AppSec Bites Part 3: Has the New Virtual Reality Created Opportunities for AppSec?
Over the past several months, many organizations have had to shift their operations to a fully digital platform. This sudden shift was more challenging for some industries, like government, than other industries, like technology. And aside from having to adapt to fully remote operations, many organizations were also subject to ... Read More
AppSec Bites Part 2: Top 3 Things to Consider When Maturing Your AppSec Programs
A joint blog post from Veracode andツ?ThreadFix When it comes to maturing an AppSec program, there are several best practices that can help you get started. In part two of our AppSec podcast series, Tim Jarrett, Director of Product Management at Veracode, and Kyle Pippin, Director of Product Management at ... Read More
Veracode’s New Scan Type Delivers Results at DevSecOps Speed
Across the thousands of customer conversations we have each year, one theme continues to emerge regardless of industry, size, or geography: the pace of development is accelerating rapidly, and the pressure to innovate quickly is more intense than ever before. Veracode???s customers are not alone. A recent GitLab survey across ... Read More
Announcing New Veracode Language Coverage: Apex, Go, and PLSQL
When considering new language support, we think about our customers’ existing technology stacks and the new and emerging languages that will enable them to securely bring innovations to market faster. With this in mind, we recently added support for Apex, Go, and PLSQL: Apex, a Salesforce.com proprietary language, enables businesses ... Read More
PCI Releases Software Security Framework
Today, PCI shared its new Software Security Framework. PCI describes this framework as “a collection of software security standards and associated validation and listing programs for the secure design, development and maintenance of modern payment software.” The framework includes two standards for use by software vendors. The first, the Secure ... Read More
AppSec Buyers’ Insights: Binary vs. Source Code Scanning
The discussion surrounding which is superior – binary or source code scanning – has plagued the static analysis market since its inception. A source code scanner analyzes un-compiled code, whereas a binary scanner analyzes compiled code, but in the end, the result is the same. They are simply two engineering ... Read More