Phil Neray

Phil Neray is Veracode's vice-president of corporate & product marketing and has been involved with cyber-security for 15+ years. He was previously VP of security strategy and marketing at Guardium, an enterprise security company acquired by IBM. Phil is CSA-certified in cloud security (CCSK), holds a BSEE from McGill University and has a black belt in American Jiu-Jitsu.
Posts by Phil Neray

Chinese Using SQL Injection for Cyberattacks on Pharma & Technology Firms

October 21, 2015  | Security News

Summary Cyberattackers linked to the Chinese government are attacking pharmaceutical and technology firms to steal their intellectual property, with 13 attempts identified during the past 30 days alone. Many of the intrusions were done through Web server compromises, with SQL injection being the prefered vector of implanting malware scripts which provide privileged access to internal networks.... READ MORE

Secure Agile Development: New Blog Series by Analyst Firm

September 19, 2014

image001.png Veracode is sponsoring new independent research on the topic of secure agile development – see below for a summary of the content, which will eventually be published as a complete white paper. The research is being conducted by Securosis, a small, well-respected analyst firm with strong ties to the security community. It will initially be published as a series of blog... READ MORE

Good Ol’ SQLi Used to Hack Naval Database from Nuclear Carrier

May 16, 2014

navy-hack-sql-injection-veracode_2.jpg Wired Threat Level reports that Nicholas Paul Knight, 27, who called himself a “nuclear black hat,” has been charged with hacking a Navy database while working onboard the nuclear-powered USS Harry S. Truman aircraft carrier (at which point he was caught and discharged from the service). Knight was part of a hacking group called... READ MORE

It Eats Application Threats for Breakfast – and It Eats 24/7

February 24, 2014

Razor-Sharp-Half-Size_0.jpg Application security is hard. It’s big and complex. And it just might be “the last frontier” for cyber-security (at least for now). Unlike network or endpoint security, you can’t just put another box on the network to secure the application layer. For one thing, there are people and processes involved — developers in São Paulo and Sri Lanka and Berlin and... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.