Jasmine Noel
At Veracode, Jasmine’s efforts are focused around market research, content development and sales enablement efforts. Previously, Jasmine was a founding partner of Ptak/Noel, an industry analyst and marketing consulting firm. Prior to that she also served as director of systems and applications management at Hurwitz Group, and senior analyst at D.H. Brown Associates. Jasmine holds a bachelor of science from the Massachusetts Institute of Technology and a master of science from the University of Southern California.Posts by Jasmine Noel
Make It So! Creating an Effective Security Policy
April 27, 2015
With all the breaches and cyberattacks in the news, your executives are probably asking you: "How can we make our application security policy more effective?" According to a recent Gartner report, "Policy is an important form of communication about risk, and the impact on the reader will be maximized if the text is well-crafted in organizational appropriateness and writing style.... READ MORE›
It's 2015 and I'm Still Not At RSA Conference
April 22, 2015
RSA is here again. This year our crew is decked out in spiffy monster ties, sweater vests and cardigans. rsac-team.png And here I am again, blogging from my cube. As usual, I’m perusing the RSA site looking for interesting things that my fellow non-attendees can look at. And before you ask – no I couldn’t watch the live streaming of the RSA... READ MORE›
Top 5 CISO Challenges Securing Web and Mobile Applications
January 27, 2015
If you are like most CISOs who are starting or scaling up application security programs, you will run into the challenges listed in this infographic. When you think about it, all of these challenges are interconnected. The traditional approach of assessing applications with tools requiring security expertise isn’t currently scaling up to assess the volume of applications being... READ MORE›
Wanted: A CISO without a security background?!?
December 4, 2014
Iain Sutherland, as Managing Director of Information Security Solutions, recruits security executives for large enterprises. He has a front row view of how the role of security executives and the skills that enterprises value for the CISO position have changed over the last few years. When I met Iain a few weeks ago he pointed out that having a list of security certification acronyms... READ MORE›
The Application Testing Gap
November 25, 2014
The path of least resistance for cyber-criminals is often to attack well-known vulnerabilities in enterprise-developed web and mobile applications. This infographic shows that large enterprises have thousands of applications to address in order to minimize the risk of a data breach. On average, enterprises spend $1.65 million to test 37% of their applications for security vulnerabilities commonly... READ MORE›
Just Another Web Application Breach
July 25, 2014
188592_s-1_2.jpg Does this resemble your application security program's coverage? We can help. Another day another web application breach hits the news. This time ITWorld reports Hackers steal user data from the European Central Bank website, ask for money. I can’t say that I’m surprised. Although vulnerabilities (SQL Injection, cross-site-scripting, etc.) are easy for... READ MORE›
Applications are Growing Uncontrollably and Insecurely
July 8, 2014
unchecked-growth-applications_2.jpg This year I’m working with IDG to survey enterprises to understand their application portfolio, how it’s changing and what firms are doing to secure their application infrastructure. The study found that on average enterprises expect to develop over 340 new applications in the 12 months. As someone that has been working in and around the... READ MORE›
Focus Shift: From the Critical Five Percent to the Entire Application Infrastructure
June 24, 2014
21906762_m_2.jpg The IDG study found that more than sixty percent of internally developed applications are not assessed for critical security vulnerabilities such as SQL Injection. Later this week I’ll be joining IDG Market Research Manager, Perry Laberis for a webinar to discuss a study on how application infrastructures are changing and how security teams will keep up... READ MORE›
Lawsuits, Regulations and Third-Party Security
March 28, 2014
7638108_m_2.jpg Every year the world seems to grow a little more regulated – and punitive. We’re now seeing banks suing retailers and compliance management firms over PCI assessments. And the recent breach in question appears to be related to insufficient controls around third-party suppliers. According to the Verizon PCI Compliance Report, 84% of organizations that suffered a data... READ MORE›
Stuck in the Cold: Not ALL the Cool Kids go to RSA
February 27, 2014
RSA-Booth_0.jpg So once again, I’m not attending RSA. While my counterparts are working our booth in their new Veracode kicks, and meeting with customers, I’m perusing the RSA conference videos and podcasts for interesting things to read. The Risk and Responsibility in a Hyper-Connected World podcast got my attention – mostly because it promised some... READ MORE›
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
