Jessica Lavery

Jessica is part of the content team at Veracode. In this role she strives to create and promote content that will engage, educate and inspire security professionals around the topic of application security. Jessica’s involvement with the security industry goes back more than a decade at companies like Astaro, and Sophos where she held roles in corporate communication and marketing.
Posts by Jessica Lavery

Beyond the Quadrant: What the 2015 'Gartner Magic Quadrant for AST' Says About the AppSec Market

August 24, 2015  | Managing AppSec

On August 6, Gartner published the 2015 edition of the "Magic Quadrant for Application Security Testing¹" – and once again, Veracode is positioned in the "Leaders" quadrant. Our position in the quadrant, as well as the subsequent write-up of the company's strengths and cautions, is exciting, as we feel it validates that we are the best pure-play provider of... READ MORE

Are CISOs Spending Too Much Time Focusing on Technology?

August 21, 2015  | Managing AppSec

Following the onslaught of high-profile cyberattacks reported in the past 12 to 18 months, cybersecurity has become a more frequent topic in board-level conversations. This has created a need for CISOs to better understand board member perceptions and become more effective at communicating their cybersecurity strategies. However, a new study from Deloitte's CISO Transition Lab found CISOs... READ MORE

Beyond Breach Avoidance – Demonstrating the Value of Security

July 28, 2015  | Managing AppSec

Making a case for more security can be a difficult task at any enterprise. Many executives incorrectly assume that the lack of a recent breach means the company is adequately secure. However, as the old adage goes, there are only two kinds of companies: those that have been breached, and those that don't know they've been breached. Additionally, in the not-so-distant past, the CISO's... READ MORE

Want To Know How Your Board Thinks About Cybersecurity?

July 21, 2015  | Managing AppSec

The connection between cybersecurity and a company’s bottom line is crystal clear to board members — and they’re worried. In fact, according to a study conducted by the New York Stock Exchange and Veracode, more than 80 percent of corporate directors now discuss cybersecurity at most or all boardroom meetings. At the same time, a surprising 66 percent are not fully confident... READ MORE

Why getting the Security team and the C-Suite on the same page is a challenge

July 16, 2015

35711045_m.jpg Tim Wilson's coverage of the Black Hat security survey - Poor Priorities, Lack Of Resources Put Enterprises At Risk, Security Pros Say highlighted the disconnect that exists between security professionals and the C-suite. This is in part due to the media's hype over domestic government surveillance and hacktivists and politically motivated attackers. I agree... READ MORE

AppSec Is a Major Concern, But Still Not a Top Priority

July 16, 2015

Imagine this scenario: Your brother tells you he is very concerned because the brakes on his car haven't been working right lately – but he just doesn't have time to get to the mechanic. It is important he gets to work quickly, and putting his car in the shop will slow him down. What would you say? You'd probably offer to let him borrow your car – right after you slap him... READ MORE

OPM Breach: How Far Does the Rabbit Hole Go?

July 6, 2015  | 6

We recently released the "State of Software Security Volume 6: Focus on Industry Verticals." This is the first State of Software Security report that has a specific focus on industry trends, and some of the results are causing me to have déjà vu. For example, compare this recent headline from Re/Code: "Why the Federal Government Sucks at Cyber Security" to a ZDNet article... READ MORE

Ignore At Your Own Peril: Popular Third-party Applications Can have Vulnerabilities Too

June 24, 2015

adobe.png Adobe has issued emergency patches to address a critical vulnerability in Flash Player versions and earlier for Windows and Macintosh systems. The vulnerability, CVE-2015-0311, has been exploited in the wild, via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below. The vulnerability can potentially allow... READ MORE

Insurance Industry Is Under Attack by Cybercriminals

June 10, 2015

Security isn't easy, and with cybercriminals, or at least one specific group, targeting insurance agencies -- it just got tougher for the industry. 12404409_m.jpg The CareFirst breach is the latest in a string of insurance company breaches. Attackers gained access to names, birth dates, email addresses and insurance identification numbers for approximately 1.1 million... READ MORE

The Elephant in the Room: Why Enterprises Are Finally Discussing Third-Party Security

June 9, 2015

We are seeing increased attention on application security in terms of the security of applications companies build. But when it comes to the applications that companies buy, strategies at most companies remain fragmented and ineffective. These plans depend on questionnaires regarding the application security practices at the vendor – which means the enterprise must trust that the vendor is... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu