John Zorabedian

John Zorabedian is a blogger and copywriter at Veracode. He has a background in marketing and journalism, writing about IT security, technology, business, politics and culture. He lives and works in the Boston area.
Posts by John Zorabedian

What's New in the State of Software Security 2017 Report

October 18, 2017  | Security News

State of Software Security 2017: What's in the Report

In the past year, we’ve seen an unprecedented series of cyber assaults on democratic elections, ransomware attacks that spread around the world affecting hundreds of thousands of systems in more than 150 countries, and record-breaking data breaches. If we’re going to address this growing crisis effectively, we need a probing inspection of root causes, and fearless prescriptions for new ways... READ MORE

How Third-Party and Open Source Components Build Hidden Risk Into Software

September 25, 2017  | Secure Development

Component risk

Whenever there’s a major data breach announced in the news, I think about how there must be other breaches happening that we don’t even know about. Because, although cyberattackers frequently target known vulnerabilities in software, the victims are unlikely to know they were vulnerable until it is too late. As today’s software is increasingly assembled from bits and pieces of open source... READ MORE

Veracode Survey Research Identifies Cybersecurity Skills Gap Causes and Cures

August 17, 2017  | Security News

DevSecOps Global Skills Survey

The shortage of cybersecurity professionals is on pace to reach 1.5 million empty positions globally by 2020, according to Frost & Sullivan. Yet, as the digital economy relies on rapid innovation in software, the growing demand for developers with security skills is also dangerously outpacing supply. Now, a survey of development and IT professionals, conducted by Veracode and DevOps.com, has... READ MORE

Application Security Virtual Summit: Attend a Top AppSec Conference from Your Desk

August 14, 2017  | Intro to AppSec

Application Security Virtual Summit

Veracode is hosting our first application security virtual summit on Tuesday, August 22, and there’s something for everybody — whether you’re a security, developer, or IT ops pro, a practitioner or manager. The summit, which we’re calling “Application Security: What, Why and How,” features a star-studded lineup of the industry’s top experts, and a schedule chock-full of interesting and... READ MORE

We're Already at Cyberwar (and We're Losing)

July 25, 2017  | Security News

Cyberwar and Election Hacking

Let’s face it – cyberwar is no longer science fiction. Our economies – and our democratic system – are under attack. Security researchers are often reluctant to attribute attacks to particular nation states. But it’s become increasingly clear that Russia attempted to meddle in the 2016 U.S. presidential election, and perhaps other elections in the UK and Europe. Last summer, Russia-backed hackers... READ MORE

The Next Petya Will Be Worse – Why Software Development Must Change

June 28, 2017  | Security News

Petya Ransomware Attack

Another major cyberattack hit computer networks around the globe on Tuesday, beginning in the Ukraine, when a paralyzing ransomware struck websites of government agencies, banks, transportation, and power plants, before spreading to Russia, the UK, U.S., and other nations. Coming just weeks after the WannaCry ransomware wreaked havoc, this new attack – initially believed to be a strain of the... READ MORE

6 Tips for Transforming Technology to Achieve DevSecOps

June 21, 2017  | Secure Development

DevSecOps Technology

The goal of DevSecOps is to build a bridge between fast and secure software development. Some in the DevOps and AppSec universe maintain that the primary foundations of a DevOps or DevSecOps initiative are the right mindset about quality, and processes that support continuous improvement and learning at velocity. Yet you cannot achieve DevSecOps without the right technologies for integrating... READ MORE

Veracode Survey Research Shows Shift to DevOps and DevSecOps

June 14, 2017  | Security News

DevOps and AppSec Survey

With the proliferation of attacks and breaches at the application layer, it's clear that application security testing is a growing necessity. What's less clear is how organizations can hope to bridge the gap between the priorities of development, operations, and security teams. To understand how organizations are handling these challenges, Veracode partnered with ESG to conduct a survey of IT... READ MORE

5 Simple Strategies for Building Security Into Your DevOps Process

May 17, 2017  | Secure Development

DevSecOps Process

Securing any development framework – whether Waterfall, Agile or DevOps – requires changes of culture, process, and technology. But unlike the straightforward flow of Waterfall, where security comes at the end of the process, it's less clear where security fits in Agile and DevOps. As Securosis analyst Adrian Lane points out, Agile development includes "whatever work gets done in a sprint... READ MORE

5 Stages of the DevOps Journey [INFOGRAPHIC]

May 11, 2017  | Secure Development

As business success in the digital economy increasingly depends on software innovation, development teams are moving to faster and more frequent deployment, enabled by the shift from Waterfall to Agile and DevOps. Yet getting to DevOps doesn't happen overnight. It's a journey, with a gradual transformation of culture, technology, and processes along the way. If you're embarking on a DevOps... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu