John Zorabedian
John Zorabedian is a blogger and copywriter at Veracode. He has a background in marketing and journalism, writing about IT security, technology, business, politics and culture. He lives and works in the Boston area.Posts by John Zorabedian
Veracode Survey Research Identifies Cybersecurity Skills Gap Causes and Cures
August 17, 2017 | Security News
The shortage of cybersecurity professionals is on pace to reach 1.5 million empty positions globally by 2020, according to Frost & Sullivan. Yet, as the digital economy relies on rapid innovation in software, the growing demand for developers with security skills is also dangerously outpacing supply. Now, a survey of development and IT professionals, conducted by Veracode and DevOps.com, has... READ MORE›
Application Security Virtual Summit: Attend a Top AppSec Conference from Your Desk
August 14, 2017 | Intro to AppSec
Veracode is hosting our first application security virtual summit on Tuesday, August 22, and there’s something for everybody — whether you’re a security, developer, or IT ops pro, a practitioner or manager. The summit, which we’re calling “Application Security: What, Why and How,” features a star-studded lineup of the industry’s top experts, and a schedule chock-full of interesting and... READ MORE›
We're Already at Cyberwar (and We're Losing)
July 25, 2017 | Security News
Let’s face it – cyberwar is no longer science fiction. Our economies – and our democratic system – are under attack. Security researchers are often reluctant to attribute attacks to particular nation states. But it’s become increasingly clear that Russia attempted to meddle in the 2016 U.S. presidential election, and perhaps other elections in the UK and Europe. Last summer, Russia-backed hackers... READ MORE›
The Next Petya Will Be Worse – Why Software Development Must Change
June 28, 2017 | Security News
Another major cyberattack hit computer networks around the globe on Tuesday, beginning in the Ukraine, when a paralyzing ransomware struck websites of government agencies, banks, transportation, and power plants, before spreading to Russia, the UK, U.S., and other nations. Coming just weeks after the WannaCry ransomware wreaked havoc, this new attack – initially believed to be a strain of the... READ MORE›
6 Tips for Transforming Technology to Achieve DevSecOps
June 21, 2017 | Secure Development
The goal of DevSecOps is to build a bridge between fast and secure software development. Some in the DevOps and AppSec universe maintain that the primary foundations of a DevOps or DevSecOps initiative are the right mindset about quality, and processes that support continuous improvement and learning at velocity. Yet you cannot achieve DevSecOps without the right technologies for integrating... READ MORE›
Veracode Survey Research Shows Shift to DevOps and DevSecOps
June 14, 2017 | Security News
With the proliferation of attacks and breaches at the application layer, it's clear that application security testing is a growing necessity. What's less clear is how organizations can hope to bridge the gap between the priorities of development, operations, and security teams. To understand how organizations are handling these challenges, Veracode partnered with ESG to conduct a survey of IT... READ MORE›
5 Simple Strategies for Building Security Into Your DevOps Process
May 17, 2017 | Secure Development
Securing any development framework – whether Waterfall, Agile or DevOps – requires changes of culture, process, and technology. But unlike the straightforward flow of Waterfall, where security comes at the end of the process, it's less clear where security fits in Agile and DevOps. As Securosis analyst Adrian Lane points out, Agile development includes "whatever work gets done in a sprint... READ MORE›
5 Stages of the DevOps Journey [INFOGRAPHIC]
May 11, 2017 | Secure Development
As business success in the digital economy increasingly depends on software innovation, development teams are moving to faster and more frequent deployment, enabled by the shift from Waterfall to Agile and DevOps. Yet getting to DevOps doesn't happen overnight. It's a journey, with a gradual transformation of culture, technology, and processes along the way. If you're embarking on a DevOps... READ MORE›
4 Ways to Build a DevSecOps Culture
May 3, 2017 | Secure Development
At the center of a successful DevOps initiative is a simple but often overlooked concept: Because developers drive the software agenda, developer participation is crucial for achieving a more secure framework. DevSecOps represents the next evolutionary step of secure software development, but even the best governance framework and leading-edge security tools can't get the job done if the... READ MORE›
HipChat Breach Shows Dangers of Slacking on Security of Third-Party Components
April 27, 2017 | Managing AppSec | Security News
This week, HipChat advised customers that one of its databases was breached by attackers who exploited a vulnerable third-party library used on HipChat.com. HipChat, owned by Atlassian, said that the compromised database stored customer usernames, email addresses, hashed passwords, and room metadata such as room name and topic. HipChat’s fast action to force a reset of all HipChat passwords... READ MORE›
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
