Discover how to manage your application security program with expert guidance on measuring AppSec success and improving the security of your software.
- Making a Case for the Cloud: Customers Give Their Honest Feedback of SaaS-Based AppSecBy Hope Goslin June 23, 2020
Before the pandemic, 70 percent of companies were in the early stages of a digital transformation. But given the current circumstances, companies are being forced to speed up those efforts. This statistic, coupled with the FBI’s findings that cyberattacks have increased by 400 percent over the last few months, supports the need for increased application security (AppSec) and the shift toward READ MORE
Stay up to date on Application Security
Let’s face it; consumers’ attention spans are getting shorter by the day. Gone are the days of people willing to wait several minutes for a clunky website with a poor user experience to load. In fact, 47 percent of users expect the average page to load in less than 2 seconds before they leave, resulting in billions in missed potential revenue. With the increased competition for consumer attention READ MORE
- What Does it Take to Be an Effective Developer Manager?
If you’re a software engineer you’ve probably seen one or two of your colleagues graduate from Senior Developer to Developer Manager – some with the sobering realization that managing a team of developers requires significant cross-functional skillsets. Foundationally, to be a successful Developer Manager you must know your stuff when it comes to software development, be passionate about the READ MORE
- Open Source Libraries: Uncovering the Risks That Lurk Beneath the SurfaceBy Hope Goslin June 8, 2020
The use of open source libraries to assemble applications is accelerating. Not only are more people using open source libraries, but more individual developers, and even companies, are also on a mission to contribute to more open source projects. For Veracode, we’re seeing more than 70 percent of our customer base leveraging one or more open source libraries in their applications. And that could READ MORE
- Why Fast Feedback Is Critical For Developer Success
In their book Agile Testing: A Practical Guide for Testers and Agile Teams (2008), Lisa Crispin and Janet Gregory wrote that one of the most important factors for success in software development is feedback. “Feedback is a core agile value. The short iterations of agile are designed to provide constant feedback to keep the team on track.” The message still rings true: constant feedback is READ MORE
- Why Manual Penetration Testing and Automation are Important Aspects of an AppSec Program
Authored by Jacques Lopez and Tom Eston As a result of the current COVID-19 pandemic, most companies are operating remotely. This “new normal” has led to an increased demand for digital transformations and cloud migrations. But Verizon’s 2020 Data Breach Investigations Report recently noted that cyberattackers are taking advantage of the digital transformations, finding new ways to attack web READ MORE
- Secure Development Without Sacrificing Innovation and Speed
If you know the term “nightly build,” chances are you’ve been a part of that process before. A nightly build - or code compiled overnight from previously checked code - is a foundational way to find flaws or issues that arise from changes made during long build processes. But while a staple in DevOps, nightly builds also present a problem: if new bugs are discovered the following morning after READ MORE
- Cracking the Code to a Successful Remediation Plan
Creating a remediation plan can be tricky. In fact, customers often tell us that it’s much easier to create a plan to help developers scan applications quickly and easily than it is to establish remediation goals. But if vulnerabilities aren’t remediated right away, there’s a higher chance that they will never be remediated. Our recent State of Software Security (SOSS) report found that there’s READ MORE
- Frequency, Speed, and Accuracy Are a Match Made in AppSec Heaven
“Make it work, make it right, make it fast.” These words from renowned software engineer Kent Beck will always ring true for developers, especially with the pace of development picking up, not slowing down. A GitLab survey from last year showed nearly half (43 percent) of respondents deploy software on-demand or multiple times per day – that’s nonstop grinding to produce good code. But simply READ MORE
- Realigning Priorities and Building a Bridge Between Security and Development
It’s a common conundrum for application security (AppSec) teams…how can developers and security professionals work together to release software faster? It takes a working relationship, good communication, and the right tools, which most teams don’t have. Even more discouraging, stigmas follow both teams around the office; developers often worry that security is there to slow down or halt their READ MORE
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.