’t fix itself. In our group discussion after the movie – lead by Rosa Carson from Wayfair Labs – we dove into the question of “why is this getting worse?” It’s awful lonely… READ MORE
- Introducing Automated AppSec Consultation SchedulingJanuary 27, 2017 | Managing AppSec
Simplifying the process of getting Veracode’s help fixing security findings Veracode provides security experts on-demand to help developers make sense of the findings resulting from a security analysis – SAST, DAST, etc. These experts give developers context on Veracode’s scan results and provide advice on appropriate actions that would resolve the findings, either through a change to the code or… READ MORE
Software supply chain security has arrived with Google’s Vendor Security Assessment Questionnaire (VSAQ)! Or has it? The web-based application released under an open-source license on GitHub contains the actual questionnaire Google uses to review its own software vendors' security practices before making a purchase. I know what you’re thinking: “if it’s good enough for Google, it’s good enough… READ MORE
- Veracode Directly Delivers Recommended Controls Called for by the Financial Services IndustryDecember 11, 2013 | Security News
A group of leading banks, insurance, and mortgage companies including Aetna, Goldman Sachs, JP Morgan Chase, Citi, (among others) recently crafted recommended controls for addressing third party software security in the paper, “Appropriate Software Security Control Types for Third Party Service and Product Providers.” This paper acknowledges that conventional third party controls are no longer… READ MORE
- WEBINAR: The Silent Assassins in Your Cyber Security Strategy
On today’s webinar, “Web & Mobile Applications: The Silent Assassins in your Cyber Security Strategy”, we will discuss the evolution of the application security perimeter with Erik Peterson, Veracode’s Director of Product Strategy. Erik will highlight how mobile devices and web applications are impacting security teams and present guidelines for addressing the changes to our security… READ MORE
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.