Veracode has the latest application security news, from recent data breaches and cyberattacks to vulnerabilities and flaws that make waves in AppSec.
- Live from Black Hat: Breaking Brains, Solving Problems with Matt WixeyBy Chris Kirsch August 7, 2020
Solving Puzzles has been a very popular pastime for InfoSec professionals for decades. I couldn’t imagine a DefCon without the badge challenge. At Black Hat 2020 Matt Wixey, Research Lead at PwC UK, didn’t disappoint as he presented on parallels between puzzle-solving and addressing InfoSec problems. Puzzle (and problem) solving can be taught Solving a puzzle and a problem is very similar. They READ MORE
Stay up to date on Application Security
- Live from Black Hat: Hacking Public Opinion with Renée DiResta
Psychological operations, or PsyOps, is a topic I’ve been interested in for a while. It’s a blend of social engineering and marketing, both passions of mine. That's why I found the keynote by Renée DiResta, Research Manager at the Stanford Internet Observatory, particularly interesting. The Internet Makes Spreading Information Cheap & Easy Disinformation and propaganda are old phenomena READ MORE
- Live from Black Hat: Practical Defenses Against Adversarial Machine Learning with Ariel Herbert-Voss
Adversarial machine learning (ML) is a hot new topic that I now understand much better thanks to this talk at Black Hat USA 2020. Ariel Herbert-Voss, Senior Research Scientist at OpenAI, walked us through the current attack landscape. Her talk clearly outlined how current attacks work and how you can mitigate against them. She skipped right over some of the more theoretical approaches that don’t READ MORE
- Live From Black Hat: Stress-Testing Democracy - Election Integrity During a Global Pandemic with Matt Blaze
Technology and elections are heavily interrelated – but it wasn’t always that way. We started to adopt technology once we weren’t able to fit everyone into a town hall. The first piece of technology was simply a piece of paper and a ballot box. We may not think of it as technology, but the ballot box can be tampered with. That technology gave us ballot secrecy, a trait that a hand-raise in the READ MORE
- Man vs. Machine: Three-Part Virtual Series on the Human Element of AppSec
In 2011 when IBM’s Watson supercomputer went up against ‘Jeopardy’ icon Ken Jennings, the world watched as a battle of man vs. machine concluded in an impressive win for Watson. It wasn’t simply remarkable that Watson could complete calculations and source documents quickly; the real feat was the brainpower it took to create fine-tuned software with the ability to comprehend questions READ MORE
- New Data Reveals How AppSec Is Adapting to New Development Realities
In today’s fast-paced world, companies are racing to bring new, innovative software to market first. In order to keep up with the speed of innovation, many organizations are shifting toward DevSecOps. DevSecOps brings security to the front of the software development lifecycle (SDLC), allowing for both fast deployments and secure applications. Even though DevSecOps is able to meet the needs of READ MORE
- The Texas Cybersecurity Act: What You Need to KnowBy Hope Goslin July 15, 2020
Texas passed House Bill 8 relating to cybersecurity for state agency information resources. The bill sets mandatory practices for state agencies, institutes continuous monitoring and auditing of network systems, adds protections for student data privacy, and updates the penalties for cybercrimes. As Texas House Speaker, Joe Straus, commented, state agencies are now expected to be “good stewards READ MORE
- New Forrester Report: Build a Developer Security Champions Program
We know firsthand how critical it is for developers and security professionals to have a great working relationship. That extends beyond simply communicating well; for your DevSecOps program to come together so that you can secure your applications, you need to break down silos and improve security knowledge across the board. Recently, Forrester published a report on this very topic that digs READ MORE
We are pleased to announce that we have earned the AWS DevOps Competency status, which recognizes that Veracode provides proven technical proficiency and customer success helping organizations implement continuous integration and delivery practices on AWS. To receive the designation, APN Partners must possess deep expertise and deliver solutions seamlessly on AWS. Why does this matter? Because READ MORE
With the sudden shift to digital that many businesses are facing in response to the pandemic, preventing cyberattacks is more important than ever. According to the FBI, attacks related to COVID-19 have increased 400 percent in recent months. And with data from Gartner showing that 74 percent of companies expect to maintain some level of remote workforce indefinitely, organizations can’t risk READ MORE
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.