Security News

Check in here for all the late-breaking AppSec news, including details about new vulnerabilities and recent breaches.

Live From RSA: The Most Dangerous New Attack Techniques and What's Coming Next

jlavery's picture
By Jessica Lavery February 17, 2017  | Security News

SANS took the main stage at RSA Wednesday morning to talk about the seven most dangerous cyberattacks and what they expect to see in the coming years. The panel, moderated by Alan Paller, consisted of SANS researchers Ed Skoudis, Johannes Ullrich and Michael Assante. The four issues that stood out: 1. The rise of ransomware and crypto-ransomware Cryptography, Skoudis explained, was invented to... READ MORE

Live From RSA: Final Boarding Call for DevOps – You Don’t Have to Go Home, But …

jlavery's picture
By Jessica Lavery February 15, 2017  | Security News
RSAC Corman Keynote: DevOps

Josh Corman gave another engaging and informative talk at RSA about DevOps and how it is changing the way we think about security. As he says, DevOps is here, and is the future of development. Companies that don’t start shifting this way won’t be able to keep up in terms of innovation. But he also points out the need for governance, using the analogy of an earthquake. The earthquake... READ MORE

Live From RSA: States Confront Cybersecurity Challenge

jlavery's picture
By Jessica Lavery February 15, 2017  | Security News
RSAC McAuliffe Keynote

Before Terry McAuliffe made his plea for audience members to move to Virginia, the Virginia Governor and the Chairman of the National Governors Association spoke about the need for states to take cybersecurity into their own hands and work with the federal government to improve it. He pointed out that, collectively, the 50 U.S. states possess more data than the federal government. Health... READ MORE

Live From RSA: Michael McCaul Keynote – Fight for Our Digital Lives

jlavery's picture
By Jessica Lavery February 15, 2017  | Security News
RSAC Michael McCaul keynote

The RSA 2017 theme of cyberwar and the need for improved national security continued with a presentation by Michael McCaul, Chairman of the House Committee on Homeland Security. Like many of the other speakers I heard today, McCaul danced a political line. But if others were dancing a ballet, he was more of a tap dancer, clearly stomping on the line while others glided around it. He began his... READ MORE

Live From RSA: Brad Smith Keynote – We Need a Cyber Geneva Convention

jlavery's picture
By Jessica Lavery February 15, 2017  | Security News
RSAC Brad Smith

When RSA’s Zulfikar Ramzan finished his keynote discussing technology’s “ripple effect,” Brad Smith, President of Microsoft, took the stage to talk about cyberspace as the new battlefield. He started by pointing out that – unlike when war shifted from land, to the sea, to the air – cyberspace is not physical. Yet the battle can still have... READ MORE

Live From RSA: Zulfikar Ramzan Keynote – Ripples and Technology

jlavery's picture
By Jessica Lavery February 15, 2017  | Security News
RSA 2017: Zulfikar Ramzan

Once John Lithgow left the stage, Zulfikar Ramzan, RSA’s CTO, took the stage to talk about business-driven security. He implored the security professionals in the room to not draw lines between departments, but instead create connections for better collaboration and enhanced security. Sounds a lot like DevOps. Ramzan then spoke a lot about how small events can create larger ripples that... READ MORE

Live From RSA Conference 2017 – The Power of Opportunity

jlavery's picture
By Jessica Lavery February 15, 2017  | Security News
Veracode at RSA Conference 2017

It almost didn’t happen, but I made it to the RSA Conference. A series of unfortunately timed winter storms delayed/canceled flights, but I was able to make it out of Boston and to San Francisco only a day late – which meant I only missed the DevSecOps @ RSA Conference 2017 talks on Monday. And the big takeaway after my first day at the conference: it’s all about DevOps. If... READ MORE

How About Some Shared Security Responsibility For Developers?

eschuman's picture
By Evan Schuman February 9, 2017  | Security News
Developers need their fair share of code security responsibility.

With the New Year unfolding, 'tis the season to be reminded that app security has not yet arrived at the optimal state. Consider this piece from Kaspersky's Threatpost pointing out how re-used third-party libraries perpetuate security holes long after they have been discovered. For 2017, the industry needs a change in approach. AppSec is certainly getting better, but enterprise security... READ MORE

Examining Security Spend Reveals Much About Priorities

eschuman's picture
By Evan Schuman February 7, 2017  | Security News

When it is treated as an afterthought, security can never work. When enterprises purchase and write thousands of applications without any formal app security mechanism, they are opening themselves up to breaches. What recent reports show is that there is a real disconnect between the spend on applications and the investment in protecting them.  Gartner is projecting that U.S. enterprises... READ MORE

Podcast: What We Expect to See at RSA 2017

sciccone's picture
By Suzanne Ciccone February 7, 2017  | Security News

The annual RSA Conference is one of the biggest security industry events of the year and, as such, is often a “canary in the coalmine” – signaling the trends, themes and future direction of the security industry. In Episode 2 of Veracode’s AppSec in Review podcast, Brian Fitzgerald, Veracode Chief Marketing Officer, talks to Evan Schuman about what those emerging 2017 trends and themes might be.... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu