Skip to main content

Hope Goslin

Hope is part of the content team at Veracode, based in Burlington, MA. In this role, she focuses on creating engaging AppSec content for the security community.

Posts by Hope Goslin
  • Focus on Fixing, Not Just Finding, Vulnerabilities

    When investing in an application security (AppSec) program, you expect to see a return on your investment. But in order to recognize a return, your organization needs to determine what success looks like and find a way to measure and prove that the program is meeting your definition of success. For those just starting on their AppSec journey, success might be eliminating OWASP Top 10… READ MORE

Stay up to date on Application Security

  • The Migration From PA-DSS to SSF: Everything You Need to Know

    Technology is constantly changing and advancing. Payment platforms are no exception. As these new platforms emerge, the software supporting the platform must be reliable and secure. Without secure payment platforms, payment transactions and data could be compromised. The PCI Software Security Framework (SSF) sets standards and requirements for both traditional and modern payment software. The… READ MORE

  • AppSec Tools Proliferation Is Driving Investments to Consolidate

    When it comes to application security (AppSec), it’s important to note that no one testing type can uncover every flaw. Each tool is designed with a different area of focus, along with various speeds and costs – so it’s necessary to employ a mix of testing types. A good way to think about AppSec testing types is to compare them to health exams. You wouldn’t have a cholesterol test and assume your… READ MORE

  • Gartner Summit: Balance Risk, Trust, and Opportunity in an Uncertain World

    In light of the current pandemic, most organizations will be working remotely for the foreseeable future. But the increase in virtual operations has led to a higher volume of cyberattacks. Now, more than ever, it’s vital that your organization is armed with the industry’s best application security (AppSec) solutions. But how do you build and secure technology in an uncertain world? It’s a… READ MORE

  • 69% Say Their AppSec Is Effective but Don’t Have Tools to Measure It

    Veracode recently sponsored Enterprise Strategy Group’s (ESG) survey of 378 developers and security professionals, which explored the dynamic between the roles, their trigger points, the extent to which security teams understand modern development, and the buying intentions of application security (AppSec) teams. The first survey question for developers and security professionals was to rate the… READ MORE

  • 10 Elements of the Most Effective Application Security Programs

    Veracode’s Chris Wysopal and Chris Eng recently joined Enterprise Strategy Group (ESG) Senior Analyst Dave Gruber and award-winning security writer and host of the Smashing Security podcast, Graham Cluley, at Black Hat USA to unveil the findings from a new ESG research report, Modern Application Development Security. The research is based on a survey of nearly 400 developers and security… READ MORE

  • New ESG Survey Report: Modern Application Development Security

    As organizations continue to adopt DevSecOps, a methodology that shifts security measures to the beginning of the software development lifecycle (SDLC), roles and processes are evolving. Developers are expected to take on increased security measures – such as application security (AppSec) scans, flaw remediation, and secure coding – and security professionals are expected to take on more of a… READ MORE

  • New Data Reveals How AppSec Is Adapting to New Development Realities

    In today’s fast-paced world, companies are racing to bring new, innovative software to market first. In order to keep up with the speed of innovation, many organizations are shifting toward DevSecOps. DevSecOps brings security to the front of the software development lifecycle (SDLC), allowing for both fast deployments and secure applications. Even though DevSecOps is able to meet the needs of… READ MORE

  • Why is Dynamic Analysis an Important Part of Your AppSec Mix?

    By now, most are familiar with the concept of DevSecOps. With DevSecOps, application security (AppSec) is moved to the beginning of the software development lifecycle (SDLC). By scanning earlier in the SDLC, you are able to find and fix flaws earlier. This can result in significant time and cost savings. Most organizations understand the importance of static analysis, which scans for flaws during… READ MORE

  • The Texas Cybersecurity Act: What You Need to Know

    Texas passed House Bill 8 relating to cybersecurity for state agency information resources. The bill sets mandatory practices for state agencies, institutes continuous monitoring and auditing of network systems, adds protections for student data privacy, and updates the penalties for cybercrimes. As Texas House Speaker, Joe Straus, commented, state agencies are now expected to be “good stewards… READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.