RSA 2018 is fast approaching, and all of us at Veracode are gearing up and getting ready. I’m excited to return this year, and looking forward to both sharing what’s new with us, and learning more about what others have been working on this year. Although the size of this conference can be overwhelming, bringing so many security professionals together creates a truly unique source of knowledge and insight. From conversations with other security experts to meeting our customers and prospects, to checking out the most recent startups and new technologies, I always come away with a better understanding of the market, where it’s headed, and where it should be headed.
Will you be in San Francisco this year? We’d love to see you at our booth N3309. This year, we’ve got a joint CA/Veracode presence centered around the theme “trusted users, trusted apps.” On the Veracode “trusted apps” side, we’re talking all things DevSecOps and specifically highlighting:
Our SourceClear acquisition: This is late-breaking news for us, and we’re thrilled to be able to show off this technology at RSA. Founded by Mark Curphey, the creator of OWASP, SourceClear is a technological leader with groundbreaking innovations in software composition analysis (SCA). SourceClear offers a SaaS-based software composition analysis tool that relies on a proprietary vulnerability database that goes significantly beyond the NVD and a unique technology that increases the actionability of SCA results. SourceClear’s SCA solution not only tells you which applications have a vulnerable component, it tells you whether or not the functionality is being used – something no other SCA solution can offer. We plan to fully integrate the SourceClear technology into the Veracode cloud platform. Find out more about this ground-breaking technology, and see it in action, at our booth.
Veracode Verified: We just overhauled and re-launched our Verified program, and we are really excited to show off this new iteration. With the Veracode Verified program, you earn a Verifed seal that proves at a glance that security has been a priority in your development process. We recently shifted the focus of this assurance program from looking at an application in one point of time to the security of an organization’s development practices over time. Stop by the booth and we’ll give you more details on the different Verified tiers and how to get your development process Verified.
Veracode Static Analysis IDE Scan: We’ve had a lot of positive feedback about this product from the development community in the past year, and we want to continue to get the word out about this powerful product by demo-ing it at our booth. Visit our booth to see how Veracode Static Analysis IDE Scan is giving developers actionable feedback about the security of their code … in seconds.
Integrations: DevSecOps will be a hot topic at RSA, and DevSecOps can’t happen without strong, seamless integrations between development tools and security testing. To make DevSecOps a reality, security testing needs to be seamless for developers, and happen right within the tools they are already using. We’ll be talking about and demonstrating our extensive integrations at our booth.
Safe travels to San Francisco, and we look forward to seeing you there!
Hear more about my thoughts on RSA and the application security market in this short video: