Security News

Check in here for all the late-breaking AppSec news, including details about new vulnerabilities and recent breaches.

State of Software Security: Checking the Pulse of the Healthcare Industry

lpaine's picture
By Laura Paine March 30, 2018

Over the past year, our scans of thousands of applications and billions of lines of code found a widespread weakness in applications, which is a top target of cyber attackers. And when you zoom in from a big picture view down to a micro-level, there are a few industries that are struggling to keep up with the rapidly changing cybersecurity landscape and combat the tactics of malicious actors... READ MORE

Why I'm Going to RSA 2018: Veracode's New SVP of Engineering

Neil's picture
By Neil DuPaul March 29, 2018  | Intro to AppSec

Paiman Nodoushan has been working at Veracode for about two months. In that time, he's met a lot of his peers and claims he already remembers over 50% of their names, no small feat. Jokes aside, he's been getting to know his team, our projects, and the ins and outs of our entire SaaS operation. In our quick interview, he describes the team at Veracode as hard working and passionate, and goes on... READ MORE

Looking Ahead to RSA: Talking Open Source Components

TJarrett's picture
By Tim Jarrett March 23, 2018
Why attend RSA 2018

The marquee event of the security industry is fast approaching – the 2018 RSA Conference will take place in San Francisco April 16 to 20. This is a highlight of the year for all of us at Veracode, and we will have a major presence there, in part because of the sheer size of this event – both in terms of attendance and scale. It’s definitely the leading business-focused security show, and we know... READ MORE

Veracode Named a Leader in the Gartner Magic Quadrant for Application Security for the Fifth Report in a Row

lpaine's picture
By Laura Paine March 20, 2018

For the fifth consecutive report, Gartner placed Veracode as a Leader in the 2018 Magic Quadrant for Application Security Testing1.  Gartner chooses leaders for the report based on a company’s completeness of vision and ability to execute in the application security testing (AST) market. In recent years, we’ve witnessed the rise in adoption of DevSecOps and Modern Software Factory... READ MORE

How to Prevent a Breach From Spring Break

cwysopal's picture
By Chris Wysopal March 8, 2018  | Managing AppSec
Spring Break Vulnerability

Spring Break, the latest named vulnerability, is more serious than the moniker implies. Spring Break is a critical remote code execution vulnerability in Pivotal Spring REST, one of the most popular frameworks for building web applications, and the effects of this vulnerability are widespread. A patch for Spring Break has been available since September of last year, but the vulnerability broke... READ MORE

NYDFS Cybersecurity Regulation Transition Period Ends

jzorabedian's picture
By John Zorabedian February 23, 2018  | Managing AppSec
NYDFS Cybersecurity Regulation

March 1, 2018 marks the end of the one-year transition period for the New York Department of Financial Services (NYDFS) cybersecurity regulation. The passage of this date means affected organizations — including banks, insurance companies, and other financial services companies licensed by or operating in New York State — must be in compliance with a raft of security rules intended to protect non... READ MORE

Podcast: Veracode’s 2018 Development Resolutions with Maria Loughlin

lpaine's picture
By Laura Paine February 1, 2018
Developer Resolutions

Earlier this year, we looked at what 2018 has in stock for open source, and we wanted to continue this trend to dive a little bit deeper into the resolutions the developer community may have for the New Year. For some, it’s a matter of striving to write smaller batches of code that are more testable, better for security stance, or getting more of the enterprise to internalize that quality code is... READ MORE

Research Report: DevSecOps Provides a Competitive Edge

jzorabedian's picture
By John Zorabedian January 23, 2018  | Research
DevSecOps Research Report

CA Technologies has released a new report, based on research conducted by industry analyst firm Freeform Dynamics, that sheds light on some of the obstacles for organizations seeking the advantages of a development approach that prioritizes application security, without sacrificing time-to-market and innovation. The report also offers evidence that integrating security throughout the development... READ MORE

Forrester Analyst Amy DeMartine on What to Expect in Open Source in 2018

lpaine's picture
By Laura Paine January 11, 2018
2018 Open Source Software

When it comes to open source and security, one of the most popular words that pops into the head of security aficionados and professionals is “dread.” Certainly that perception is driven by open source’s reputation – it is seen as fast, easy, low cost and, well, risky. With unknown hands touching the code – and a surprisingly low number of developers maintaining common components – it’s... READ MORE

The Biggest Cybersecurity Stories, Breaches and AppSec Lessons of 2017

jzorabedian's picture
By John Zorabedian December 22, 2017  | Customer News
Cybersecurity Breaches of 2017

The past year featured daily news about cyberattacks, data breaches, and software vulnerabilities. If it feels like our cybersecurity challenges grow bigger and more complex, year after year, it's more than just a perception. Research from security companies, including Veracode, shows that there are more attacks than ever, and organizations have not caught up with the preventive measures needed... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu