Sean Kinzer

Sean is part of the customer success team at Veracode. He helps address customer issues and handles our support desk.
Posts by Sean Kinzer

Introducing Python Support

April 3, 2016

On our journey to ensure all open-source is being used safely, we have taken a step forward by adding language support for a growing community of developers. I am happy to announce that you can now scan your Python 2 applications and see if they are using vulnerable open-source libaries. We mirror PyPi packages in our library catalog, and already have hundreds of Python vulnerabilities cataloged... READ MORE

Why Relying On the NVD is Not Good For Open-Source Security Tools

October 20, 2015

In part 1 of this blog series, I showed why it probably is not a good idea to use CPEs when trying to identify vulnerabilities in your code. Proper library identification is obviously crucial when trying to figure out what kind of nasty exploits might be hiding in that rails app you created 3 years ago (there are at least 20 vulnerabilities associated with all 3.x versions of rails) but a more... READ MORE

Using CPEs for Open-Source vulnerabilities? Think Again

October 18, 2015

As a Customer Success Engineer, I spend a lot of time doing product demos and helping with configurations/customizations. I often get asked in demos something along the lines of “I was trying tool 'x' or tool 'y' which uses CPE’s and the NVD. What do you think of that?”. The other day I was asked the same question over email and so thought I would share my reply (edited for this blog of course).... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu