Laura Paine is a senior product marketing manager at Veracode, based in Burlington, MA.
- Removing the Barriers to Secure Development and Scalable Application Security with Veracode Static Analysis IDE Scan
It is not uncommon for organizations to have “appsec programs” and not actually affect the security of their applications. What good is it if the applications coming out of that program aren’t any better than when they went in? You have two competing objectives in your organizations Keep pushing software out to market as fast as possible so that your company can stay competitive Stop insecure… READ MORE
Stay up to date on Application Security
- Insecure code cited in Facebook hack impacting nearly 50 million users
On Sept. 28, Facebook announced via its blog that it discovered attackers exploited a vulnerability in its code that impacted its "View As" feature. While Guy Rosen, VP of product management, notes that the investigation is still in its early stages, the breach is expected to have affected 50 million accounts. It is unclear at this stage whether these accounts were misused or if any personal… READ MORE
On Aug. 22, the Apache Software Foundation announced that a new critical remote code execution vulnerability was found in Apache Struts 2 (CVE-2018-11776). According to the Semmle Security Research Team, who first identified and reported the vulnerability, this flaw is "more critical" than the Struts vulnerability behind the massive data breach that exposed the personal information of 143 million… READ MORE
- In The Age of Apathy, Enterprises and Consumers Must Improve Online Security Together
Enterprise companies must work with consumers to improve online security. Despite the occurrence of massive cyberattacks and data breaches in 2017, U.S. citizens are seemingly less worried about privacy and online security than they were in 2015. The new NTIA Internet Use Survey shows that 73 percent of those surveyed in 2017 are concerned about privacy and security, which is a significant drop… READ MORE
- What the Russian Nation-State Hackers Show Us About the State of Global Cybersecurity
The U.S. Department of Homeland Security confirmed in a briefing that Russian nation-state hackers successfully attacked hundreds of trusted vendors with relationships to energy and other critical infrastructure organizations as part of, what is believed to be, an ongoing campaign to breach U.S. electric utility control rooms. Some vendors may still be unaware that they have been compromised, as… READ MORE
- State of Software Security: Insight Into Government Sector Application Security And Guidance For Policy Makers
In 2015, the United States Office of Personnel Management (OPM) announced that it had been the target of two massive data breaches. These breaches are thought to be a result of gaining valid user credentials to the systems they were hacking through social engineering, as well as through a malware package which installed itself within OPM’s network and established a backdoor. Attackers then… READ MORE
During this year's RSA Conference, Highwire PR and WSJ Pro Cybersecurity hosted several panel discussions, including this one with Veracode CTO Chris Wysopal. Chris joined Andrea Limbago, chief social scientist at Endgame, Michael Daniel, president and CEO of Cyber Threat Alliance, to talk about the current and evolving threat landscape. Throughout the panel, you'll learn more about how… READ MORE
- Veracode recognized for world-class Channel Program and Channel Chief for Second Consecutive Year
For the second year in a row, Veracode has received several accolades from CRN, a brand of The Channel Company and one of the industry’s top sources for news and analysis for the IT channel. Veracode’s world-class Partner Program received the 5-Star Rating in CRN’s 2018 Partner Program Guide, and Leslie Bois, vice president, global channels and alliances, was named to its prestigious list of 2018… READ MORE
When officials explore the issues surrounding election integrity in the United States, one obstacle tends to frame those discussions: the huge chasm that exists between the technology sophistication of cyber attackers intent on disrupting U.S. elections, and the technology sophistication of the officials who run those elections. Even an attack as low-tech as an email phishing campaign, where… READ MORE
Over the past year, our scans of thousands of applications and billions of lines of code found a widespread weakness in applications, which is a top target of cyber attackers. And when you zoom in from a big picture view down to a micro-level, there are a few industries that are struggling to keep up with the rapidly changing cybersecurity landscape and combat the tactics of malicious actors… READ MORE
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.