Jasmine Noel

At Veracode, Jasmine’s efforts are focused around market research, content development and sales enablement efforts. Previously, Jasmine was a founding partner of Ptak/Noel, an industry analyst and marketing consulting firm. Prior to that she also served as director of systems and applications management at Hurwitz Group, and senior analyst at D.H. Brown Associates. Jasmine holds a bachelor of science from the Massachusetts Institute of Technology and a master of science from the University of Southern California.
Posts by Jasmine Noel

Make It So! Creating an Effective Security Policy

April 27, 2015

With all the breaches and cyberattacks in the news, your executives are probably asking you: "How can we make our application security policy more effective?" According to a recent Gartner report, "Policy is an important form of communication about risk, and the impact on the reader will be maximized if the text is well-crafted in organizational appropriateness and writing style.... READ MORE

It's 2015 and I'm Still Not At RSA Conference

April 22, 2015

RSA is here again.  This year our crew is decked out in spiffy monster ties, sweater vests and cardigans. rsac-team.png And here I am again, blogging from my cube.  As usual, I’m perusing the RSA site looking for interesting things that my fellow non-attendees can look at.  And before you ask – no I couldn’t watch the live streaming of the RSA... READ MORE

Top 5 CISO Challenges Securing Web and Mobile Applications

January 27, 2015

If you are like most CISOs who are starting or scaling up application security programs, you will run into the challenges listed in this infographic.  When you think about it, all of these challenges are interconnected.  The traditional approach of assessing applications with tools requiring security expertise isn’t currently scaling up to assess the volume of applications being... READ MORE

Wanted: A CISO without a security background?!?

December 4, 2014

Iain Sutherland, as Managing Director of Information Security Solutions, recruits security executives for large enterprises.  He has a front row view of how the role of security executives and the skills that enterprises value for the CISO position have changed over the last few years. When I met Iain a few weeks ago he pointed out that having a list of security certification acronyms... READ MORE

The Application Testing Gap

November 25, 2014

The path of least resistance for cyber-criminals is often to attack well-known vulnerabilities in enterprise-developed web and mobile applications. This infographic shows that large enterprises have thousands of applications to address in order to minimize the risk of a data breach. On average, enterprises spend $1.65 million to test 37% of their applications for security vulnerabilities commonly... READ MORE

Just Another Web Application Breach

July 25, 2014

188592_s-1_2.jpg Does this resemble your application security program's coverage? We can help.   Another day another web application breach hits the news. This time ITWorld reports Hackers steal user data from the European Central Bank website, ask for money. I can’t say that I’m surprised. Although vulnerabilities (SQL Injection, cross-site-scripting, etc.) are easy for... READ MORE

Applications are Growing Uncontrollably and Insecurely

July 8, 2014

unchecked-growth-applications_2.jpg This year I’m working with IDG to survey enterprises to understand their application portfolio, how it’s changing and what firms are doing to secure their application infrastructure. The study found that on average enterprises expect to develop over 340 new applications in the 12 months. As someone that has been working in and around the... READ MORE

Focus Shift: From the Critical Five Percent to the Entire Application Infrastructure

June 24, 2014

21906762_m_2.jpg The IDG study found that more than sixty percent of internally developed applications are not assessed for critical security vulnerabilities such as SQL Injection.   Later this week I’ll be joining IDG Market Research Manager, Perry Laberis for a webinar to discuss a study on how application infrastructures are changing and how security teams will keep up... READ MORE

Lawsuits, Regulations and Third-Party Security

March 28, 2014

7638108_m_2.jpg Every year the world seems to grow a little more regulated – and punitive. We’re now seeing banks suing retailers and compliance management firms over PCI assessments. And the recent breach in question appears to be related to insufficient controls around third-party suppliers. According to the Verizon PCI Compliance Report, 84% of organizations that suffered a data... READ MORE

Stuck in the Cold: Not ALL the Cool Kids go to RSA

February 27, 2014

RSA-Booth_0.jpg So once again, I’m not attending RSA. While my counterparts are working our booth in their new Veracode kicks, and meeting with customers, I’m perusing the RSA conference videos and podcasts for interesting things to read. The Risk and Responsibility in a Hyper-Connected World podcast got my attention – mostly because it promised some... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.