Should You Be Measuring Flaw Rate?

Should You Be Measuring Flaw Rate?

Metrics — or perhaps more accurately, the right metrics — are crucial for understanding what’s really happening in your AppSec program. They serve a dual purpose: They demonstrate your organization’s current state, and also show what progress it’s making in achieving its objectives. We typically recommend our customers measure their ... Read More
Detailing Veracode’s HMAC API Authentication

Detailing Veracode’s HMAC API Authentication

Veracode’s RESTful APIs use Hash-based Message Authentication Code (HMAC) for authentication, which provides a significant security advantage over basic authentication methods that pass the username and password with every request. Passing credentials in the clear is not a recommended practice from a security perspective; encryption is definitely preferred for obvious ... Read More