Technology and elections are heavily interrelated ??? but it wasn???t always that way. We started to adopt technology once weツ?weren???t able toツ?fit everyone into a town hall. The first piece of technology was simply a piece of paper and a ballot box. We may not think of it asツ?technology,ツ?but the ballot box can be tampered… Continue reading Live From Black Hat: Stress-Testing Democracy – Election Integrity During a Global Pandemic with Matt Blaze
Category: Uncategorized
Man vs. Machine: Three-Part Virtual Series on the Human Element of AppSec
In 2011 when IBM???s Watson supercomputer went up against ???Jeopardy??? icon Ken Jennings, the world watched as a battle of man vs. machine concluded in an impressive win for Watson. It wasn???t simply remarkable that Watson could complete calculations and source documents quickly; the real feat was the brainpower it took to create fine-tuned software… Continue reading Man vs. Machine: Three-Part Virtual Series on the Human Element of AppSec
New Data Reveals How AppSec Is Adapting to New Development Realities
In today???s fast-paced world, companies are racing to bring new, innovative software to market first. In order to keep up with the speed of innovation, many organizations are shifting toward DevSecOps. DevSecOps brings security to the front of the software development lifecycle (SDLC), allowing for both fast deployments and secure applications. Even though DevSecOps is… Continue reading New Data Reveals How AppSec Is Adapting to New Development Realities
Why is Dynamic Analysis an Important Part of Your AppSec Mix?
By now, most are familiar with the concept of DevSecOps. With DevSecOps, application security (AppSec) is moved to the beginning of the software development lifecycle (SDLC). By scanning earlier in the SDLC, you are able to find and fix flaws earlier. This can result in significant time and cost savings. Most organizations understand the importance… Continue reading Why is Dynamic Analysis an Important Part of Your AppSec Mix?
Announcing Veracode Security Labs Community Edition
We recently partnered with Enterprise Strategy Group (ESG) to survey software development and security professionals about modern application development and how applications are tested for security. The soon-to-be-announced survey found that 53% of organizations provide security training for developers less than once a year, which is woefully inadequate for the rapid pace of change in… Continue reading Announcing Veracode Security Labs Community Edition
The Texas Cybersecurity Act: What You Need to Know
Texas passed House Bill 8 relating to cybersecurity for state agency information resources. The bill sets mandatory practices for state agencies, institutes continuous monitoring and auditing of network systems, adds protections for student data privacy, and updates the penalties for cybercrimes. As Texas House Speaker, Joe Straus, commented, state agencies are now expected to be… Continue reading The Texas Cybersecurity Act: What You Need to Know
What Does it Take to be a Rockstar Developer?
If there???s one thing you need to value as you move through your career as a modern software developer, it???s the importance of security. With application layers increasing and the shift left movement bringing security into the picture earlier on the development process, security should be top of mind for every developer working to write… Continue reading What Does it Take to be a Rockstar Developer?
Your 30-60-90 Day AppSec Plan
Your stakeholders have signed off on an application security program, you???ve selected a vendor ??ヲ ツ?but now what? There is no detailed handbook or instruction manual for getting started because every organization is different. You need to formulate your own plan to make sure the program meets the individual needs of your organization. But that… Continue reading Your 30-60-90 Day AppSec Plan
New Forrester Report: Build a Developer Security Champions Program
We know firsthand how critical it is for developers and security professionals to have a great working relationship. That extends beyond simply communicating well; for your DevSecOps program to come together so that you can secure your applications, you need to break down silos and improve security knowledge across the board. Recently, Forrester published a… Continue reading New Forrester Report: Build a Developer Security Champions Program
Understand the Past to Shape the Future of AppSec
It can sometimes feel like development and security teams are working toward two separate goals. Both developers and security professionals are supposed to be working toward timely, secure releases, but in reality, developers tend to prioritize speed and function, and security professionals prioritize security measures. How can you unify the teams and focus them on… Continue reading Understand the Past to Shape the Future of AppSec