We'll walk you through the critical step of integrating security into the software development lifecycle (SDLC). You'll hear from the experts on everything from working with developers, to the best ways to assess code for security and the latest development trends and technologies.
- To Scan or Not to Scan? Why Frequency Matters for DevSecOps
Frequency matters. We know from our 10th annual State of Software Security report (SOSS) that when development teams scan their code for security more than 300 times per year, they can reduce their security debt by five times. That’s five times less risk carried around by developers, freeing them up to focus on improving processes and tackling the most dangerous vulnerabilities. Recently, READ MORE
Stay up to date on Application Security
- One Veracoder’s Climb Over the Glaring Gender Gap in TechBy Meaghan McBee March 18, 2020
"It is amazing what a woman can do if only she ignores what men tell her she can’t." — Carol K. Carr It’s no secret that there’s a gender gap in technology. While the wage gap is languidly closing between male and female computer programmers, it looms large as an indicator that there is still work to be done. According to Girls Who Code, by 2027, only 22 percent of computer scientists will READ MORE
- AppSec Analytics and Reporting Tools Give You the Edge of Insight
As DevSecOps takes hold, more developers are taking on security-minded responsibilities. Instituting strong AppSec governance with policies backed by analytics and reporting enables developers to focus on real-world problems and deliver secure code ahead of schedule. It’s all in the numbers. When development and security teams invest in the right tools to speed up their processes and improve READ MORE
The software development life cycle (SDLC) is a common sight for those who work on software projects. Whether you’re a developer or a security engineer or even a project manager or QA tester, you know all of the pieces by heart. You begin by creating requirements so you know what the software should do. Then you develop the software, test it to make sure it meets the requirements, then READ MORE
- Improper Access Control In Django: What It Looks Like and How To Fix It
Improper access control is a basic web application vulnerability that still leads to compromises. Small oversights or simply not thinking things through can lead to big problems, such as account takeover or sensitive data being stolen. Let’s take a look at what improper access control looks like in a Django application. If you’re a Django developer, keep reading to make sure your READ MORE
- Zero to Hashing in under 10 Minutes: Argon2 in NodejsBy Justin Boyer March 3, 2020
View a screencast walkthrough of the material in this post. Those who work with the Agile methodology expect change. The security field is no different. It’s hard for developers to keep up with all of the changes in application security practices. In fact, it’s sometimes difficult for security experts to keep up with the same changes. A recent change (in security terms) occurred when a new READ MORE
- How Do You Encourage Developers to Be Passionate about Security? Give Them Some Grit
Most security teams and security executives want developers to care about application security. This is not to say that developers don’t care about security. Such a sweeping generalization is simply not appropriate. There are developers who care. Still, what organizations want most is to increase the number of developers that do care and decrease security bugs in their software. No one READ MORE
The Go Programming Language, sometimes referred to as Golang, is Google’s new programming language. It was released in 2009 and has developed a growing fanbase of developers. The TIOBE index, which measures the popularity of programming languages at any given time, has shown steady growth in popularity for Go since it was released. In May 2015, Go was #122 on the TIOBE index READ MORE
- Veracode Wins Three Awards for AppSec Excellence as a Leader in DevSecOps
We’re excited to announce that we have received three awards for our innovative solutions in application and information security! Info Security Products Guide, the industry’s leading information security research and advisory guide, named Veracode a Silver Award winner in their Application Security and Testing category for the READ MORE
It’s a habitual practice we learn from an early age; keeping track of loans and credit card bills reduces overall debt and makes it easier to bring debt down quickly, avoiding those pesky spikes in interest. That very same practice applies to software security testing. Software is tested, vulnerabilities are revealed, and unaddressed vulnerabilities build up over time as interest in the form of READ MORE
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.