Smart city devices have the potential to be hacked and used against the very cities that deployed them. Chris Wysopal addresses how that threat can be mitigated.
As Europe introduces a million-pound bug bounty program for open source projects, Paul Farrington highlights the misperception that the open source community is finding every vulnerability.
As the EU launches financial incentives to find bugs in popular open source software, experts warn that there may not be enough resources to respond to waves of bug reports.
Why Universal Plug and Play has been problematic for years. A new attack raised new attention on how it can create risk.
A recent hack of Google Chromecast and internet-connected smart TVs illustrates the importance of security by design and continuous automated security testing to prevent vulnerabilities from being exploited, writes Paul Farrington for IT Supply Chain.
Software developers made strides to fix application security flaws faster, and a shift to automation and continuous delivery could make that process even more efficient. Mark Curphey tells DevPro Journal how this impacts independent software vendors.
VP of Strategy Mark Curphey shares his view on why we'll see increased automation as DevOps and DevSecOps models become the norm.
As we approach the end of 2018, Chris Wysopal sat down with ZDNet to reflect on how the security landscape has evolved. One area that will continue to be top of mind? The need for better security in government systems.
In this article on the security landscape for the year ahead, Veracode's Paul Farrington illustrates how forces like Brexit, cross-border cybersecurity collaboration, and an increased pace of application development will make 2019 a challenging year for many UK organizations
In the wake of Google’s latest data breach, Paul Farrington, director EMEA Solution Architects at Veracode, calls for consistency in security and app performance scans: “Hackers are increasingly taking advantage of vulnerabilities in web and software applications and businesses are making their life very easy, with our recent research revealing that more than 85% of applications have at least one vulnerability when first scanned.”
With increasing cyber attacks comes a parallel increase in cyber insurance. CTO Chris Wysopal tells Fifth Domain why risk evaluation and demanding proof of secure practices will lead to greater cybersecurity.
In DZone, Vice President of Strategy Mark Curphey discusses why we'll need increasingly powerful automation to track vulnerabilities in the millions of open source libraries that are on the way.
Veracode Vice President of Research Chris Eng authors an article for TechBeacon that describes why it doesn't take a superhuman effort to secure applications. Embedding security design and testing into the continuous software delivery cycle via DevSecOps principles that offer a balance of speed, flexibility, and risk management is the only way to keep up.
The breach of the Marriott hotel empire is one of the largest in history - Chris Wysopal talks to the AP about its scale and why the type of data the hackers accessed is so valuable.
Cybercriminals are still exploiting the one ubiquitous weakness of every organization - human fallibility - in myriad ways. Read about some of the most common social engineering tricks in this article by Veracode's Paul Farrington.
In this article for SC Magazine, Veracode's Paul Farrington outlines why lack of cybersecurity education for developers and inherently insecure code make the cyber skills gap even more acute.
Veracode’s latest State of Software Security report (SoSS) shows that retail is faster than most industries when it comes to addressing common vulnerabilities found in software.
Business Insider names Veracode among the 18 hottest companies changing businesses with DevOps.
What makes securing the blockchain so difficult? Chris Wysopal examines how hackers can exploit the emerging technology and basic security measures that can help.
CTO Chris Wysopal details what's necessary to secure election processes and systems in a video interview with ZDNet's Tonya Hall.
Industry analysts react to news that Veracode will become independent once again, as enterprise needs for cloud-based testing services that enable developers to add security to the software development lifecycle grow.
Veracode is listed in Dark Reading’s "20 Cybersecurity Firms to Watch" alongside other notable global companies such as Amazon, Oracle, Cisco and Intel.
In this Ars Technica feature, CTO Chris Wysopal makes the case for bringing greater security to election software and processes, arguing that increased vetting and white hat hacking are needed to make big strides in securing how citizens vote.
Veracode's SaaS platform is focused on helping security teams and software developers find and fix security-related defects at all points in the software development lifecycle. The company serves more than 2,000 customers across a wide range of industries, including nearly a third of the Fortune 100.
Broadcom is selling CA Technologies' Veracode application security testing platform to private equity firm Thoma Bravo for $950 million in cash.