Managing AppSec

When your application security program is up and running, you need best-practice advice on managing and growing the program. Our security experts will guide you through important steps like measuring the success of your program or expanding it to cover more of the application landscape.

3 Best Practices for Perfect Security: A Story

pherzog's picture
By Pete Herzog October 27, 2015  | Managing AppSec 3
How to ensure security is 100% perfect.

Over the last year, I've been fortunate to consult on securing some important and highly targeted networks. I know they're highly targeted because they were attacked multiple times. So they needed perfect security. I know in the cyber security business we say that perfect security is impossible and even pretty good security can be ridiculously hard to scale, even on an enormous budget.... READ MORE

5 Key Qualities of a CISO

sdrew's picture
By Shawn Drew October 26, 2015  | Managing AppSec

The evolution of the CISO (chief information security officer) position over the past few years is nothing short of remarkable. Not too long ago, ensuring that a business's technology was secure fell to the CTO or CIO. But as the value of security has increased, the majority of enterprises now have someone dedicated to that role, someone who faces the board on a regular basis. A new survey... READ MORE

The New CISO: 5 Ways to Plan for Your Future Career in Cybersecurity

jmontesi's picture
By John Montesi October 23, 2015  | Managing AppSec

Businesses have done away with clunky closets full of rack computing in favor of the cloud. Soon the chief information security officers (CISOs) who used to sit in those hot, windowless rooms will be replaced by more flexible employees who understand the business side of their roles as well as they understand the dynamic nature of a career in cybersecurity. Having business and legal chops will... READ MORE

Providing Business Value: The Secret Skill Set of Next-Gen CISOs?

dbonderud's picture
By Doug Bonderud October 20, 2015  | Managing AppSec

What skills do chief information security officers (CISOs) need to succeed? At first glance the answer seems obvious — the job title suggests a focus on safeguarding data and ensuring that corporate networks are kept safe from malicious attackers. But as noted by a new Forrester report, "Evolve To Become the 2018 CISO or Face Extinction," there's significant change going on... READ MORE

Supply-Chain Risk: The 3 Most Popular Practices for Addressing Risk

sdrew's picture
By Shawn Drew October 14, 2015  | Managing AppSec

The past few years have shown that as external network defenses become stronger, applications truly are the new security perimeter. Many enterprise CISOs have developed robust testing processes and programs for internal applications but don't quite have a handle on how to effectively expand those programs to include third-party software. For application security, supply-chain risk is at an... READ MORE

The Scalability Challenge, Part Four: Security Regulations, Scaling and Automation

ewade's picture
By Evan Wade September 2, 2015  | Managing AppSec

If you've read the existing pieces in Veracode's "Addressing the Scalability Challenge" series (a collection of blog posts spurred by a whitepaper of the same title), then you know that scaling your security efforts can be a challenge. The threatscape businesses face is larger than ever, and it only grows (read: scales) as organizations find new and exciting ways to implement... READ MORE

CISO Tips for Risk Communication: How to Effectively Position Yourself in the Boardroom

sdrew's picture
By Shawn Drew September 1, 2015  | Managing AppSec

There is always a silver lining. When it comes to the recent surge of information security issues, the silver lining is these breaches have given CISOs increased prominence within their enterprises. What was once just one aspect of a CIO or CTO's role is now a full-fledged area of responsibility with direct access to the highest levels of the organization. Presenting to the C-suite or the... READ MORE

Supply-Chain Risk Management: 4 Tips to Tackle the Elephant in the Room

dbonderud's picture
By Doug Bonderud August 31, 2015  | Managing AppSec

Most companies don't want to talk about their supply chains and risk management in the same sentence, let alone bring this topic to the boardroom. Why? Because, as a recent Harvard Business Review (HBR) article points out, "suppliers tend to be optimistic about the information they provide," while companies looking to bolster their bottom lines without breaking the budget are often... READ MORE

Veracode Webinar Explains How to Beef Up Vulnerability Disclosure and Breach Response

ewade's picture
By Evan Wade August 28, 2015  | Managing AppSec

You don't have to be a top-flight security company to understand that breach response and vulnerability disclosure are a huge part of the security process. And you don't need to be a security expert to know that, while they're all very important at a high level, not all actionable flaws are created equal. It's a problem eminent security minds across the industry have spent lots of... READ MORE

Beyond the Quadrant: What the 2015 'Gartner Magic Quadrant for AST' Says About the AppSec Market

jlavery's picture
By Jessica Lavery August 24, 2015  | Managing AppSec

On August 6, Gartner published the 2015 edition of the "Magic Quadrant for Application Security Testing¹" – and once again, Veracode is positioned in the "Leaders" quadrant. Our position in the quadrant, as well as the subsequent write-up of the company's strengths and cautions, is exciting, as we feel it validates that we are the best pure-play provider of... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu