Laura Paine is a senior product marketing manager at Veracode, based in Burlington, MA.
- These Silent Fixes are Silent Killers in Open Source Security
When it comes to open source software, it’s natural for development and security leaders to want to know that the code they’re using is secure. Historically, they’ve relied on traditional software composition analysis solutions and the National Vulnerability Database to mine for open source issues. Yet there is a little-discussed fact that open source begets open source. We know that developers… READ MORE
Stay up to date on Application Security
- An Avoidable Breach That Could Happen to Any Organization
Following a 14-month investigation into the Equifax breach that affected 148 million consumers around the world, a new report from a House Oversight and Government Reform Committee has concluded that the breach was entirely preventable. According to the report, Equifax “failed to fully appreciate and mitigate its cybersecurity risks” and if it had taken action, “the data breach could have been… READ MORE
- Open Source Risk Continues to Challenge Organizations’ Software Security
The pressure on software development teams to produce more software, and faster, is greater than ever before. This demand has necessitated heavy adoption of open source libraries and components, as they empower developers to reach production deadlines by adding functionality to their code without starting wholly from scratch. Download the State of Software Security Volume 9 Software Composition… READ MORE
- Marriott Confirms Breach Impacts As Many As 500 Million Guests
Marriott International has disclosed that the guest reservation database of its Starwood division has been breached, affecting as many as 500 million guests. The company has also confirmed that there has been unauthorized access to the Starwood network since 2014. According to a report from the BBC, for roughly 327 million guests, the attacker was able to access personally identifiable… READ MORE
The 2018 holiday shopping season is off to a record-breaking start, thanks to consumers’ growing comfort with making online purchases and an increasing number of retailers offering Black Friday pricing starting on Thanksgiving. In fact, in the first two days of the shopping season, online retailers saw nearly $10 billion sales, with Adobe reporting that consumers in the U.S. alone spent $6.2… READ MORE
- Instagram Bug Accidentally Reveals User Passwords
Facebook and Instagram have been having a rough go of it this year. According to The Information, some Instagram users who made use of the platform's new feature received notification that their passwords were showing up in the URL of their web browsers. What's more, this information was also stored on Facebook's servers, causing a greater issue for anyone using a shared computer or an insecure… READ MORE
The State of Software Security Volume 9 offers some of the most dramatic and concrete evidence to date on the positive effect DevSecOps practices have on the state of software security. The data showed consistently that the more an organization scans per year, the faster security fixes are made. The frequent, incremental changes brought forth by DevSecOps makes it possible for these teams to fix… READ MORE
- Quick Take: Chris Eng On The Security Practitioner's Role In The Future Of Secure Software DevelopmentOctober 22, 2018 | Security News
The State of Software Security Volume 9 highlights that the sheer volume of open flaws within enterprise applications is too staggering to tackle at once. Which means that organizations need to find effective ways to prioritize which flaws they fix first. While many organizations are doing a good job prioritizing by flaw severity, data this year shows that they’re not effectively considering… READ MORE
- Quick Take: Advancing AppSec Requires a Partnership Between Security and DevelopmentOctober 22, 2018 | Security News
The State of Software Security Volume 9 shows that the speed at which organizations fix flaws they discover in their code directly mirrors the level of risk incurred by applications. The faster organizations close vulnerabilities, the less risk software poses over time. In this quick take video, Chris Wysopal discusses how security and development teams can work together to reduce application… READ MORE
- Quick Take: The State of Software Security in 2018
The State of Software Security Volume 9 looks at both the good and bad news about the enterprise's progress on advancing application security. The data offers many signs of encouragement that organizations are incrementally moving the needle, though there is still plenty of work to be done to shore up application risk. In this quick take video, Chris Wysopal shares his views on the state of… READ MORE
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.