Security News

Check in here for all the late-breaking AppSec news, including details about new vulnerabilities and recent breaches.

Why Secure Critical Infrastructure Is a Pillar of Society

ppaganini's picture
By Pierluigi Paganini December 11, 2014  | Security News

Critical infrastructure is the backbone of any country. Today, governments are acutely aware of the threat that terrorists, state-sponsored hackers, cybercriminals and hacktivists pose to control systems within a critical environment. As a result, protection (rightly) lies at the heart of every governmental cyberstrategy. The number of cyberattacks launched against critical infrastructures... READ MORE

Monetary Authority of Singapore (MAS) Compliance: As Easy as Chewing Gum and Walking

jmontesi's picture
By John Montesi October 23, 2014  | Security News

MAS-source-code-review.jpg Singapore is famous for its balmy weather, insanely clean streets — and maximum-security banks. The dark side of such a utopia is an overwhelming set of rules and regulations that can quickly become disastrous for tourists. The half-joke about visiting Singapore, chewing gum, and never leaving has a little too much truth to be funny. But I digress.... READ MORE

Is Protecting Against SQL Injection (and Other Issues) Worth $2.6 Million?

ewade's picture
By Evan Wade September 19, 2014  | Security News

sql-injection-cost-of-protection.jpg It's not exactly earth-shattering news: businesses like having (and making!) money. And it's likely no surprise that many companies achieve that goal in part by handling their operational costs as efficiently as possible. Whether they're selling cheeseburgers or slinging software, close attention paid to the cost of doing business is... READ MORE

FS-ISAC Issues Guidance on Third-Party Application Security

wnather's picture
By Wendy Nather January 8, 2014  | Security News 3

The following is a guest post by Wendy Nather, Research Director, Security, 451 Research. As a former CISO, I’m always happy to see practical advice for defenders. In increasing order of usefulness, there are these types of advice: “Here’s what could be wrong; you might want to take a look at that.” “This is wrong, and good luck fixing it.” “This is... READ MORE

Veracode Directly Delivers Recommended Controls Called for by the Financial Services Industry

anielsen's picture
By Anne Nielsen December 11, 2013  | Security News

A group of leading banks, insurance, and mortgage companies including Aetna, Goldman Sachs, JP Morgan Chase, Citi, (among others) recently crafted recommended controls for addressing third party software security in the paper, “Appropriate Software Security Control Types for Third Party Service and Product Providers.” This paper acknowledges that conventional third party controls are... READ MORE

Browser Security Settings for Chrome, Firefox and Internet Explorer: Cybersecurity 101

NLord's picture
By Nate Lord March 22, 2013  | Security News 20

Optimizing your browser’s settings is a critical step in using the Internet securely and privately. Today’s popular browsers include built-in security features, but users often fail to optimize their browser’s security settings on installation. Failing to correctly set up your browser’s security features can put you at a higher risk for malware infections and malicious... READ MORE

Veracode at RSA Conference USA 2013

Neil's picture
By Neil DuPaul February 22, 2013  | Security News

With RSA Conference kicking off Monday the offices here are abuzz with activity. In addition to our Booth (#1342) we will also have a few other notable attractions for attendees. Between Conference Sessions, our 'Wicked Smaaht' Security Talks, a photo booth featuring Larry Thomas from Seinfeld and an iOS app available for download there's something for everyone this year! Veracode... READ MORE

Enterprise Testing of Applications is a Growing Trend

Neil's picture
By Neil DuPaul December 5, 2012  | Security News

One of the things we clearly see in our platform is that more vendor applications are being tested. Our SoSS reports are not based on surveys that collect opinions, it is an analysis of data aggregated from companies as they test and secure their applications. Our platform tracks whether an application is being tested as part of an enterprise effort to test vendor software. The number of vendor... READ MORE

Common Malware Types: Cybersecurity 101

Neil's picture
By Neil DuPaul October 12, 2012  | Security News 10

The amount and variety of malicious programs out there is enough to make your head spin. This blog post will break down the common types of malicious programs and provide a brief description of each. What is Malware? Malware is short for malicious software, meaning software that can be used to compromise computer functions, steal data, bypass access controls, or otherwise cause harm to the host... READ MORE

Introducing VAST: Vendor Application Security Testing

Neil's picture
By Neil DuPaul September 19, 2012  | Security News

Navigating the security superhighway of application perimeters, vendor software and in house development efforts can be a complex and intimidating task. We aim to shift your efforts to the fast lane with our new program, VAST! Today marks the official launch of our new Vendor Application Security Testing (VAST) program, designed to help enterprises manage the risks inherent in vendor-supplied... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu