Customer News

Get updates on customer resources, including AppSec tips from Veracode program managers and security experts, new product feature announcements and best practices for making Veracode a seamless part of your software development lifecycle.

2020 Trend Alert: Consumer Privacy

hgoslin's picture
By Hope Goslin January 17, 2020  | Customer News

We are only a few weeks into 2020, and it is safe to say that consumer privacy is all the rage. California kicked off the movement with the California Consumer Privacy Act (CCPA), AB 375, which went into effect on January 1, 2020. The act aims to give consumers more rights to their personal data. Since then, Washington, New Hampshire, and New York have all proposed similar consumer privacy bills... READ MORE

Tips for Kicking Off Your Veracode Security Program Manager Relationship

adewberry's picture
By Ala Dewberry September 3, 2019
How to start your SPM relationship on the right foot

If you’re a Veracode customer, there’s a good chance that you’ve heard of – or maybe even work with – a Veracode security program manager (SPM). For those of you who might not know, SPMs help you define the goals of your application security program, onboard your team, answer any questions about Veracode products, and work with your teams to ensure that your program stays on track and continues... READ MORE

Detailing Veracode’s HMAC API Authentication

anielsen's picture
By Anne Nielsen August 7, 2019  | Customer News
About Veracode's HMAC authentication

Veracode’s RESTful APIs use Hash-based Message Authentication Code (HMAC) for authentication, which provides a significant security advantage over basic authentication methods that pass the username and password with every request. Passing credentials in the clear is not a recommended practice from a security perspective; encryption is definitely preferred for obvious reasons, but HMAC goes a... READ MORE

Key Considerations for Secure Coding Training

sciccone's picture
By Suzanne Ciccone July 31, 2019
Tips on secure coding training

Developer training has an essential role in reducing code vulnerabilities and avoiding a breach. Effective application security requires both locating security-related defects, and fixing them. But developers simply aren’t equipped with the knowledge or skills they need to fix these flaws. Veracode recently sponsored the 2017 DevSecOps Global Skills Survey from, and found... READ MORE

Top 5 Ways to Ensure a Smooth Veracode Dynamic Analysis Scan

bsarathy's picture
By Bhavna Sarathy July 30, 2019
Top 5 ways to ensure a smooth dynamic scan

Dynamic analysis (DAST) is a vital part of all application security programs. Effective application security secures software throughout its entire lifecycle — from inception to production. With the speed of today’s development cycles — and the speed with which software changes and the threat landscape evolves — it would be foolish to assume that code will always be 100 percent vulnerability-free... READ MORE

Characteristics of a World-Class AppSec Program

ppourmousa's picture
By Pejman Pourmousa July 25, 2019
What top-notch AppSec programs look like

A great AppSec program requires more than just scanning. It takes seamless processes and services designed to help developers fix flaws and write more secure code. The following is a list of the characteristics that we have found among our customers with world-class AppSec programs. Consider security early In early planning phases, ensure secure architecture and design and conduct threat modeling... READ MORE

New Customer Ideas Portal: Add Your Voice to Our Roadmap

shsu's picture
By Shuning Hsu July 22, 2019
Have an idea that would improve Veracode's solution? Add it to our new portal.

.page-node-42201 p { font-size: 16px; } Customer-inspired product enhancement is not something new at Veracode. In fact, since 2016, we have implemented more than 1,100 product enhancement requests from individual customers. To create greater transparency into the product management process, we created a self-service feedback portal – Ideas – in the Veracode Community in 2017. This portal is... READ MORE

Introducing Veracode’s New Analytics Capabilities

ctartow's picture
By Colleen Tartow July 3, 2019  | Managing AppSec
Announcing Veracode's new analytics capabilities

If we have data, let's look at data. If all we have are opinions, let's go with mine." -- Jim Barksdale The ability to report on your application security program depends on access to your AppSec data. For questions from “how can I help my board understand our current risk posture?” to “which teams are developing secure code, and which need additional AppSec training?” – data is the key. Nobody... READ MORE

Key Components to Consider When Kicking Off Your Veracode AppSec Program

mfrancis's picture
By Melissa Francis June 25, 2019  | Managing AppSec
Tips from a seasoned security program manager on getting AppSec started on the right foot

I’ve been working as a Veracode security program manager since 2013, and have adopted AppSec best practices in those six years that contribute to successful AppSec programs. I started my journey here as a program manager and was fortunate enough to manage and lead some of Veracode’s largest and most complex customer programs. Today, I’m managing a team of program managers. In this blog, I will... READ MORE

Application Security Beyond Static Analysis

sciccone's picture
By Suzanne Ciccone June 18, 2019  | Managing AppSec

table thead th, table tbody td, table tr td { border-left: 1px solid #e5e5e5; } .blog-home-page .content-wrapper table th { color: #000; } .table-overflow { overflow-x: auto; } There is no application security “silver bullet” – it takes a combination of testing types to effectively reduce your risk. Each testing method has a different role to play and works best when used in... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.