Suzanne Ciccone

Suzanne is part of the content team at Veracode, working to create resources that shed light on AppSec problems and solutions. 
Posts by Suzanne Ciccone

Overcoming the Language Barrier Key to DevSecOps Success

December 8, 2017

As DevOps moves to DevSecOps, there is a significant “people” component involved in the shift. Development and security teams both need to overcome their “language barriers” and understand each other’s processes and priorities. The effort is worth it because we know that (1) the consequences of neglecting software security are getting more damaging and (2) embedding security early and often into... READ MORE

How Are We Securing the Booming Digital Economy? Our Latest Survey Results

December 8, 2017  | Intro to AppSec

Securing the digital economy survey report

The holiday season is upon us; are you buying all your gifts at the mall? Probably not. Many, if not most, of you are going to research, purchase and pay for all your holiday gifts online this year. Digitization is everywhere – changing every interaction and transaction. But it seems like breaches are everywhere as well – affecting all industries in all geographies. Are business leaders simply... READ MORE

Hardcoded Credentials: Why So Hard to Prevent?

December 1, 2017

About a year ago, attackers managed to tap into thousands of IoT devices to create a botnet infected with Mirai malware and wreak havoc on some major websites. This Mirai botnet, made up of 100,000 IoT devices from DVRs to security cameras, unleashed a massive DDoS attack on DNS provider Dyn, which brought down dozens of websites, including Twitter, Spotify, Netflix and The New York Times. ... READ MORE

How CA Veracode Products Secure the Testing Stage

November 29, 2017

This is the second in a series of blogs on how CA Veracode products fit into each stage of the software lifecycle – from development to production. We want to emphasize lifecycle here, because we continue to hear the misconception that application security falls squarely and solely into the testing stage. In our 10+ years helping organizations secure their applications, we’ve learned that... READ MORE

How CA Veracode Products Secure the Coding Stage

November 2, 2017  | Managing AppSec

This is the first in a series of blogs on how CA Veracode products fit into each stage of the software lifecycle – from development to production. We want to emphasize lifecycle here, because we continue to hear the misconception that application security falls squarely and solely into the testing stage. In our 10+ years helping organizations secure their applications, we’ve learned that... READ MORE

Our 2017 State of Software Security Report: Top 5 Takeaways for CISOs

October 23, 2017  | Security News

We just published our State of Software Security 2017 (SoSS) report, and, as always, it is chock-full of valuable data and insights about the security of applications. Based on 400,000 application scans across our customer base over a recent 12-month period, this year’s report is a gold-mine of intelligence about how organizations are approaching AppSec, what’s working, and what isn’t. This... READ MORE

Podcast: Key Takeaways From Veracode's Latest State of Software Security Report

October 19, 2017  | Customer News | Research | Security News

Key SoSS Findings

Veracode just published its latest “State of Software Security” report, get it here. Based on Veracode Platform data, these “SoSS” reports have been offering a goldmine of intelligence about how organizations are approaching AppSec since 2011. This year’s report is no different. Evan Schuman recently sat down with Veracode’s Director of Product Management Tim Jarrett to discuss the findings... READ MORE

Podcast: What the Apache Struts 2 and the Irish Potato Famine Have in Common

September 28, 2017  | Managing AppSec

Apache Struts 2

More than you might think. Just as the reliance on a single species of vulnerable-to-blight potato created widespread devastation in 1800s Ireland, today’s reliance on vulnerable components creates a similar ripple effect. In both cases, compromise of a single vulnerability spread its consequences widely and rapidly. The Potato Famine’s consequences were obviously more devastating, but although... READ MORE

Podcast: Implications of the EU GDPR

September 4, 2017  | Managing AppSec

EU GDPR Blog Podcast

The EU Global Data Protection Regulations (GDPR) go into effect in May 2018, and will introduce stark new data security requirements for any organization in the EU, or doing business in the EU. The requirements in this regulation surrounding data retention and personal information are unprecedented, and so are the fines for non-compliance. How will this play out in a world where information is a... READ MORE

Don't Be AppSec 'Helicopter Parents'

August 17, 2017  | Managing AppSec

Roles shifting can be disconcerting. Having a clear role and understanding your responsibilities and tasks is comforting. But getting too comfortable can be dangerous. Take parenting for example. Parents wouldn’t be doing their kids any favors by continuing to feed and dress them as if they were 4 when they’re 10. As children age, they start to do these basic tasks on their own, and the parent... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu