Laura Paine

Laura Paine is the senior content developer at Veracode, based in Burlington, MA. In this role, she is responsible for research, including publishing Veracode's annual State of Software Security Report, current events, and product content for the company blog. Prior to taking this role in content marketing, she was the global public relations and analyst relations manager.
Posts by Laura Paine

Security and Development Agree, Coordinated Disclosures Are a Public Service

September 18, 2019

Shifting security left so that security testing becomes an integrated part of the development process helps companies improve software security. With software running our world, it is important to empower developers with the tools and processes they need to make security a part of their overall development process. Yet, even with a robust AppSec program that makes security a part of the... READ MORE

Veracode Customers Improve Mean Time to Remediation by 90%

September 3, 2019

Bill Gates is well known for treating time as a scarce resource, and in 1994, John Seabrook published a piece in The New Yorker detailing an email exchange he carried on with the famous technologist. Seabrook notes that Gates’ reverence for time was evident in his correspondence – skipping salutations and pleasantries, leaving spelling mistakes and grammatical errors in-line, and never addressing... READ MORE

Veracode Now Available on the Digital Marketplace G-Cloud UK

August 22, 2019

G Cloud Blog Featured Image

There is a deepening awareness that cyberthreats can never be eliminated completely, and digital resilience is an absolute necessity – and this is true for both private and public sector organizations and agencies. With this understanding, the UK Government created its G-Cloud Framework, which has transformed the way that public sector organizations can purchase information and communications... READ MORE

New Research: Apache Solr Parameter Injection

August 14, 2019

Apache Solr is an open source enterprise search platform, written in Java, from the Apache Lucene project. Its major features include full-text search, hit highlighting, faceted search, dynamic clustering, and document parsing. You treat it like a database: you run the server, create a collection, and send different types of data to it (such as text, XML documents, PDF documents, etc.). Solr... READ MORE

Live From Black Hat USA: Making Big Things Better the Dead Cow Way

August 9, 2019

When Reuters’ investigative reporter Joseph Menn confirmed that presidential candidate Beto O’Rourke was an early member of The Cult of the Dead Cow (cDc), it seemed as though folks had two viewpoints on it. They either had more respect for him because they understood what cDc was trying to accomplish, or they were relatively horrified because “hackers are bad.” It’s easy to fear what we don’t... READ MORE

Live From Black Hat USA: The Inevitable Marriage of DevOps & Security

August 8, 2019

During her briefing with Kelly Shortridge, vice president of product strategy at Capsule8, Dr. Nicole Forsgren, research and strategy at Google, did a beautiful job of adding imagery to the story she told of the attendee reactions during the now-famous talk Paul Hammond and John Allspaw gave at Velocity in 2009. If you're not familiar, the title of said talk was, "10 Deploys Per Day: Dev &... READ MORE

Live From Black Hat USA: Four Key Takeaways from Dino Dai Zovi's Keynote

August 7, 2019

"Did you know that your 20th Black Hat is when you get to give the keynote at Black Hat?" Dino Dai Zovi, head of security for Cash App at Square, joked to the packed ballroom. While it may have been Dai Zovi's 20th conference, the topic of his keynote has never been more fitting for where we are in security and the ways in which it mirrors what we experience in our day-to-day life. He gave us an... READ MORE

Live From Black Hat USA: Communication's Key Role in Security

August 7, 2019

The kick-off keynote for the 23rd Black Hat USA Conference in Las Vegas set the stage for the conversations that will undoubtedly be discussed in great detail over the next two days - and likely the next two years - if Black Hat founder Jeff Moss’ opening remarks are indicative of a trend. Moss pointed out that security had been asking for the spotlight, both in legislative and more corporate... READ MORE

Grasshoppers, Dead Cow, and Controlled Chaos: What We’re Looking Forward to at Black Hat USA

August 2, 2019

Veracode Black Hat USA 2019 Las Vegas

Usually, Black Hat USA is all the rage this time of year when it comes to Las Vegas; however, it seems the excitement about the show has been eclipsed by a grasshopper invasion. I admit, I was puzzled when my colleagues informed me of the news and proceeded to show me the horrifying photographic and video evidence. I joked that I would need to wear a Veracode-branded beekeeper suit, and wondered... READ MORE

Capital One Benefits From Responsible Disclosure Program Following Massive Data Breach

July 31, 2019

Veracode Capital One Data Breach Coordinated Vulnerability Disclosure

This blog post was updated on August 1, 2019 to include additional details uncovered as a result of the ongoing investigation associated with the Capital One data breach. Capital One’s data breach may be one for the record books, impacting as many as 106 million U.S. and Canadian credit applicants dating back to as early as 2005. While it’s natural to want to draw parallels to the 2017 Equifax... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 


 

 

contact menu