Ian Broderick

Posts by Ian Broderick

Mobile Security Experts on BYOD

August 1, 2012

Veracode Marketing recently polled a list of mobile security experts, asking them “What can employees do to minimize risk when bringing their own devices to work?” We’re pleased to present the responses from a wide array of security experts including David Schwartzberg from Sophos, Kevin Flynn from Fortinet and Veracode's own, Chris Wysopal. While all our experts have their unique perspectives,... READ MORE

Buffer Overflow - The Many Flavors of AppSec

July 12, 2012

The end of the week is nearing again which means it's time for the final drink in our series "The Many Flavors of AppSec". So far you have seen the Anonymous, AppSec in the Cloud, SQL Injection and The Veracoder cocktails. This week we present the Buffer Overflow. Warning: Like a Buffer Overflow this drink may cause memory corruption and possible system crashes in large amounts! That's the final... READ MORE

Implementing an Application Security Program in the Energy Industry

July 11, 2012

At Veracode, we help companies from various industries to secure their applications. This post is the first in a series where we share the knowledge gained from working across a diverse set of industries. We recently worked with a Fortune 500 energy company that was facing a number of challenges in implementing an application security program. Key challenges encountered were: How to scale... READ MORE

What is Cross-Site Scripting?

July 9, 2012

This is the first part of a series of talks given by Veracode co-founder and VP of Research Chris Eng. In this video Chris explains what Cross-Site Scripting is and how it enables an attacker to inject client-side script into web pages viewed by other users. The video can be viewed below. We have also transcribed the talk for your convenience. Cross-Site Scripting (XSS) is a vulnerability that... READ MORE

The Veracoder - The Many Flavors of AppSec

July 5, 2012

I hope everyone had a great 4th of July! This Thursday we continue our series "The Many Flavors of AppSec" with recipe number 4. So far you have seen the Anonymous, AppSec in the Cloud and SQL Injection cocktails. This week we present the Veracoder. Just like it did for me at my cook-out yesterday, this delicious drink will leave you in a great mood! That's recipe #4 of the series. Next week we... READ MORE

Why You Need to Protect Your Application Layer

July 2, 2012

Check out this video of Veracode's EVP of Corporate Development Sam King talking about the need for application security and testing. In the video, Sam notes that while organizations are spending a lot of money on security, the majority of these efforts and resources are directed at the network layer and the end-points. Sam outlines why this is not working and why organizations need to focus on... READ MORE

Is the Flame Virus losing its heat?

June 28, 2012

document.write(unescape("%3Ca href='mailto:?subject=" + document.title + "&body=" + document.URL + "' style='width: 22px;'%3E%3C/a%3E")); document.write(unescape("%3Ca href='https://twitter.com/share?url=" + document.URL + "' target='_blank' style='width: 22px;'%3E%3C/a%3E")); document.write(unescape("%3Ca href=http://www.linkedin.com/shareArticle?mini=true&url=" + document.URL + "... READ MORE

Insecure Cryptographic Storage Explained

June 26, 2012

We recently recorded Veracode Security Researcher Chris Lytle discussing Insecure Cryptographic Storage. Insecure Cryptographic Storage is a common vulnerability that occurs when sensitive data is not stored securely. Protecting sensitive data by encrypting it should be a key step in a Secure Software Development Lifecycle. In this video Chris describes what Insecure Cryptography is and explains... READ MORE

Broken Logic - Avoiding the Test Site Fallacy

June 25, 2012

document.write(unescape("%3Ca href='mailto:?subject=" + document.title + "&body=" + document.URL + "' style='width: 22px;'%3E%3C/a%3E")); document.write(unescape("%3Ca href='https://twitter.com/share?url=" + document.URL + "' target='_blank' style='width: 22px;'%3E%3C/a%3E")); document.write(unescape("%3Ca href=http://www.linkedin.com/shareArticle?mini=true&url=" + document.URL + "... READ MORE

AppSec in the Cloud - The Many Flavors of AppSec

June 21, 2012

document.write(unescape("%3Ca href='mailto:?subject=" + document.title + "&body=" + document.URL + "' style='width: 22px;'%3E%3C/a%3E")); document.write(unescape("%3Ca href='https://twitter.com/share?url=" + document.URL + "' target='_blank' style='width: 22px;'%3E%3C/a%3E")); document.write(unescape("%3Ca href=http://www.linkedin.com/shareArticle?mini=true&url=" + document.URL + "... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 


 

 

contact menu