Podcast: Challenges of the Digital Economy

sciccone's picture
By Suzanne Ciccone January 26, 2017  | Security News

The digital innovations used by companies are making it easier for companies to improve their productivity. They also remove barriers for startups to enter new markets and make our everyday lives easier. However, the digital economy comes with challenges and risks. During this installment of Veracode’s AppSec in Review Podcast, Brian Fitzgerald, CMO at Veracode discusses the challenges... READ MORE

Never Leave Your IDE Again: Secure Coding Feedback in Seconds

jworthington's picture
By Janet Worthington January 25, 2017  | Customer News 6
Veracode Greenlight: Security Unit Testing Inside Your IDE

To stay competitive, every company in every industry has to not only create software, but also create it fast. This pressure has most likely trickled down to your development team, which is feeling squeezed to meet ever-tighter deadlines and continually get new products and features out the door. In turn, we’re seeing the adoption of new, speedier development and deployment practices, such as... READ MORE

How We’re Making Developer Training More Interactive, Flexible and Fun

eying's picture
By Emilie Ying January 24, 2017  | Secure Development
Veracode video-based developer training

Everyone knows security training is important. But many organizations struggle to make security training more effective. At Veracode, we’ve implemented several innovations to make our eLearning platform even more engaging, relevant, user-friendly and fun. Over the past five years, we have continued to add online courses to keep up with the changing climate of threats in the real world,... READ MORE

Securing DevOps: Enough With the Cynicism

jlavery's picture
By Jessica Lavery January 23, 2017  | Secure Development
Cynicism about devops is popular initially.

If an industry continuously talks about how a trend is going to be a hurdle, it becomes a hurdle. Conversely, if an industry views the trend as an opportunity and talks about it in such terms, thinking shifts toward the potential this trend brings for improvement. We are seeing this phenomenon with DevOps, but not in a good way. Security professionals are talking about the hurdles of securing... READ MORE

The Importance of Application Security: A Few of the Benefits and Risks

mfrancis's picture
By Melissa Francis January 19, 2017  | Intro to AppSec
Benefits versus risks of application security programs.

Application security is no longer optional; it has become an absolute necessity. With an increasing number of companies welcoming the idea of developing their own apps, in addition to purchasing record numbers of apps and incorporating open source code into their apps, the risks and vulnerabilities associated have also risen manifold. I’ve worked as a Security Program Manager at Veracode... READ MORE

Apple's Abandonment Of Its Own App Security Deadline Is Bad For So Many Reasons

eschuman's picture
By Evan Schuman January 16, 2017  | Security News

Have a great idea for the most effective way to make life easier for cyberthieves, especially those who are focused on ineffective app security. All you have to do is get one of the most powerful brands in computing to publicly declare a security deadline and then have it quietly withdraw that deadline on the eve of it being effective. For a terrific example of well this can undermine app... READ MORE

What’s the Worst That Can Happen? The Cost of a “Wait and See” AppSec Plan

sciccone's picture
By Suzanne Ciccone January 10, 2017  | Managing AppSec

In a previous blog post, we talked about the cost of a “do nothing” AppSec plan. In that blog post, we pointed out that ignoring application security can be a costly move. Why? Because your chance of a breach is very high, and so is the cost incurred from most breaches. In addition, you could now face regulatory fines by ignoring application security. But a “wait and see”... READ MORE

The Five Parts of Third-Party Application Security

gjames's picture
By Griff James January 5, 2017  | Managing AppSec

Third-party application security assurance is an essential part of a mature IT security program. While it’s true that every company today is a software company, the majority of applications within an enterprise’s application portfolio will be developed by third parties – often as off-the-shelf products.  A study by Quocirca found that the average enterprise has roughly 600... READ MORE

Can You Defend Your AppSec Program? Be Ready to Answer These Questions

jzorabedian's picture
By John Zorabedian January 3, 2017  | Managing AppSec

Every AppSec manager needs to work with stakeholders across the organization, from the CISO to development, and departments making their own decisions about buying the software they depend on to do their jobs. If you want to earn buy-in for your AppSec program, you’ll have to be responsive to different concerns for each type of stakeholder. To help you, we offer this list of questions you... READ MORE

FAQs About the New York DFS Cybersecurity Regulations

jzorabedian's picture
By John Zorabedian January 3, 2017  | Security News
New York DFS Cybersecurity Regulations

New York State has passed strict new cybersecurity requirements for financial services companies doing business in New York, and affected organizations will need to prove compliance with the regulations beginning in February 2018. New York Governor Andrew Cuomo said the "first-in-the-nation" cybersecurity regulations are necessary to "guarantee the financial services industry... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu