Intro to AppSec

For those new to application security, we cover the application security basics and answer questions such as what is application security, why it's important, how it fits in the security ecosystem and how to get started.

How Are We Securing the Booming Digital Economy? Our Latest Survey Results

sciccone's picture
By Suzanne Ciccone December 8, 2017  | Intro to AppSec
Are business leaders concerned about securing their digital initiatives?

The holiday season is upon us; are you buying all your gifts at the mall? Probably not. Many, if not most, of you are going to research, purchase and pay for all your holiday gifts online this year. Digitization is everywhere – changing every interaction and transaction. But it seems like breaches are everywhere as well – affecting all industries in all geographies. Are business leaders simply... READ MORE

How to Get Into Application Security

jtotzek's picture
By Julian Totzek-Hallhuber November 6, 2017

It’s been more than 20 years since I began my career. I started out working on updating Windows 95 client software, managing the BNC network cabling and getting Windows NT VPN working with partners in other countries. The Internet was just emerging, and I also built my first webpage for this company: grey background; nice little moving gifs; horizontal bars; and all the crazy stuff you did to... READ MORE

Application Security Virtual Summit: Attend a Top AppSec Conference from Your Desk

jzorabedian's picture
By John Zorabedian August 14, 2017  | Intro to AppSec
AppSec Virtual Summit

Veracode is hosting our first application security virtual summit on Tuesday, August 22, and there’s something for everybody — whether you’re a security, developer, or IT ops pro, a practitioner or manager. The summit, which we’re calling “Application Security: What, Why and How,” features a star-studded lineup of the industry’s top experts, and a schedule chock-full of interesting and... READ MORE

When Technology Fails Us. And When We Fail Technology.

bfitzgerald's picture
By Brian Fitzgerald April 28, 2017  | Intro to AppSec
technology changes the world

Today was one of those epiphanies for me about how intimate and co-dependent our relationship with our tech has become. And as is true in all co-dependent relationships, neither side is completely blameless. Sometimes when we’re blaming our tech for letting us down when we need it most, we should really be apologizing to it instead. As spring hits New England, I finally climbed out of the... READ MORE

The Veracode Platform: Where Development and Security Come Together

sciccone's picture
By Suzanne Ciccone April 11, 2017  | Intro to AppSec
Bringing security and development together

The development of software has become a continuous, integrated process that reaches beyond your internal development team. This allows your organization to grow and innovate like never before, but also requires you to think about security differently. Different teams with different priorities Security and development teams each have very different AppSec priorities, needs and requirements.... READ MORE

The Importance of Application Security: A Few of the Benefits and Risks

mfrancis's picture
By Melissa Francis January 19, 2017  | Intro to AppSec
Benefits versus risks of application security programs.

Application security is no longer optional; it has become an absolute necessity. With an increasing number of companies welcoming the idea of developing their own apps, in addition to purchasing record numbers of apps and incorporating open source code into their apps, the risks and vulnerabilities associated have also risen manifold. I’ve worked as a Security Program Manager at Veracode... READ MORE

Where Pen Testing Belongs in Your Application Security Process

sciccone's picture
By Suzanne Ciccone December 29, 2016  | Intro to AppSec
What is manual penetration testing?

What Is Manual Penetration Testing? Manual penetration testing (pen testing) is an application security method in which a human pen tester manually tries to hack into an application to find vulnerabilities. An important component of your overall application security program, this method can identify vulnerabilities that cannot be detected with automation, such as business logic flaws. Its... READ MORE

Applications Have a New Role in Today’s Digital World: What Are the Security Implications?

sciccone's picture
By Suzanne Ciccone December 29, 2016  | Intro to AppSec
Role of applications in today's digital world.

In a previous blog post, we explored how software is “eating the world,” and how applications have gone from a nice-to-have to a critical part of running a business. As enterprises are forced to develop and buy more and more software – and at a lightning pace in order to keep up with the competition – what are the security implications? Cyberattackers are increasingly... READ MORE

Application Security? But I Have a WAF!

TJarrett's picture
By Tim Jarrett December 28, 2016  | Intro to AppSec
Firewalls don't catch everything.

It seems so tempting. Solve your application security problem by throwing an appliance at it. After all, if web applications are the most common form of attack, why not just protect them the same way you protect your network and email servers, and be done with it? Why should you spend time hunting down vulnerabilities in your code and figuring out how to fix them? The “appliance throwing... READ MORE

Surviving a Password Policy Perfect Storm

ahamilton's picture
By Andrew Hamilton December 27, 2016  | Intro to AppSec

As a security consultant, I see examples all the time of applications that don’t implement defense-in-depth to reduce the risk of account compromises. One area where this is especially problematic is password policy. Password policies can contribute to a strong application security strategy, or create a false sense of security while leaving user data and applications open to attack. Weak policies... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu