Security News

Check in here for all the late-breaking AppSec news, including details about new vulnerabilities and recent breaches.

RSA: Remarks by Admiral Michael S. Rogers, U.S. Navy, Commander, U.S. Cyber Command, Director, National Security Agency/Chief, Central Security Service

jlavery's picture
By Jessica Lavery March 2, 2016  | Security News

Given the focus on the FBI/Apple case during the morning keynotes at RSA on Tuesday, I had thought the remarks by Admiral Rogers would have addressed the topic more directly. However, instead of a discussion on encryption and the importance of national security, we were treated to a lesson on the mission statements of the NSA and the US Cyber Command, as well as a call to action for industry and... READ MORE

DevOps Connect: Rugged DevOps Seminar – Make Code Not War

jlavery's picture
By Jessica Lavery March 1, 2016  | Security News

On Monday, the RSA Conference featured a full-day DevOps Connect Seminar. In order to attend some of the other sessions, I had to pop in and out of the seminar, so I wasn’t able to see the entire agenda. However, the portions I was able to attend seemed a little like déjà vu, as I imagine they would for anyone from CA Veracode. One of the main topics in the opening remarks was that DevOps... READ MORE

How to Explain Cybersecurity to the Board Using a Simple Metaphor: FIRE

jlavery's picture
By Jessica Lavery March 1, 2016  | Security News

All the high-profile breaches of the past few years have put more attention on cybersecurity than ever before. As a result, what was once, at best, a bullet point during board meetings is now a topic the board is eager to understand better. This increased attention is great, but many security leaders aren’t used to this level of scrutiny from the board, so they aren’t sure how to talk... READ MORE

Recap: RSA Conference 2016

jlavery's picture
By Jessica Lavery March 1, 2016  | Security News

Acting as one of CA Veracode’s content producers has its perks. One of those perks is being able to attend RSA and having the privilege of sitting in as many sessions as I can fit into a day. Yesterday was the first day of the RSA Conference, and the area around the Moscone Center was already bustling. I attended a variety of sessions, and there was one common thread among all the presentations... READ MORE

glibc – This Will Not Be the Last Open Source Component Vulnerability We See

jlavery's picture
By Jessica Lavery February 17, 2016  | Security News

46610717_ml.jpg On Tuesday, February 16th, Google researchers issued a vulnerability disclosure for glibc (CVE-2015-7547). Though the media has dubbed this an “extremely severe bug,” it seems the majority of news articles and responses to this disclosure have been both measured and appropriate. This is surprising since the media typically hypes branded vulnerabilities,... READ MORE

The ironic battle over crypto

TJarrett's picture
By Tim Jarrett February 4, 2016  | Security News

This post was originally published February 4, 2016 on:   1365081_ml.jpg Bruce Schneier: Security vs. Surveillance. As the dust finally settles from the breach of the US Office of Personnel Management, in which personal information for 21.5 million Americans who were Federal employees or who had applied for security clearances with the government... READ MORE

Toying with the Broken Window Theory

rwilber's picture
By Rob Wilber January 11, 2016  | Security News

High-tech toymaker VTech recently made headlines when they announced they’d been the victim of a significant cyberattack. Personal account information associated with over 10,000,000 of their customers were compromised in the attack, including over 6 million profiles tied to the children using their toys.  When I got word of this incident, I immediately thought back to a presentation... READ MORE

Why I came to CA Veracode

jfeiman's picture
By Joseph Feiman January 5, 2016  | Customer News | Security News 3

jfeiman-1.jpg Recently CA Veracode announced that I had left my position as a Research VP and Fellow at Gartner to join the company in its pursuit of securing the world’s software.  Some may ask, “why after almost two decades of helping shape the security market, have I decided to leave Gartner and work with a vendor?” I did not take the decision lightly, and... READ MORE

SAFECode Comes Up Short

anielsen's picture
By Anne Nielsen November 23, 2015  | Security News

safecode-principles-software-assurance-assessment.JPG SAFECode has released their Principles for Software Assurance Assessment - a buyer’s guide for businesses that purchase and use software for how they should think about the security of those products. While CA Veracode contributed to the paper, we feel the focus is on a level of maturity that is aspirational at best for the... READ MORE

Cybersecurity in Finance: Time for Change?

dbonderud's picture
By Doug Bonderud November 17, 2015  | Security News

Banks are investing big in cybersecurity. According to Lexology, HSBC has earmarked $1 billion for cybersecurity enhancements, while JPMorgan Chase has doubled down on spending with plans to hit $500 million by the end of 2015. Even financial institutions that aren't actively ramping up their resources are busy backing startups they hope will provide the next generation of cybersecurity. All... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu