Security News

Check in here for all the late-breaking AppSec news, including details about new vulnerabilities and recent breaches.

How Many Web Applications Does Your Organization Have? It’s More Than You Think

lpaine's picture
By Laura Paine April 2, 2019

“Automation has saved a tremendous amount of time. We went from a day per app to review and now we are essentially reviewing through automation 18,000 scans a day with only 20 AppSec engineers. You do the math — 18,000 deploys a day with 20 engineers — you can’t scale that manually.” – Senior manager application and cloud security, insurance, The Total Economic ImpactTM of the Veracode... READ MORE

RSA Conference 2019: A Recap

rgazarek's picture
By RJ Gazarek March 8, 2019
Key takeaways from RSA 2019

RSA is pretty amazing! I’ve been to a lot of security and tech conferences over the years, but somehow always missed the train to RSA. The show is absolutely massive, and involves an entire week of tradeoffs for an attendee – do you walk the expo hall for hours on end? Meet with customers? New prospects? Attend the sessions? Analysts? Write content? Promote on social media? Network with new... READ MORE

Live From RSA: Diversity and Inclusion

rgazarek's picture
By RJ Gazarek March 8, 2019
Highlights from diversity and inclusion conversations at RSA this year

At one of the keynote addresses at RSA, the opening speaker asked that everyone who identifies as a woman in the audience stand up. It was amazing to see how many women there were at the conference, but we have a long way to go. Veracode has an incredibly diverse employee base, which makes working here a great experience. We don’t have men and women, we have “Veracoders,” and we take that pretty... READ MORE

Live From RSA: In a World Changed by Software, Make Security Your Competitive Advantage

rgazarek's picture
By RJ Gazarek March 7, 2019
As software changes the world, security becomes a competitive advantage.

At RSA, our own CEO Sam King and CTO Chris Wysopal presented to a roomful of intrigued attendees on how software has completely changed the way businesses tackle problems, how companies work everyday to change our world, and how doing so in a secure manner provides these companies with a competitive edge in the marketplace. They key takeaway, if you read nothing else is this: Companies leverage... READ MORE

Live from RSA: Sophia the Social Humanoid Robot

rgazarek's picture
By RJ Gazarek March 7, 2019
What Sophia the humanoid robot can tell us about the future of security

A big theme throughout RSA this year, from the keynote to vendor booths, is the power that artificial intelligence can bring to the security world. While we do leverage machine learning at Veracode to better our vulnerability database, we thought it would be a lot more fun to bring a different form of AI to the booth this year. We invited Sophia, the world’s first social humanoid robot, to be a... READ MORE

Live From RSA: Coolest Things to See on the Expo Floor

rgazarek's picture
By RJ Gazarek March 6, 2019
Don't miss these RSA 2019 expo floor highlights

The RSA expo hall is massive. Even the word “massive” doesn’t seem to do justice to just how big the floor is and how many vendors are present. Putting it in better context, it took me an entire hour to walk by every booth at a moderate pace, and that is without stopping for conversations or getting my badge scanned. For the first night, I wanted to see everything, and make some mental notes on... READ MORE

Live From RSA: Opening Keynote Inspires

rgazarek's picture
By RJ Gazarek March 6, 2019
Key takeaways from the RSA Conference 2019 keynote address

The keynote presentation this year at RSA carried three major themes: Better Together, Trust, and Artificial Intelligence. Better Together We were treated with a surprise keynote opening by Dame Helen Mirren, who gave an inspirational speech on the influence that every security practitioner in the room has on the security of our world. She walked us through an exercise, asking everyone to hold up... READ MORE

Live From RSA: DevSecOps Days

rgazarek's picture
By RJ Gazarek March 5, 2019
Highlights from RSA Day One

RSA is arguably the preeminent security conference of the year. 2019 looks to live up to the excitement with a schedule full of knowledge sharing from the top experts in our industry. All week, we will share what we are learning this year, on both our social media channels and our blog.  Monday was full of pre-conference seminars and sessions to attend, and the one that caught our eye was... READ MORE

How Veracode Scans Docker Containers for Open Source Vulnerabilities

rgazarek's picture
By RJ Gazarek February 27, 2019

Veracode Software Composition Analysis now also scans Docker containers and images to find vulnerabilities associated with open source libraries as dependencies of the base OS image and globally installed packages. If you’re interested in understanding how containers work, the different components that make up your container ecosystem, and how that differs from virtualization, we recommend this... READ MORE

Why You Should Reconsider Prioritizing High Severity Vulnerabilities in Your Fix Schedule

lpaine's picture
By Laura Paine February 22, 2019

When it comes to vulnerabilities, there is a range of severity and exploitability, which often dictates how quickly a flaw is fixed upon discovery. Most companies prioritize high severity and critical vulnerabilities, but ignore lower severity vulnerabilities. The highest severity flaws are less complicated to attack, offer more opportunity for full application compromise, and are more likely to... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu