Anne Nielsen

Senior Product Manager for Veracode’s application security platform including reporting, analytics and API feature sets as well are Veracode’s technology evolution from a monolithic architecture into MicroServices. Anne partners with Veracode customer’s to manage application security risk through new product features and functionality while enabling Veracode’s best in class scanning technologies.
Posts by Anne Nielsen

Should You Be Measuring Flaw Rate?

August 27, 2019

Metrics — or perhaps more accurately, the right metrics — are crucial for understanding what’s really happening in your AppSec program. They serve a dual purpose: They demonstrate your organization’s current state, and also show what progress it’s making in achieving its objectives.  We typically recommend our customers measure their compliance against their own internal AppSec policy, plus... READ MORE

Detailing Veracode’s HMAC API Authentication

August 7, 2019  | Customer News

Veracode’s RESTful APIs use Hash-based Message Authentication Code (HMAC) for authentication, which provides a significant security advantage over basic authentication methods that pass the username and password with every request. Passing credentials in the clear is not a recommended practice from a security perspective; encryption is definitely preferred for obvious reasons, but HMAC goes a... READ MORE

Women in Business: Take the Risk!

November 17, 2017

women in business

We recently hosted Gloria Larson, the President of Bentley University and one of Boston Magazine's “50 Most Powerful People,” at Veracode to talk about diversity with a specific focus on women in business. Our General Manager Sam King and Gloria had a discussion about: President Larson’s career and experience, culminating in her current leadership role The data on diversity in business The role... READ MORE

Women in Technology: Don’t Worry, It’s Worse Than You Think

April 14, 2017  | Security News

Veracode recently hosted a movie night to watch CODE: Debugging the Gender Gap, followed by a group discussion. Two things struck me at this event: Gender diversity in technology is getting worse, not better. This problem won’t fix itself. In our group discussion after the movie – lead by Rosa Carson from Wayfair Labs – we dove into the question of “why is this getting worse?” It’s awful lonely... READ MORE

Introducing Automated AppSec Consultation Scheduling

January 27, 2017  | Managing AppSec

automated-readout-call-scheduling

Simplifying the process of getting Veracode’s help fixing security findings Veracode provides security experts on-demand to help developers make sense of the findings resulting from a security analysis – SAST, DAST, etc. These experts give developers context on Veracode’s scan results and provide advice on appropriate actions that would resolve the findings, either through a... READ MORE

How to Earn a Reputation as a Unicorn

June 7, 2016  | Intro to AppSec

You have a great idea for a new product – what could possibly go wrong? One of my favorite games in business[1] is to have a pre-mortem wherein you imagine that you are a year older and wiser and whatever it is you are working on right now fails miserably. I mean, spectacularly – we are talking pets.com-style. This game plays into my hyperbolic nature, but also is useful in... READ MORE

You Lose

April 18, 2016  | Intro to AppSec

How the heck did that happen? They just took your business. Do you know what sucks? Losing a HUGE sales opportunity that was custom made for your company. Literally custom-made: you worked with the executive sponsor and wrote the RFP for her. You spent hours in that window-less room and on the phone with your prospect making sure you had all your differentiators captured so that no competitor... READ MORE

Google’s Vendor Security Assessment | Veracode

March 10, 2016  | Managing AppSec

Software supply chain security has arrived with Google’s Vendor Security Assessment Questionnaire (VSAQ)! Or has it? The web-based application released under an open-source license on GitHub contains the actual questionnaire Google uses to review its own software vendors' security practices before making a purchase. I know what you’re thinking: “if it’s good... READ MORE

That “Oh Crap” Moment of Product Management

March 9, 2016  | Secure Development

How to avoid putting your customer’s data at risk... Nothing stinks worse for a product manager than hearing there is a security issue in the amazing feature you just released. Yes, that one you created specifically for your very important client. Telling your previously elated buyer that the new do-dad you created specifically for them – based on their unsolicited, but completely... READ MORE

SAFECode Comes Up Short

November 23, 2015  | Security News

safecode-principles-software-assurance-assessment.JPG SAFECode has released their Principles for Software Assurance Assessment - a buyer’s guide for businesses that purchase and use software for how they should think about the security of those products. While Veracode contributed to the paper, we feel the focus is on a level of maturity that is aspirational at best for the... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.