Now Is the Time for Government Agencies to up Their AppSec Game
When it comes to application security (AppSec), Forrester???s report, The State of Government Application Security, 2020, ツ?establishes that the government sector is falling behind other industries. And given the nature and quantity of consumer information housed by government agencies, government applications are a prime target for cyberattacks. It???s no wonder ... Read More
Massachusetts to Receive $18.2 Million in Settlement Against Equifax
On April 17, 2020, The Massachusetts Attorney General, Maura Healey, announced that Massachusetts will receive a payout of $18.2 million in the settlement against Equifax Inc. The settlement, which was approved in a judgment on April 13, 2020, is in response to the 2017 data breach in which attackers hacked ... Read More
Financial Sector Cybersecurity Framework Profile Consolidates Regulatory Requirements
Cyberattacks are an all too common occurrence, especially for financial institutions. In response, we are seeing an influx of security rules and regulations for financial institutions to follow. And ??? although the regulations are beneficial ??? complying with the regulations can be time consuming and costly. According to findings from ... Read More
The Evolution of AppSec: Past, Present, and Future
In a recent podcast with IDG, Chris Wysopal, Veracode Chief Technology Officer, speaks to the evolution of application security (AppSec) over the past ten years. In his evaluation, Wysopal leverages findings from Veracode???s annual State of Software Security (SOSS) reports. The first volume of the SOSS report, published in March ... Read More
4 First Steps to Help Your Organization Shift AppSec Left
In order to stay competitive in today???s fast-past world, organizations need to rapidly deploy new software. One way to ensure fast deployment is to take Beyoncテゥ???s advice and move security, ???to the left, to the left.??? By shifting security left ??? to the beginning of the software deployment lifecycle (SDLC) ... Read More
Weighing Pros and Cons to Select AppSec Testing Types
When determining the right testing types for your application security (AppSec) program, there are several questions that likely come to mind: What is the difference between the various AppSec tests? What vulnerabilities do the tests uncover? How many testing types do I need to include in my program? You can ... Read More
Best Practices and Practical Steps to Guide Your AppSec Journey
Imagine that you are tasked with planning a vacation for you and your family. For your ideal trip, you would jet off to a five-star resort on a private island for a month of pampering and fine dining. But, since you have two children, a limited budget, and only one ... Read More
What Software Composition Analysis and Your Dentist Have in Common
SAST, DAST, IAST, SCA ??ヲ confused about the differences? We thought it might be helpful to clear things up by using the analogy of human health. When you visit the doctor with an ailment, or even for a routine checkup, you are likely to undergo a series of tests to ... Read More
Forrester Study on the Benefits of Cloud vs. On-Premises AppSec
Veracode recently commissioned Forrester Consulting to conduct research on the Total Economic Impact™ of using a cloud-based application security (AppSec) solution versus an on-premises solution. To collect information on the benefits and risks associated with the solutions, Forrester interviewed four customers who have used Veracode as well as a variety ... Read More
Forrester Analysis on the State of Government Application Security: Government Must Make Significant Advances
In a recent report, The State of Government Application Security, 2020, Forrester analysts establish that governments are far behind other industries in critical areas of application protection. This finding – backed by the Forrester Analytics Global Business Technographics® Security Survey, 2019 – is especially alarming given the amount of sensitive ... Read More
