In DZone, Vice President of Strategy Mark Curphey discusses why we'll need increasingly powerful automation to track vulnerabilities in the millions of open source libraries that are on the way.
Veracode Vice President of Research Chris Eng authors an article for TechBeacon that describes why it doesn't take a superhuman effort to secure applications. Embedding security design and testing into the continuous software delivery cycle via DevSecOps principles that offer a balance of speed, flexibility, and risk management is the only way to keep up.
The breach of the Marriott hotel empire is one of the largest in history - Chris Wysopal talks to the AP about its scale and why the type of data the hackers accessed is so valuable.
In this article for SC Magazine, Veracode's Paul Farrington outlines why lack of cybersecurity education for developers and inherently insecure code make the cyber skills gap even more acute.
Veracode’s latest State of Software Security report (SoSS) shows that retail is faster than most industries when it comes to addressing common vulnerabilities found in software.
Business Insider names Veracode among the 18 hottest companies changing businesses with DevOps.
What makes securing the blockchain so difficult? Chris Wysopal examines how hackers can exploit the emerging technology and basic security measures that can help.
CTO Chris Wysopal details what's necessary to secure election processes and systems in a video interview with ZDNet's Tonya Hall.
Industry analysts react to news that Veracode will become independent once again, as enterprise needs for cloud-based testing services that enable developers to add security to the software development lifecycle grow.
Veracode is listed in Dark Reading’s "20 Cybersecurity Firms to Watch" alongside other notable global companies such as Amazon, Oracle, Cisco and Intel.
In this Ars Technica feature, CTO Chris Wysopal makes the case for bringing greater security to election software and processes, arguing that increased vetting and white hat hacking are needed to make big strides in securing how citizens vote.
Veracode's SaaS platform is focused on helping security teams and software developers find and fix security-related defects at all points in the software development lifecycle. The company serves more than 2,000 customers across a wide range of industries, including nearly a third of the Fortune 100.
Broadcom is selling CA Technologies' Veracode application security testing platform to private equity firm Thoma Bravo for $950 million in cash.
"The market for AppSec is growing rapidly, and the urgency for what we have to offer has never been higher," Sam King, senior vice president and general manager of Veracode, told eWEEK.
Broadcom is selling application security testing business Veracode for $950 million to private equity firm Thoma Bravo. Veracode has been one of the stalwarts of the local cybersecurity cluster and hunts for vulnerabilities in software by scanning it throughout the development lifecycle.
Private equity investment firm Thoma Bravo has agreed to acquire Veracode for $950 million, on the same day that its parent CA Technologies were acquired by Broadcom for a reported $18.9 billion.
Humans are often the weakest link in the chain when it comes to computer security. So how can we stop doing silly things that play into the hands of cyber criminals? Paul Farrington of Veracode offers his take in this BBC News feature.
Businesses benefit from the ease of use of open source code in everything from setting up their IT infrastructure to laying the foundation for applications they develop for their customers. The reality is that very few developers start their code from scratch; instead, they borrow components from open source libraries.
This year’s report offers insights into differences by region in how quickly vulnerabilities are being addressed. The UK was among the strongest performing regions: businesses there closed the first 25% of their flaws in just 11 days, second fastest among all regions, closed 50% of flaws in 72 days and closed 75% of flaws in 304 days.
DevSecOps involves bringing security into the DevOps fold, and making security testing a natural part of the development process. According to the study, which examined fix rates across 2 trillion lines of code, more than 70% of flaws were still there one month after being discovered.
Knowing a vulnerability's severity might not tell you anything about how quickly that vulnerability will be fixed. But knowing what kind of development model the company is using could tell you a lot.
Veracode's 2018 State of Software Security Report finds that the same flaws keep on showing up in applications, but there are things that organizations can and should be doing to limit risks.
Veracode's State of Software Security Vol. 9 evidenced improvements in DevOps security, suggesting that DevSecOps is facilitating better security and efficiency, and also analyzed flaw persistence to measure the longevity of flaws after the initial discovery.
The recently published 2018 State of Software Security report by Veracode found that information leakage bugs were found in 66.8 percent of tested applications, while cryptographic issues plagued 63.7 percent of apps.
The State of Software Security report Volume 9 shows the number of vulnerable applications is incredibly high, but implementing DevSecOps has proven to be effective in mitigating flaws.