Veracode has the latest application security news, from recent data breaches and cyberattacks to vulnerabilities and flaws that make waves in AppSec.
Healthcare Orgs: What You Need to Know About TrickBot and Ryuk
In late October, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) co-authored an advisory report on the latest tactics used by cybercriminals to target the Healthcare and Public Health (HPH) sector. In the report, CISA, FBI, and HHS noted the discovery of, “…credible information of an READ MORE ›
Stay up to date on Application Security
New PCI Regulations Indicate the Need for AppSec Throughout the SDLC
Last year, the PCI Security Standards Council published the PCI Secure Software Standard and the PCI Secure Software Lifecycle (Secure SLC) Standard as a part of a new PCI Software Security Framework (SSF), also referred to as PCI S3. The SSF offers objective-focused security best practices that outline what a good application security program looks like, with consideration for both traditional READ MORE ›
Hot off the Press: Veracode Named a 2020 Gartner Peer Insights Customers’ Choice for AST
Veracode has been officially recognized by Gartner Peer Insights as a 2020 Customers’ Choice for Application Security Testing. The report includes Veracode’s aggregate score of 4.6 out of 5 stars out of 95 independent customer reviews (as of July 31, 2020), and of the reviewers, 92 percent said that they would recommend Veracode’s AST solutions. Veracode, the largest global provider of READ MORE ›
Gartner Summit: Balance Risk, Trust, and Opportunity in an Uncertain World
In light of the current pandemic, most organizations will be working remotely for the foreseeable future. But the increase in virtual operations has led to a higher volume of cyberattacks. Now, more than ever, it’s vital that your organization is armed with the industry’s best application security (AppSec) solutions. But how do you build and secure technology in an uncertain world? It’s a READ MORE ›
Live from Black Hat: Breaking Brains, Solving Problems with Matt WixeyBy Chris Kirsch August 7, 2020
Solving Puzzles has been a very popular pastime for InfoSec professionals for decades. I couldn’t imagine a DefCon without the badge challenge. At Black Hat 2020 Matt Wixey, Research Lead at PwC UK, didn’t disappoint as he presented on parallels between puzzle-solving and addressing InfoSec problems. Puzzle (and problem) solving can be taught Solving a puzzle and a problem is very similar. They READ MORE ›
Live from Black Hat: Hacking Public Opinion with Renée DiResta
Psychological operations, or PsyOps, is a topic I’ve been interested in for a while. It’s a blend of social engineering and marketing, both passions of mine. That's why I found the keynote by Renée DiResta, Research Manager at the Stanford Internet Observatory, particularly interesting. The Internet Makes Spreading Information Cheap & Easy Disinformation and propaganda are old phenomena READ MORE ›
Live from Black Hat: Practical Defenses Against Adversarial Machine Learning with Ariel Herbert-Voss
Adversarial machine learning (ML) is a hot new topic that I now understand much better thanks to this talk at Black Hat USA 2020. Ariel Herbert-Voss, Senior Research Scientist at OpenAI, walked us through the current attack landscape. Her talk clearly outlined how current attacks work and how you can mitigate against them. She skipped right over some of the more theoretical approaches that don’t READ MORE ›
Live From Black Hat: Stress-Testing Democracy - Election Integrity During a Global Pandemic with Matt Blaze
Technology and elections are heavily interrelated – but it wasn’t always that way. We started to adopt technology once we weren’t able to fit everyone into a town hall. The first piece of technology was simply a piece of paper and a ballot box. We may not think of it as technology, but the ballot box can be tampered with. That technology gave us ballot secrecy, a trait that a hand-raise in the READ MORE ›
Man vs. Machine: Three-Part Virtual Series on the Human Element of AppSec
In 2011 when IBM’s Watson supercomputer went up against ‘Jeopardy’ icon Ken Jennings, the world watched as a battle of man vs. machine concluded in an impressive win for Watson. It wasn’t simply remarkable that Watson could complete calculations and source documents quickly; the real feat was the brainpower it took to create fine-tuned software with the ability to comprehend questions READ MORE ›
New Data Reveals How AppSec Is Adapting to New Development Realities
In today’s fast-paced world, companies are racing to bring new, innovative software to market first. In order to keep up with the speed of innovation, many organizations are shifting toward DevSecOps. DevSecOps brings security to the front of the software development lifecycle (SDLC), allowing for both fast deployments and secure applications. Even though DevSecOps is able to meet the needs of READ MORE ›
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.