Laura Paine is a senior product marketing manager at Veracode, based in Burlington, MA.
- Veracode Named a Leader in the Gartner Magic Quadrant for Application Security for the Fifth Report in a Row
For the fifth consecutive report, Gartner placed Veracode as a Leader in the 2018 Magic Quadrant for Application Security Testing1. Gartner chooses leaders for the report based on a company’s completeness of vision and ability to execute in the application security testing (AST) market. In recent years, we’ve witnessed the rise in adoption of DevSecOps and Modern Software Factory approaches to… READ MORE
Stay up to date on Application Security
- Podcast: Veracode’s 2018 Development Resolutions with Maria Loughlin
Earlier this year, we looked at what 2018 has in stock for open source, and we wanted to continue this trend to dive a little bit deeper into the resolutions the developer community may have for the New Year. For some, it’s a matter of striving to write smaller batches of code that are more testable, better for security stance, or getting more of the enterprise to internalize that quality code is… READ MORE
When it comes to open source and security, one of the most popular words that pops into the head of security aficionados and professionals is “dread.” Certainly that perception is driven by open source’s reputation – it is seen as fast, easy, low cost and, well, risky. With unknown hands touching the code – and a surprisingly low number of developers maintaining common components – it’s… READ MORE
- Podcast: Are We at Risk For Data Breach Disclosure Fatigue?
What is the fundamental purpose of data breach disclosures? To help the company breached? To help other companies in a similar position? To help the customers of the breached company? To help law enforcement? At its most extreme, should it ever be about shaming a company that had poor security? Depending on the circumstances, it can be about all of the above. Focus on the customer. That’s a… READ MORE
- Veracode Named a Leader in The Forrester Wave for Static Application Security Testing
I’m always a fan of ending the year on a high note, so you can imagine how excited I am to share the news that Veracode has been named a leader in The Forrester Wave™: Static Application Security Testing, Q4 2017 report by Forrester Research. Forrester ranks its vendors through the detailed evaluation of the 10 most significant vendors in static application security testing (SAST). The report… READ MORE
- Podcast: When it Comes to Data Breach Disclosure, When Does the Clock Start Ticking?November 28, 2017 | Managing AppSec
In the last episode of the Cyber Second Podcast, we talked about the confusing patchwork of rules and laws – state, federal, global – dictating data breach disclosure rules. The common thread in nearly all of the existing regulations is that the disclosure clock starts the very moment that a company becomes aware of the breach. But when does someone truly know something, and who needs to know to… READ MORE
- Podcast: Would A National Data Breach Disclosure Law Create Clarity or Confusion?October 20, 2017 | Security News
WannaCry and Petya, among other high-profile breaches, have sparked new conversations at Veracode around the potential value of cybersecurity and data breach disclosure legislation. Certainly, data breach disclosure requirements are popping up in just about every state, not to mention global standards, such as GDPR. Although they all insist on timely disclosures, their requirements, rules and… READ MORE
- Podcast: How to Fix the Widening AppSec Skills GapSeptember 21, 2017 | Security News
The AppSec Skills Gap Is Widening Nearly 20% A Year. Here's How We Fix It. A recent survey from Veracode and DevOps.com found that the majority of IT and development professionals weren’t required to take security courses in college – and they’re not receiving the necessary training from their employers. So, we have to ask: where does the fault lie? Should universities ramp up their security… READ MORE
They don’t make apps like they used to. DevOps has moved away from rows of specialists handling their own tiny segment of code, advancing to a more comprehensive Full Spectrum Engineer. Today’s developers need to have a breadth of skills that can take an idea from inception to production – with one person and no handoffs. What we’re seeing is the natural ebb and flow between the specialist and… READ MORE
There are known knowns. These are things we know that we know. There are known unknowns. That is to say, there are things that we know we don't know. But there are also unknown unknowns. There are things we don't know we don't know. -Donald Rumsfeld Just as there are known knowns, known unknowns and unknown unknowns in National Security, the same can be said for application security. The very… READ MORE
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.