Evan Wade is a professional freelance writer, author, and editor from Indianapolis. His time as a sales consultant with AT&T, combined with his current work as a tech reporter, give him unique insight into the world of mobile/Web security and the steps needed to properly secure software products. Follow him on Twitter.
- The Gartner Magic Quadrant: Four Traits From Top PerformersDecember 2, 2015 | Managing AppSec
With the application layer becoming a popular attack vector for intruders, and defensive methods to combat it constantly evolving, it's easy to see why application security testing (AST) services play such a large role in digital security. In fact, it has become so prominent that the question shouldn't be whether a company should adopt an AST service to keep its operations and data secure, but… READ MORE
Stay up to date on Application Security
Breaches are bad business. In 2015, this basic tenet of digital security is clear-cut common sense. After all, bad things happen when bad guys steal your property. What's less clear is the quantifiable cost of a data breach, both in terms of the intrusion's economic toll and the underlying factors that play into the loss. This is where the expert insight comes in. "The Business and Economic… READ MORE
- Defending the Application Layer Means Securing All AppsNovember 18, 2015 | Managing AppSec
Security is a game of advancements. All too often, the adversarial relationship between attackers and defenders pushes that game to a breakneck pace. Whichever side is on the leading edge of the technological curve won't have an advantage for long. While this dynamic can spur organizations to be consistently vigilant, at least on the white hat side, it can also lead to the assumption that a… READ MORE
You don't need to be an expert to know that hacks, attacks and other digital security breaches are never a good thing. But one industry's annoyance is another industry's nightmare — and if you've read Veracode's "State of Software Security Report, Volume 6," then you know that most common security vulnerabilities are more frequent in some industries than others. Here's a brief look at the top 10… READ MORE
In some ways, all injection attacks are the same. The hacker puts code in some form of user input field, attempting to trick the machines on the other end into granting information or access they shouldn't. If successful, the hacker then uses these ill-gotten gains to carry out damaging attacks like information theft, browser/session hijacking, site defacement, and so on. But the devil is in the… READ MORE
It's no secret that DevOps was designed to address the drawbacks of traditional "waterfall" and "scrum-but" development practices over the years. And while new ways to build software are about as common as unique startup business models these days, it's clear the methodology is at least successful at addressing some long-standing issues. If your goal is to improve interdepartmental communication… READ MORE
- LastPass Hack Shows Breaches Aren't Always a Bad Thing
Call it reverse schadenfreude, or maybe digital empathy, but when a tested, hardened and demonstrably security-conscious company suffers a hit, everyone feels a little bit of shame. If you were affected by the LastPass hack, however, you might be feeling other emotions after the company's recent intrusion. Namely, the fear that comes when you realize not one, but all of your passwords — at least… READ MORE
- The Scalability Challenge, Part Five: Scaling With Open Source
Depending on where you work and what you do within the tech sector, addressing the security of your third-party software can dominate much of your time. That's especially true if your company is particularly security-conscious or spends a significant amount of its own resources utilizing custom-built code and premade parts from vendors. And that's just the proprietary stuff — throw in firms'… READ MORE
- Veracode and Mayo Clinic CISOs on Navigating the Ever-Changing Role of the Chief Information Security Officer
As technology changes, so do the roles that create and support it. Case in point: the role of the chief information security officer, which has seen so much change that it's almost unrecognizable compared to the duties it served to fill even two years ago. That, in turn, has sparked a serious amount of discussion — one that goes all the way to the heaviest hitters the tech security community has… READ MORE
- The Scalability Challenge, Part Four: Security Regulations, Scaling and AutomationSeptember 2, 2015 | Managing AppSec
If you've read the existing pieces in Veracode's "Addressing the Scalability Challenge" series (a collection of blog posts spurred by a whitepaper of the same title), then you know that scaling your security efforts can be a challenge. The threatscape businesses face is larger than ever, and it only grows (read: scales) as organizations find new and exciting ways to implement technology into… READ MORE
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.