Home / Blog / Sean Kinzer
skinzer's picture

Sean Kinzer

Sean is part of the customer success team at Veracode. He helps address customer issues and handles our support desk.
Posts by Sean Kinzer

Introducing Python Support

April 3, 2016

On our journey to ensure all open-source is being used safely, we have taken a step forward by adding language support for a growing community of developers. I am happy to announce that you can now scan your Python 2 applications and see if they are using vulnerable open-source libaries. We mirror PyPi packages in our library catalog, and already have hundreds of Python vulnerabilities cataloged... READ MORE

Why Relying On the NVD is Not Good For Open-Source Security Tools

October 20, 2015

In part 1 of this blog series, I showed why it probably is not a good idea to use CPEs when trying to identify vulnerabilities in your code. Proper library identification is obviously crucial when trying to figure out what kind of nasty exploits might be hiding in that rails app you created 3 years ago (there are at least 20 vulnerabilities associated with all 3.x versions of rails) but a more... READ MORE

Using CPEs for Open-Source vulnerabilities? Think Again

October 18, 2015

As a Customer Success Engineer, I spend a lot of time doing product demos and helping with configurations/customizations. I often get asked in demos something along the lines of “I was trying tool 'x' or tool 'y' which uses CPE’s and the NVD. What do you think of that?”. The other day I was asked the same question over email and so thought I would share my reply (edited for this blog of course).... READ MORE

 

 

contact menu

Veracode is a leading provider of enterprise-class application security, seamlessly integrating agile security solutions for organizations around the globe. In addition to application security services and secure devops services, Veracode provides a full security assessment to ensure your website and applications are secure, and ensures full enterprise data protection. Application protection services from Veracode include white box testing, and mobile application security testing, with customized solutions that eliminate vulnerabilities at all points along the development life cycle.

*Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.