Veracode Named a Leader in the Gartner Magic Quadrant for Application Security Testing for the Fourth Report in a Row

lpaine's picture
By Laura Paine March 1, 2017  | Security News

For the fourth consecutive report, Gartner placed Veracode as a Leader in the 2017 Magic Quadrant for Application Security Testing1.  Gartner chooses leaders for the report based on a company’s completeness of vision and ability to execute in the application security testing (AST) market. When it comes to leadership, the proof is in the pudding: in 2016, Veracode demonstrated the... READ MORE

Strategies for Rapid Adoption of a Security Programme Within a Large Enterprise

cdomoney's picture
By Colin Domoney March 1, 2017  | Managing AppSec

A large-scale deployment of the Veracode static code analysis platform across a large enterprise presents a number of unique challenges, such as understanding your application estate, prioritising your applications for scanning, and communicating with your application owners. This blog post provides some guidance based on my experience at delivering several hundred scanned applications in a 14-... READ MORE

Critical Capabilities that DevSecOps Technologies Should Demonstrate

jfeiman's picture
By Joseph Feiman February 28, 2017  | Managing AppSec
Critical Capabilities that DevSecOps Technologies Should Demonstrate

As we outlined in a previous blog post, security technologies, in order to fit DevOps and other agile development processes, should be at the fingertips of Dev and Ops professionals. Yet, neither group is necessarily proficient in security, security is not their priority, and security tools are often unintuitive to people outside the security industry. Cloud-based application security services (... READ MORE

Podcast: Addressing the Skills Gap - How to keep our digital economy growing

jlavery's picture
By Jessica Lavery February 23, 2017  | Security News

Our economy continues to shift from a manufacturing and goods based economy to one that is based on services and technology. This digital economy can help improve our quality of life as well as the speed at which we do business, however there are a number of threats to the growth of the digital economy. Chief amongst these threats is the skills gap that exists between what is needed to continue... READ MORE

Your Next Steps if Your AppSec Program Is in the Reactive Stage

sciccone's picture
By Suzanne Ciccone February 23, 2017  | Managing AppSec
Reactive application security programs should follow these steps.

This is the first blog in a series that will look at each stage of an application security program’s maturity and outline what the next steps are to move toward an advanced program. We typically see organizations fall within one of these four stages of application security: Reactive (you're here!) Baseline Expanded Advanced If you are in the first stage and taking a reactive approach... READ MORE

A Veracode Program Manager’s Perspective: Our Programmatic Approach to Application Security

gjames's picture
By Griff James February 21, 2017  | Customer News

Undeniably, the best way to get secure software is to develop secure software. And the emerging DevSecOps trend – the integration of development, security and operations – facilitates this process. The ideal application security program today would involve a DevOps process with security integrated automatically from development to production. However, most companies aren... READ MORE

Live From RSA: Topics of Leadership and Teamwork With Dame Stella Rimington

jlavery's picture
By Jessica Lavery February 17, 2017  | Security News
RSA talk Dame Stella Rimington

In perhaps my favorite talk at RSA this year, Dame Stella Rimington, former Director of MI5, told the story of her career in the intelligence organization. And her story has parallels to the IT security industry today. When Rimington joined MI5, there were separate and unequal career paths for men and women. It was just taken for granted that women could not do the same jobs as men. She explained... READ MORE

Live From RSA: Your Chance to Get It Right – 5 Keys to Building AppSec into DevOps

jlavery's picture
By Jessica Lavery February 17, 2017  | Security News
AppSec and DevOps

The session I’ve been waiting for all week at RSA – Chris Wysopal and Tim Jarrett of Veracode gave an informative talk about the need for security to adapt to the developer-led world and the opportunity DevOps presents for security to become part of the team. Chris likened cyberthreats to Cholera, the disease is always there, but only when you have poor sanitation do you get sick or... READ MORE

Live From RSA: The Most Dangerous New Attack Techniques and What's Coming Next

jlavery's picture
By Jessica Lavery February 17, 2017  | Security News

SANS took the main stage at RSA Wednesday morning to talk about the seven most dangerous cyberattacks and what they expect to see in the coming years. The panel, moderated by Alan Paller, consisted of SANS researchers Ed Skoudis, Johannes Ullrich and Michael Assante. The four issues that stood out: 1. The rise of ransomware and crypto-ransomware Cryptography, Skoudis explained, was invented to... READ MORE

Live From RSA: Final Boarding Call for DevOps – You Don’t Have to Go Home, But …

jlavery's picture
By Jessica Lavery February 15, 2017  | Security News
RSAC Corman Keynote: DevOps

Josh Corman gave another engaging and informative talk at RSA about DevOps and how it is changing the way we think about security. As he says, DevOps is here, and is the future of development. Companies that don’t start shifting this way won’t be able to keep up in terms of innovation. But he also points out the need for governance, using the analogy of an earthquake. The earthquake... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu