5 Lessons About Software Security for Cybersecurity Awareness Month

5 Lessons About Software Security for Cybersecurity Awareness Month

October is cybersecurity awareness month, and this year, the overarching theme is ???Do Your Part. #BeCyberSmart.??? When considering what ???cybersmart??? means in application security, we realized we unearthed some data this year that made us a little cybersmarter and could help other security professionals and developers increase their AppSec smarts ... Read More
96% of Organizations Use Open Source Libraries but Less Than 50% Manage Their Library Security Flaws

96% of Organizations Use Open Source Libraries but Less Than 50% Manage Their Library Security Flaws

Most modern codebases are dependent on open source libraries. In fact, a recent research report sponsored by Veracode and conducted by Enterprise Strategy Group (ESG) found that more than 96 percent of organizations use open source libraries in their codebase. But ??? shockingly ??? less than half of these organizations ... Read More
Hot off the Press: Veracode Named a 2020 Gartner Peer Insights Customers’ Choice for AST

Hot off the Press: Veracode Named a 2020 Gartner Peer Insights Customers’ Choice for AST

Veracode has been officially recognized by Gartner Peer Insights as a 2020 Customers??? Choice for Application Security Testing. The report includes Veracode???s aggregate score of 4.6 out of 5 stars out of 95 independent customer reviews (as of July 31, 2020), and of the reviewers, 92 percent said that they ... Read More
Focus on Fixing, Not Just Finding, Vulnerabilities

Focus on Fixing, Not Just Finding, Vulnerabilities

|
When investing in an application security (AppSec) program, you expect to see a return on your investment. But in order to recognize a return, your organization needs to determine what success looks like and find a way to measure and prove that the program is meeting your definition of success ... Read More
The Migration From PA-DSS to SSF: Everything You Need to Know

The Migration From PA-DSS to SSF: Everything You Need to Know

|
Technology is constantly changing and advancing. Payment platforms are no exception. As these new platforms emerge, the software supporting the platform must be reliable and secure. Without secure payment platforms, payment transactions and data could be compromised. The PCI Software Security Framework (SSF) sets standards and requirements for both traditional ... Read More
AppSec Tools Proliferation Is Driving Investments to Consolidate

AppSec Tools Proliferation Is Driving Investments to Consolidate

|
When it comes to application security (AppSec), it???s important to note that no one testing type can uncover every flaw. Each tool is designed with a different area of focus, along with various speeds and costs ??? so it???s necessary to employ a mix of testing types. A good way ... Read More
Gartner Summit: Balance Risk, Trust, and Opportunity in an Uncertain World

Gartner Summit: Balance Risk, Trust, and Opportunity in an Uncertain World

|
In light of the current pandemic, most organizations will be working remotely for the foreseeable future. But the increase in virtual operations has led to a higher volume of cyberattacks. Now, more than ever, it???s vital that your organization is armed with the industry???s best application security (AppSec) solutions. But ... Read More
69% Say Their AppSec Is Effective but Don’t Have Tools to Measure It

69% Say Their AppSec Is Effective but Don’t Have Tools to Measure It

Veracode recently sponsored Enterprise Strategy Group???s (ESG) survey of 378 developers and security professionals, which explored the dynamic between the roles, their trigger points, the extent to which security teams understand modern development, and the buying intentions of application security (AppSec) teams. The first survey question for developers and security ... Read More
10 Elements of the Most Effective Application Security Programs

10 Elements of the Most Effective Application Security Programs

Veracode???s Chris Wysopal and Chris Eng recently joined Enterprise Strategy Group (ESG) Senior Analyst Dave Gruber and award-winning security writer and host of the Smashing Security podcast, Graham Cluley, at Black Hat USA to unveil the findings from a new ESG research report, Modern Application Development Security. The research is ... Read More
New ESG Survey Report: Modern Application Development Security

New ESG Survey Report: Modern Application Development Security

As organizations continue to adopt DevSecOps, a methodology that shifts security measures to the beginning of the software development lifecycle (SDLC), roles and processes are evolving. Developers are expected to take on increased security measures ??? such as application security (AppSec) scans, flaw remediation, and secure coding ??? and security ... Read More
Loading...