Managing AppSec

When your application security program is up and running, you need best-practice advice on managing and growing the program. Our security experts will guide you through important steps like measuring the success of your program or expanding it to cover more of the application landscape.

Did You Read Our Most Popular 2018 Blog Posts?

sciccone's picture
By Suzanne Ciccone January 15, 2019
A look at our most popular blog posts in 2018

Every January, we get a lot of valuable insights by looking back at our most popular blog posts in the previous year, and 2018 was no exception. The posts that resonated the most last year paint a clear picture of topics most important to the security and development communities – from open source risk, to using AppSec as a competitive differentiator, to security’s new role in a DevOps world. The... READ MORE

Key Takeaways From SANS Report: Secure DevOps 2018: Fact or Fiction?

sciccone's picture
By Suzanne Ciccone January 11, 2019
Get key takeaways from SANS secure DevOps survey

DevOps, with its focus on speed and incremental development, is changing the application security landscape. We’ve talked about this change a lot in the past couple years, and how security should fit into this picture. Now SANS is taking a look at how security actually is fitting into this DevOps picture in practice. In a recent survey, the sixth in a series of annual studies by SANS on security... READ MORE

A New Year Means New Security Resolutions – Hear From the Experts

vlattell's picture
By Valerie Lattell January 8, 2019
Veracode team shares their 2019 security resolutions

With January upon us, there’s undoubtedly a buzz in the air as security and development professionals eagerly plan out their 2019 strategies. You might be wondering what resolutions you can make that will help you navigate the New Year, and to take it a step further, what trends you should consider when crafting these resolutions. To help you get started, here are some suggestions from the... READ MORE

Top Ways to Get ROI From Your AppSec Program

jtsmith's picture
By John Smith January 7, 2019  | Managing AppSec
Find out our top ways to boost your AppSec ROI.

When you make an investment in an application security program, you’re expecting to derive value from the initiative; in other words, you’re expecting to get some kind of return on your investment. After more than 10 years working with organizations to implement and build out application security programs, we have a pretty clear sense of what that value is. We find that the value derived from an... READ MORE

Flaws and Vulnerabilities and Exploits – Oh My!

vlattell's picture
By Valerie Lattell December 20, 2018
How to distinguish between flaws, vulnerabilities, and exploits.

With the slew of terms that exist in the world of application security, it can be difficult to keep them all straight. “Flaws,” “vulnerabilities,” and “exploits” are just a few that are likely on your radar, but what do they mean? If you’ve used these words interchangeably in the past, you’re not alone. They’re easy to confuse with one another, likely because there’s a relationship between all of... READ MORE

Beyond Scanning: Don’t Let AppSec Ignorance Become Negligence

ppourmousa's picture
By Pejman Pourmousa December 19, 2018
Application security is about more than scanning code.

In recent months, as I’ve worked with more and more prospects and customers, I’ve started to see an interesting trend: As more agile dev teams become responsible for their own security posture, they are relying on the operations team to “plug an AppSec tool” into their CI/CD pipeline to resolve their AppSec. While I agree with the sentiment that security needs to be embedded in the build process... READ MORE

How AppSec Reduces Unplanned Work

sciccone's picture
By Suzanne Ciccone December 11, 2018
Avoiding software development surprises

Unplanned work is the enemy of productivity – in all aspects of life. Any activity that pops up unexpectedly and eats up your time and resources is a productivity killer. You’ve probably experienced this at home – you drop your son at baseball practice, drive home, and then get a call that he left his glove at home and needs you to bring it to him. Or you’ve experienced it at work – an email is... READ MORE

Getting Started With AppSec: 4 Best Practices

nmichalov's picture
By Nathan Michalov December 10, 2018
How to get started with AppSec

New to AppSec? We’ve been helping organizations like yours build out application programs for more than 10 years, and we have a solid list of best practices for developing an effective program. Below are four good ones to prioritize as you work your way toward AppSec maturity. 1. One step at a time This is the first and most important best practice when you are getting started with AppSec. Don’t... READ MORE

The Open Source Conundrum

mcurphey's picture
By Mark Curphey November 15, 2018
Get details on our upcoming open source road show

If you’ve read or watched the news at all in the last five years, you know that securing software is challenging. And in today’s world, developers are shouldering a big part of this challenge. Here lies the conundrum. Developers are in the best position to secure code, but security is often not one of their priorities. With the shift to DevOps in recent years, development is all about speed of... READ MORE

Developer Tooling: A New Hope

mcurphey's picture
By Mark Curphey November 1, 2018
New dev tools will advance AppSec, not hinder it.

With all the doom and gloom surrounding the endless stream of data breaches, it’s sometimes easy to feel pessimistic about the future state of the AppSec industry. I should know, being British, my default psyche is that the glass is always half empty, not half full. But for me, AppSec is different. I have been in the AppSec business for almost 20 years and have never felt as optimistic that we... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu