Laura Paine

Laura Paine is the senior content developer at Veracode, based in Burlington, MA. In this role, she is responsible for research, including publishing Veracode's annual State of Software Security Report, current events, and product content for the company blog. Prior to taking this role in content marketing, she was the global public relations and analyst relations manager.
Posts by Laura Paine

British Airways Faces £183m Fine Following Data Breach

July 8, 2019

Veracode British Airways GDPR Data Breach Fine

The Information Commissioner’s Office (ICO) has handed British Airways what it claims is the biggest penalty – and the first to be made public under new rules – since the General Data Protection Regulation (GDPR) came into play last year. According to the ICO, 500,000 customers had their personal information compromised during the 2018 breach, and the airline needs to pay up – to the tune of £183... READ MORE

Business-Focused Approach to Security Assurance Is More Evolution Than Revolution

June 28, 2019

Veracode Information Security Forum Security Assurance Research

According to a new research report from Information Security Forum (ISF), only 32 percent of its membership is satisfied with their security assurance program – though 80 percent say that they want to take a more business-focused approach to security. Given the ever-evolving threat landscape, security leaders understand that they always need their finger on the pulse of how secure their... READ MORE

How Veracode Supports DevSecOps Methodologies With SaaS-based Application Security

June 18, 2019

Veracode Kuppinger Cole Report

Most legacy applications were not developed with security in mind. However, modern businesses and organizations are continuing to undergo digital transformation in order to pursue new business models and revenue channels, as well as giving their customers or constituents a simplified experience. This often means selecting cloud-based tools and solutions that allow for the scalability necessary to... READ MORE

What the AMCA Data Breach Teaches Us About Modern Supply Chain Security

June 10, 2019

The State of Software Security Volume 9 (SOSS Vol. 9) found that the healthcare industry, with its stringent regulations, received relatively high marks in many of the standard AppSec metrics. According to Veracode scan data, healthcare organizations ranked highest of all industries on OWASP pass rate on latest scan, coming in with a rate just over 55 percent. Our flaw persistence analysis shows... READ MORE

Quest Diagnostics Breached Through Third-Party Billing Collections Vendor

June 3, 2019

veracode-quest-diagnostics-breach-june-2019

Quest Diagnostics has reported that nearly 12 million patients’ may have been impacted by a breach into American Medical Collection Agency (AMCA), the medical testing company’s third-party billing provider. According to a data breach filing with the Security and Exchange Commission, as many as 11.9 million patients may have had their credit card, banking, medical information, and other personal... READ MORE

WhatsApp Releases Update Following Breach via Remote Code Execution Vulnerability

May 14, 2019

Veracode WhatsApp Vulnerability May 2019

On Monday, The Financial Times reported that attackers have been exploiting a buffer overflow vulnerability in the popular messaging service WhatsApp. The vulnerability has been fixed, and updates were released on Friday. WhatsApp, owned by Facebook, is urging both iPhone and Android users to update the app as soon as possible. Veracode’s State of Software Security Volume 9 found that buffer... READ MORE

2019 Verizon DBIR Shows Web Applications and Human Error as Top Sources of Breach

May 8, 2019

Veracode App Sec Verizon DBIR 2019

According to the 2019 Verizon Data Breach Investigations Report, there was a noticeable shift toward financially motivated crime (80 percent), with 35 percent of all breaches occurring as a result of human error, and approximately one quarter of breaches occurring through web application attacks. These attacks were mostly attributable to the use of stolen credentials used to access cloud-based... READ MORE

Learning From the Vodafone-Huawei Backdoor Scandal

April 30, 2019

Veracode Vodafone Huawei Backdoor April 2019

Yesterday, Bloomberg reported that Vodafone uncovered hidden backdoors in Huawei equipment used for the carrier’s Italian business, which could have given Huawei unauthorized access to Italian homes and businesses. The alleged backdoors were found in 2011 and 2012, and Vodafone told Bloomberg that the issues were resolved at the time. However, the BBC published a piece this morning in which... READ MORE

Your AppSec Program Can Make Your Developers and Your CFO Happy

April 30, 2019

Veracode AppSec Developers CFO Dynamic Analysis

While cybersecurity risk is steadily growing, so too is the recognition that application security (AppSec) is critical to protecting valuable enterprise resources. More than ever, ensuring that you have a program that spans the entire SDLC is critical to preventing breaches into your organization and customer data. Just as it is important to inventory and secure all of the applications in your... READ MORE

Docker Hub Database Breached, As Many As 190,000 Accounts Affected

April 29, 2019

Veracode Container Security Docker Breach April 2019

Docker, a company that created an open platform for building and running distributed applications, reported to users that its Docker Hub database had been breached, exposing sensitive data from approximately 190,000 accounts. While that figure makes up less than five percent of Hub users, the data included some usernames and hashed passwords as well as Github and Bitbucket tokens for Docker... READ MORE

 

 

contact menu