Announcing State of Software Security v11: Open Source Edition
Today, we published the open source edition of our annual State of Software Security report. Solely focused on the security of open source libraries, the report includes analysis of 13 million scans of more than 86,000 repositories, containing more than 301,000 unique libraries. In last year’s open source edition report, ... Read More
Did You Read Our Most Popular 2020 Blog Posts?
What was top of mind for your peers regarding AppSec in 2020? Yes, we realize no one really wants a 2020 retrospective ??? who wants to look back at that mess? But we are going to carry on with our annual look-back at our most popular blogs from the previous ... Read More
Announcing the 11th Volume of Our State of Software Security Report
Today, we released the 11th volume of our annual State of Software Security (SOSS) report. This report, based on our scan results, always offers an abundance of insights and information about software vulnerabilities ??? what they are, what???s causing them, and how to address them most effectively. This year is ... Read More
Announcing Our State of Software Security: Open Source Edition Report
Today, we published a special supplement to our annual State of Software Security report that focuses exclusively on the security posture of the open source libraries found in applications. Prominent in almost every application today, open source libraries allow developers to move faster by quickly adding basic functionality. In fact, ... Read More
Did You Read Our Most Popular 2019 Blog Posts?
What were your biggest AppSec questions and concerns in 2019? Want to find out what others’ were? Every January, we look at the most-read blog posts from the previous year, and it always proves to be a valuable exercise for us, and we hope for you as well. The posts ... Read More
AppSec Themes to Watch in 2020
Contributors: Paul Farrington, Veracode EMEA CTO Pejman Pourmousa, Veracode VP of Services Chris Wysopal, Veracode CTO and co-founder As we said in the introduction to our 10th anniversary State of Software Security report this year, the last 10 years in AppSec saw both enormous change, and a fair amount of ... Read More
DevSecOps Challenges From a Security Perspective
The transition from DevOps to DevSecOps requires security professionals to have a whole new understanding of development processes, priorities, tools, and painpoints. It’s no longer feasible for security professionals to get by with a superficial understanding of how developers work. But this understanding can be a significant undertaking for most ... Read More
Using Benchmarks to Make the Case for AppSec
In a recent Veracode webinar on the subject of making the business case for AppSec, Colin Domoney, DevSecOps consultant, introduced the idea of using benchmarking to rally the troops around your AppSec cause. He says, “What you can do is you can show where your organization sits relative to other ... Read More
State of Software Security v10: Top 5 Takeaways for Security Professionals
It’s the 10th anniversary of our State of Software Security (SOSS) report! This year, like every year, we dug into our data from a recent 12-month period (this year we analyzed 85,000 applications, 1.4 million scans, and nearly 10 million security findings), but we also took a look back at ... Read More
Announcing the 10th Volume of our State of Software Security Report
Today marks a big milestone for Veracode, and for the application security industry – we’re releasing the 10th volume of our State of Software Security (SOSS) report. 10 SOSS reports and 80,000+ apps later, we’ve accumulated a lot of data, and a lot of insights, about application security trends and ... Read More