Managing AppSec

When your application security program is up and running, you need best-practice advice on managing and growing the program. Our security experts will guide you through important steps like measuring the success of your program or expanding it to cover more of the application landscape.

AppSec Mistake No. 3: Neglecting to Integrate AppSec Into Developer Processes

sciccone's picture
By Suzanne Ciccone August 15, 2018
Why it's a mistake to not integrate your security testing into dev processes

We’ve been in the application security business for more than 10 years, and we’ve learned a lot in that time about what works, and what doesn’t. This is the third in a blog series that takes a look at some of the most common mistakes we see that lead to failed AppSec initiatives. Use our experience to make sure you avoid these mistakes and set yourself up for application security... READ MORE

AppSec Mistake No. 2: Ignoring Open Source Library Use

sciccone's picture
By Suzanne Ciccone August 3, 2018
How to manage the risk of open source libraries.

We’ve been in the application security business for more than 10 years, and we’ve learned a lot in that time about what works, and what doesn’t. This is the second in a blog series that takes a look at some of the most common mistakes we see that lead to failed AppSec initiatives. Use our experience to make sure you avoid these mistakes and set yourself up for application security success. Open... READ MORE

Black Hat 2018: The Art of Secure Code

SKing's picture
By Sam King August 2, 2018
Veracode talks art of secure code at Black Hat 2018

This year’s Black Hat conference has some of the most diverse and intriguing sessions of any recent industry event. Attendees will have the opportunity to explore hacking of voting booths, learn about vulnerabilities in critical infrastructure and see live demos of how attackers can alter functionality of some of the most popular digital payment systems. These vastly different threats have... READ MORE

The Art of Secure Code

sciccone's picture
By Suzanne Ciccone August 1, 2018
We're talking the art of secure code at Black Hat 2018

We think a high-quality and highly secure app is a work of art. As with any artistic endeavor, it takes creativity, resources, training, and talent to create secure code. Maybe it’s a little bit of stretch to compare your software developers to Picasso, but we would argue that there are a lot of similarities between creating a great piece of secure code and a great piece of art. For example, both... READ MORE

AppSec Mistake No. 1: Using Only One Testing Type

sciccone's picture
By Suzanne Ciccone July 30, 2018
Learn from the top AppSec mistakes we see.

We’ve been in the application security business for more than 10 years, and we’ve learned a lot in that time about what works, and what doesn’t. This is the first in a blog series that takes a look at some of the most common mistakes we see that lead to failed AppSec initiatives. Use our experience to make sure you avoid these mistakes and set yourself up for application security success. The... READ MORE

Veracode Dynamic Analysis Helps You Check Your Security Headers

schavali's picture
By Saikrishna Chavali July 30, 2018
Security Header Recommendations

Veracode Dynamic Analysis helps you follow Google I/O 2018 security recommendations I've been binging on the Google I/O 2018 videos. I guess every web geek does! One video caught my attention: Google Chrome security team's improvements to fight off the Spectre & Meltdown "celebrity" vulnerabilities. They're using software at the browser level to mitigate against a hardware vulnerability. How... READ MORE

Veracode Dynamic Analysis: Reduce the Risk of a Breach

bsarathy's picture
By Bhavna Sarathy July 18, 2018
Details on our new Dynamic Analysis offering

Veracode Dynamic Analysis is a dynamic scanning solution that features automation, depth of coverage, and unmatched scalability. Built on microservices and cloud technologies, the Veracode Dynamic Analysis solution is available on the Veracode SaaS platform. Veracode Dynamic Analysis helps both vulnerability managers tasked with safeguarding the entire web application portfolio, and AppSec... READ MORE

Announcing New Veracode Dynamic Analysis

bsarathy's picture
By Bhavna Sarathy July 5, 2018
Find out about our new Dynamic Analysis.

Effective application security assesses applications across the entire software lifecycle – beyond the development phase and into production. Why is this necessary? If you’ve shifted security left, into the development process, why do you need to shift it right into production? To put it bluntly: Because people aren’t perfect, and bad guys never sleep. With the speed of today’s development... READ MORE

A Closer Look at Security’s Role in a DevSecOps Organization

mspencer's picture
By Milena Spencer July 5, 2018
How does DevSecOps change the security role?

In February, we hosted a virtual summit titled “Assembling the Pieces of the DevSecOps Puzzle.” The goal of the summit was to provide organizations with tools and information to implement a DevSecOps strategy in their organization—and make the shift from theory into practice.  In his educational webinar at the summit, Chris Wysopal—Veracode’s CTO and co-founder—tackles an important,... READ MORE

A Security Champion in the Developer Midst May Just Solve the Secure Code Conundrum

eschuman's picture
By Evan Schuman July 3, 2018
How to use your security resources more efficiently with developer security champions.

The enterprise challenge in generating secure code is well known: as software becomes a competitive advantage and customers expect regular updates, the need to release new features and content frequently often trumps the need to release secure code. Although that's a true conflict, it's not the full story. Psychology can play almost as big a role, with security teams often perceived by developers... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu