Security News

Check in here for all the late-breaking AppSec news, including details about new vulnerabilities and recent breaches.

CA Technologies Acquires SourceClear, Advancing SCA Capabilities for a DevSecOps World

SKing's picture
By Sam King April 9, 2018

As software becomes a bigger component of the value delivered by companies in every industry, it’s no exaggeration to say that every company is becoming a software company. We find our customers pushing the envelope on how to tool up their internal software factory to make software better, faster and more efficiently. Those goals are also driving increased use of open source libraries. This saves... READ MORE

ACS Center’s Michael Figueroa Discusses the Technical Disconnect in Election Security

lpaine's picture
By Laura Paine April 4, 2018

When officials explore the issues surrounding election integrity in the United States, one obstacle tends to frame those discussions: the huge chasm that exists between the technology sophistication of cyber attackers intent on disrupting U.S. elections, and the technology sophistication of the officials who run those elections. Even an attack as low-tech as an email phishing campaign, where... READ MORE

State of Software Security: Checking the Pulse of the Healthcare Industry

lpaine's picture
By Laura Paine March 30, 2018

Over the past year, our scans of thousands of applications and billions of lines of code found a widespread weakness in applications, which is a top target of cyber attackers. And when you zoom in from a big picture view down to a micro-level, there are a few industries that are struggling to keep up with the rapidly changing cybersecurity landscape and combat the tactics of malicious actors... READ MORE

Why I'm Going to RSA 2018: CA Veracode's New SVP of Engineering

Neil's picture
By Neil DuPaul March 29, 2018  | Intro to AppSec

Paiman Nodoushan has been working at CA Veracode for about two months. In that time, he's met a lot of his peers and claims he already remembers over 50% of their names, no small feat. Jokes aside, he's been getting to know his team, our projects, and the ins and outs of our entire SaaS operation. In our quick interview, he describes the team at Veracode as hard working and passionate, and goes... READ MORE

Looking Ahead to RSA: Talking Open Source Components

TJarrett's picture
By Tim Jarrett March 23, 2018
Why attend RSA 2018

The marquee event of the security industry is fast approaching – the 2018 RSA Conference will take place in San Francisco April 16 to 20. This is a highlight of the year for all of us at CA Veracode, and we will have a major presence there, in part because of the sheer size of this event – both in terms of attendance and scale. It’s definitely the leading business-focused security show, and we... READ MORE

CA Veracode Named a Leader in the Gartner Magic Quadrant for Application Security for the Fifth Report in a Row

lpaine's picture
By Laura Paine March 20, 2018

For the fifth consecutive report, Gartner placed CA Veracode as a Leader in the 2018 Magic Quadrant for Application Security Testing1.  Gartner chooses leaders for the report based on a company’s completeness of vision and ability to execute in the application security testing (AST) market. In recent years, we’ve witnessed the rise in adoption of DevSecOps and Modern Software Factory... READ MORE

How to Prevent a Breach From Spring Break

cwysopal's picture
By Chris Wysopal March 8, 2018  | Managing AppSec
Spring Break Vulnerability

Spring Break, the latest named vulnerability, is more serious than the moniker implies. Spring Break is a critical remote code execution vulnerability in Pivotal Spring REST, one of the most popular frameworks for building web applications, and the effects of this vulnerability are widespread. A patch for Spring Break has been available since September of last year, but the vulnerability broke... READ MORE

NYDFS Cybersecurity Regulation Transition Period Ends

jzorabedian's picture
By John Zorabedian February 23, 2018  | Managing AppSec
NYDFS Cybersecurity Regulation

March 1, 2018 marks the end of the one-year transition period for the New York Department of Financial Services (NYDFS) cybersecurity regulation. The passage of this date means affected organizations — including banks, insurance companies, and other financial services companies licensed by or operating in New York State — must be in compliance with a raft of security rules intended to protect non... READ MORE

Podcast: CA Veracode’s 2018 Development Resolutions with Maria Loughlin

lpaine's picture
By Laura Paine February 1, 2018
Developer Resolutions

Earlier this year, we looked at what 2018 has in stock for open source, and we wanted to continue this trend to dive a little bit deeper into the resolutions the developer community may have for the New Year. For some, it’s a matter of striving to write smaller batches of code that are more testable, better for security stance, or getting more of the enterprise to internalize that quality code is... READ MORE

Research Report: DevSecOps Provides a Competitive Edge

jzorabedian's picture
By John Zorabedian January 23, 2018  | Research
DevSecOps Research Report

CA Technologies has released a new report, based on research conducted by industry analyst firm Freeform Dynamics, that sheds light on some of the obstacles for organizations seeking the advantages of a development approach that prioritizes application security, without sacrificing time-to-market and innovation. The report also offers evidence that integrating security throughout the development... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu