Security News

Check in here for all the late-breaking AppSec news, including details about new vulnerabilities and recent breaches.

Optiv Announces New Software Assurance as-a-Service Offering Powered by Veracode

lbois's picture
By Leslie Bois December 9, 2019
Introducing Optiv's new security offering featuring Veracode

In an effort to help drive collaboration between security, development, and operations, improve speed to market, and ensure software is secure from the start, Optiv has released its new Software Assurance as-a-Service (SAaaS) offering. This program pairs Optiv’s consulting and security services with Veracode’s cloud-based, end-to-end application security solutions to give companies a programmatic... READ MORE

Why Are Schools Increasingly Targeted by Cyberattackers?

sciccone's picture
By Suzanne Ciccone September 12, 2019
Why are schools becoming cyberattack targets

Schools, including universities, are increasingly becoming cyberattack targets. Just this month, the Monroe-Woodbury school district in Orange County, NY had to delay the start of school due to cyberattacks. And this incident was only one of a handful of cyberattacks on New York state school districts this summer. One school system, Rockville Centre in Nassau County, paid a cyberattacker $88,000... READ MORE

Veracode Customers Improve Mean Time to Remediation by 90%

lpaine's picture
By Laura Paine September 3, 2019

Bill Gates is well known for treating time as a scarce resource, and in 1994, John Seabrook published a piece in The New Yorker detailing an email exchange he carried on with the famous technologist. Seabrook notes that Gates’ reverence for time was evident in his correspondence – skipping salutations and pleasantries, leaving spelling mistakes and grammatical errors in-line, and never addressing... READ MORE

Veracode Now Available on the Digital Marketplace G-Cloud UK

lpaine's picture
By Laura Paine August 22, 2019

There is a deepening awareness that cyberthreats can never be eliminated completely, and digital resilience is an absolute necessity – and this is true for both private and public sector organizations and agencies. With this understanding, the UK Government created its G-Cloud Framework, which has transformed the way that public sector organizations can purchase information and communications... READ MORE

Introducing the New Veracode Software Composition Analysis

jperez's picture
By Javier Perez August 19, 2019

Open source technology empowers developers to make software better, faster, and more efficiently as they push the envelope and delight users with desired features and functionality. This is a trend that is unlikely to fade – at least not in the foreseeable future – and has further fueled our passion for securing the world’s software. This is also why Veracode acquired SourceClear – we had a... READ MORE

As Cyberattacks Increase, So Does the Price of Cybersecurity Professionals

vlattell's picture
By Valerie Lattell August 14, 2019

Cyberattacks are on the rise, and companies are noticing. Everyone is in a scramble to avoid being the next corporation sweeping news headlines with the words “data breach” following. As a result, the demand for cybersecurity experts is skyrocketing, but there are a couple of problems. Not only are there not enough cybersecurity experts to fill those roles, but for the cybersecurity experts that... READ MORE

New Research: Apache Solr Parameter Injection

lpaine's picture
By Laura Paine August 14, 2019

Apache Solr is an open source enterprise search platform, written in Java, from the Apache Lucene project. Its major features include full-text search, hit highlighting, faceted search, dynamic clustering, and document parsing. You treat it like a database: you run the server, create a collection, and send different types of data to it (such as text, XML documents, PDF documents, etc.). Solr... READ MORE

Live From Black Hat USA: Making Big Things Better the Dead Cow Way

lpaine's picture
By Laura Paine August 9, 2019
Panel discussion on Cult of the Dead Cow at Black Hat 2019

When Reuters’ investigative reporter Joseph Menn confirmed that presidential candidate Beto O’Rourke was an early member of The Cult of the Dead Cow (cDc), it seemed as though folks had two viewpoints on it. They either had more respect for him because they understood what cDc was trying to accomplish, or they were relatively horrified because “hackers are bad.” It’s easy to fear what we don’t... READ MORE

Live From Black Hat USA: The Inevitable Marriage of DevOps & Security

lpaine's picture
By Laura Paine August 8, 2019
Talking DevOps and security at Black Hat 2019

During her briefing with Kelly Shortridge, vice president of product strategy at Capsule8, Dr. Nicole Forsgren, research and strategy at Google, did a beautiful job of adding imagery to the story she told of the attendee reactions during the now-famous talk Paul Hammond and John Allspaw gave at Velocity in 2009. If you're not familiar, the title of said talk was, "10 Deploys Per Day: Dev &... READ MORE

Live From Black Hat USA: Four Key Takeaways from Dino Dai Zovi's Keynote

lpaine's picture
By Laura Paine August 7, 2019
Key takeaways from the Black Hat 2019 keynote

"Did you know that your 20th Black Hat is when you get to give the keynote at Black Hat?" Dino Dai Zovi, head of security for Cash App at Square, joked to the packed ballroom. While it may have been Dai Zovi's 20th conference, the topic of his keynote has never been more fitting for where we are in security and the ways in which it mirrors what we experience in our day-to-day life. He gave us an... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.