What was top of mind for your peers regarding AppSec in 2020?
Yes, we realize no one really wants a 2020 retrospective – who wants to look back at that mess? But we are going to carry on with our annual look-back at our most popular blogs from the previous year. We always gain a lot of insight with this exercise – we find out what resonated with security professionals and developers, uncover trends, and learn what people have questions or concerns about. We hope you find this valuable too.
So what were the hot AppSec topics in 2020? Topping the list: Developer security training, best practices made practical, open source security, technical details on vulnerabilities, and, of course, the sudden shift to remote work and a digital world last March. Did you catch all these popular blog posts?
Developer security training
Our new Security Labs offering was a hot topic last year. Clearly, training developers on secure coding is a requirement and a concern for many. If you want to see what Security Labs is all about, check out the Community Edition. Developers can use it to learn to code securely by hacking and patching real apps, at no cost.
Our survey report with ESG covered some of the pain points organizations are facing regarding security training, and blogs on that topic were in our most-viewed list as well.
Best practices for the rest of us
Our guide on AppSec best practices vs. practicalities and its associated blog were among our most-read content pieces last year. Highlighting not only what to strive for, but also where to start, with application security seemed to resonate with many.
Securing open source code
As with the past several years, open source security was one of the most popular topics. The first open source edition of our annual State of Software Security report got a lot of attention in 2020. Take a look at the report to get the results of our analysis of 351,000 external libraries in 85,000 apps. We unearthed some really interesting data about the number of dependencies in open source libraries, and about challenges and best practices in securing them.
Details on vulnerabilities and secure coding
Blogs that take a technical deep dive into particular vulnerabilities typically resonate with our audience, and last year was no exception. Our blog posts on spring view manipulation vulnerability and preventing sensitive data exposure got a lot of attention in 2020.
And finally … a topic of interest last year on our blog was life at Veracode, both professional and personal, after the Covid shutdown. Our two blogs on the topic were some of our most viewed. We especially like the one about all the Veracoders suddenly working from home (The pets! The amazing Star Wars workspace!). It was quite the upheaval at the time, but now it’s hard to remember life with bumper-to-bumper traffic, conference rooms, and hallway conversations. And stay tuned … as we approach the one-year anniversary of our shift to remote work, we’re looking back and thinking about all we’ve learned and pulling it all together in another blog post on the topic.
Keep up with the latest AppSec news and advice
We hope you found some useful information in these blog highlights. Don’t miss any gems this year -- stay up to date with all our content on AppSec news and best practices in 2021 by becoming a content subscriber. We’ll send you our monthly newsletter (and some exclusive content) to keep you in the loop. Happy 2021 everyone, thanks for reading and engaging with our content -- stay secure, stay healthy, and stay sane!