Evan Wade

Evan Wade is a professional freelance writer, author, and editor from Indianapolis. His time as a sales consultant with AT&T, combined with his current work as a tech reporter, give him unique insight into the world of mobile/Web security and the steps needed to properly secure software products. Follow him on Twitter.
Posts by Evan Wade

The Gartner Magic Quadrant: Four Traits From Top Performers

December 2, 2015  | Managing AppSec

With the application layer becoming a popular attack vector for intruders, and defensive methods to combat it constantly evolving, it's easy to see why application security testing (AST) services play such a large role in digital security. In fact, it has become so prominent that the question shouldn't be whether a company should adopt an AST service to keep its operations and data secure... READ MORE

What's the True Cost of a Data Breach?

November 20, 2015  | Managing AppSec

Breaches are bad business. In 2015, this basic tenet of digital security is clear-cut common sense. After all, bad things happen when bad guys steal your property. What's less clear is the quantifiable cost of a data breach, both in terms of the intrusion's economic toll and the underlying factors that play into the loss. This is where the expert insight comes in. "The Business and... READ MORE

Defending the Application Layer Means Securing All Apps

November 18, 2015  | Managing AppSec

Security is a game of advancements. All too often, the adversarial relationship between attackers and defenders pushes that game to a breakneck pace. Whichever side is on the leading edge of the technological curve won't have an advantage for long. While this dynamic can spur organizations to be consistently vigilant, at least on the white hat side, it can also lead to the assumption that a... READ MORE

10 Common Security Vulnerabilities

November 2, 2015  | Intro to AppSec

You don't need to be an expert to know that hacks, attacks and other digital security breaches are never a good thing. But one industry's annoyance is another industry's nightmare — and if you've read Veracode's "State of Software Security Report, Volume 6," then you know that most common security vulnerabilities are more frequent in some industries than others... READ MORE

Vulnerability Profile: LDAP Injection (and How to Protect Against It)

October 13, 2015

In some ways, all injection attacks are the same. The hacker puts code in some form of user input field, attempting to trick the machines on the other end into granting information or access they shouldn't. If successful, the hacker then uses these ill-gotten gains to carry out damaging attacks like information theft, browser/session hijacking, site defacement, and so on. But the devil is in the... READ MORE

It's True: DevOps and Security Can Play Nice

September 25, 2015  | Secure Development

It's no secret that DevOps was designed to address the drawbacks of traditional "waterfall" and "scrum-but" development practices over the years. And while new ways to build software are about as common as unique startup business models these days, it's clear the methodology is at least successful at addressing some long-standing issues. If your goal is to improve... READ MORE

LastPass Hack Shows Breaches Aren't Always a Bad Thing

September 24, 2015

Call it reverse schadenfreude, or maybe digital empathy, but when a tested, hardened and demonstrably security-conscious company suffers a hit, everyone feels a little bit of shame. If you were affected by the LastPass hack, however, you might be feeling other emotions after the company's recent intrusion. Namely, the fear that comes when you realize not one, but all of your passwords... READ MORE

The Scalability Challenge, Part Five: Scaling With Open Source

September 23, 2015

Depending on where you work and what you do within the tech sector, addressing the security of your third-party software can dominate much of your time. That's especially true if your company is particularly security-conscious or spends a significant amount of its own resources utilizing custom-built code and premade parts from vendors. And that's just the proprietary stuff — throw in firms'... READ MORE

Veracode and Mayo Clinic CISOs on Navigating the Ever-Changing Role of the Chief Information Security Officer

September 14, 2015

As technology changes, so do the roles that create and support it. Case in point: the role of the chief information security officer, which has seen so much change that it's almost unrecognizable compared to the duties it served to fill even two years ago. That, in turn, has sparked a serious amount of discussion — one that goes all the way to the heaviest hitters the tech security... READ MORE

The Scalability Challenge, Part Four: Security Regulations, Scaling and Automation

September 2, 2015  | Managing AppSec

If you've read the existing pieces in Veracode's "Addressing the Scalability Challenge" series (a collection of blog posts spurred by a whitepaper of the same title), then you know that scaling your security efforts can be a challenge. The threatscape businesses face is larger than ever, and it only grows (read: scales) as organizations find new and exciting ways to implement... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.