At Veracode, Jasmine’s efforts are focused around market research, content development and sales enablement efforts. Previously, Jasmine was a founding partner of Ptak/Noel, an industry analyst and marketing consulting firm. Prior to that she also served as director of systems and applications management at Hurwitz Group, and senior analyst at D.H. Brown Associates. Jasmine holds a bachelor of science from the Massachusetts Institute of Technology and a master of science from the University of Southern California.
- Make It So! Creating an Effective Security Policy
With all the breaches and cyberattacks in the news, your executives are probably asking you: "How can we make our application security policy more effective?" According to a recent Gartner report, "Policy is an important form of communication about risk, and the impact on the reader will be maximized if the text is well-crafted in organizational appropriateness and writing style." The report also… READ MORE
Stay up to date on Application Security
- It's 2015 and I'm Still Not At RSA Conference
RSA is here again. This year our crew is decked out in spiffy monster ties, sweater vests and cardigans. And here I am again, blogging from my cube. As usual, I’m perusing the RSA site looking for interesting things that my fellow non-attendees can look at. And before you ask – no I couldn’t watch the live streaming of the RSA keynote. I… READ MORE
- Top 5 CISO Challenges Securing Web and Mobile Applications
If you are like most CISOs who are starting or scaling up application security programs, you will run into the challenges listed in this infographic. When you think about it, all of these challenges are interconnected. The traditional approach of assessing applications with tools requiring security expertise isn’t currently scaling up to assess the volume of applications being produced by… READ MORE
- Wanted: A CISO without a security background?!?
Iain Sutherland, as Managing Director of Information Security Solutions, recruits security executives for large enterprises. He has a front row view of how the role of security executives and the skills that enterprises value for the CISO position have changed over the last few years. When I met Iain a few weeks ago he pointed out that having a list of security certification acronyms appearing… READ MORE
- The Application Testing Gap
The path of least resistance for cyber-criminals is often to attack well-known vulnerabilities in enterprise-developed web and mobile applications. This infographic shows that large enterprises have thousands of applications to address in order to minimize the risk of a data breach. On average, enterprises spend $1.65 million to test 37% of their applications for security vulnerabilities commonly… READ MORE
- Just Another Web Application Breach
Does this resemble your application security program's coverage? We can help. Another day another web application breach hits the news. This time ITWorld reports Hackers steal user data from the European Central Bank website, ask for money. I can’t say that I’m surprised. Although vulnerabilities (SQL Injection, cross-site-scripting,… READ MORE
This year I’m working with IDG to survey enterprises to understand their application portfolio, how it’s changing and what firms are doing to secure their application infrastructure. The study found that on average enterprises expect to develop over 340 new applications in the 12 months. As someone that has been working in and around the… READ MORE
The IDG study found that more than sixty percent of internally developed applications are not assessed for critical security vulnerabilities such as SQL Injection. Later this week I’ll be joining IDG Market Research Manager, Perry Laberis for a webinar to discuss a study on how application infrastructures are changing and how security… READ MORE
- Lawsuits, Regulations and Third-Party Security
Every year the world seems to grow a little more regulated – and punitive. We’re now seeing banks suing retailers and compliance management firms over PCI assessments. And the recent breach in question appears to be related to insufficient controls around third-party suppliers. According to the Verizon PCI Compliance Report, 84% of… READ MORE
- Stuck in the Cold: Not ALL the Cool Kids go to RSA
So once again, I’m not attending RSA. While my counterparts are working our booth in their new Veracode kicks, and meeting with customers, I’m perusing the RSA conference videos and podcasts for interesting things to read. The Risk and Responsibility in a Hyper-Connected World podcast got my attention – mostly because it promised some… READ MORE
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.