Jessica Lavery
Jessica is part of the content team at Veracode. In this role she strives to create and promote content that will engage, educate and inspire security professionals around the topic of application security. Jessica’s involvement with the security industry goes back more than a decade at companies like Astaro, and Sophos where she held roles in corporate communication and marketing.Posts by Jessica Lavery
SOSS Volume 9 reveals how DevSecOps can overcome the volume and persistence of software flaws
October 24, 2018 | Research
Fall is a favorite season for many – in New England, we have beautiful colors and a chill in the air. At Veracode, fall is our favorite season because it signifies the release of our annual State of Software Security (SOSS) report. Each year, we welcome the opportunity to share with the industry our insights into common vulnerabilities found in software and how organizations are measuring... READ MORE›
Online Trust: Do Executives, Consumers and Security Pros Define It Differently?
April 20, 2018
We are in the midst of the fourth industrial revolution. Instead of steam machines or textiles, our economy is becoming ever more tied to technology. In order for our digital economy to thrive, we as a collective society need to have trust in our technology. Yet, the technology world has done very little to earn that trust. During RSA David Duncan, VP, Product Marketing and Mark McGovern, VP,... READ MORE›
RSAC Panel Discussion: How can we protect our digital society?
April 20, 2018
During the RSA conference Sam King, general manager of Veracode lead an engaging discussion with Art Coviello, former CEO of RSA and Robert Knake, senior fellow for cyber policy at the Council on Foreign Relations and senior research scientist at Northwestern University’s Global Resilience Institute. While the conversation touched on a variety of topics, the prevailing theme was on the need for a... READ MORE›
Components: Increasing Speed and Risk
April 19, 2018
Open source component vulnerabilities have been a hot topic in the security industry as well as in the media. It used to be the main concern in software development was making sure you testing throughout the SDLC. While this is still a crucial part of making sure your software is secure, component security has grown in importance. As Tim Jarrett, Director of product management at Veracode... READ MORE›
Building a Security Awareness Ambassador
April 19, 2018
Lance Spitzner, Director, SANS Institute The security skills gap is well documented. There just aren’t enough security professionals in the workforce to help secure our digital economy. Even if there were, scaling to the number of security professionals needed to create a comprehensive security program alone would not solve the security problem, especially in AppSec. During this talk, Lance... READ MORE›
DevOps Connect: DevSecOps Day at RSA demonstrates how the thinking around secure software has evolved
April 17, 2018
RSAC 2018 kicked off today with DevOps Connect: DevSecOps Day @ RSAC 2018. This full day event featured speakers security vendors, security practitioners and development teams. It was interesting to compare the perspectives of the security and development teams when it comes to software security. What was even more interesting was how similar their perspectives are, and to see them... READ MORE›
Testing the Fences: Software Security Is National Security
July 5, 2017 | Security News
There is a scene in the movie Jurassic Park where we witness just how smart the velociraptors are. In order to find a way out of their enclosure, the carnivorous dinosaurs are systematically testing the electric fences for weaknesses, making note of where the fences are weakest and where they are strongest. Once a vulnerability is found in the system (in this case a disgruntled employee turning... READ MORE›
The Changing Influence of Developers
May 16, 2017 | Secure Development
Movies and television shows featuring software developers and ethical hackers would have you believe they are all anti-social shut-ins who care little about business, their careers or the impact their code has on the world. Instead they are focused almost solely on producing code for code’s sake. When they are shown as part of a business, these fictional developers are generally marginalized by... READ MORE›
Podcast: How the Role of Technologists has Evolved with the Rise of the Digital Economy
April 9, 2017 | Security News
The rise of the digital economy has created professional opportunities for those entering technology careers, but is has also changed the core responsibilities of technologists. Our dependence on software to fuel the digital economy and as a result business objectives means it is no longer enough for CTOs and CISOS to be focused on technology and security; they must also speak the language of... READ MORE›
Beyond the Quadrant 2017
March 15, 2017 | Managing AppSec
This year’s Gartner Magic Quadrant for Application Security Testing₁ has published, and while many people read the report for the vendor assessments, the authors offered some insight into the overall application security market. In the report, first time AST Magic Quadrant authors Dionisio Zumerle and Ayal Tirosh commented that the “security testing is growing faster than any other... READ MORE›
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
