Quality assurance, or QA, is one of the go-to solutions for organizations looking to enhance their application security (AppSec). But alone, they don???t provide enough coverage and can give your team a false sense of security that comes back to haunt you during audits, or worse: after a breach. QA tools are only the tip… Continue reading Quality Conundrum: Relying on QA Tools Alone Increases Risk
Category: Uncategorized
Making a Case for the Cloud: Customers Give Their Honest Feedback of SaaS-Based AppSec
Before the pandemic, 70 percent of companies were in the early stages of a digital transformation. But given the current circumstances, companies are being forced to speed up those efforts. This statistic, coupled with the FBI???s findings that cyberattacks have increased by 400 percent over the last few months, supports the need for increased application… Continue reading Making a Case for the Cloud: Customers Give Their Honest Feedback of SaaS-Based AppSec
Veracode Achieves AWS DevOps Competency Status
We are pleased to announce that we have earned the AWS DevOps Competency status, which recognizes that Veracode provides proven technical proficiency and customer success helping organizations implement continuous integration and delivery practices on AWS. To receive the designation, APN Partners must possess deep expertise and deliver solutions seamlessly on AWS. Why does this matter?… Continue reading Veracode Achieves AWS DevOps Competency Status
State of Software Security: Open Source Edition – Key Takeaways for Developers
The popularity of open source libraries isn???t dwindling anytime soon. They???re critical for developer functionality, allowing teams of developers like yours to work faster so they can meet tight deadlines they face on the regular. But some developers may not fully understand the risks that come from using open source libraries, just like the risks… Continue reading State of Software Security: Open Source Edition – Key Takeaways for Developers
How One College Professor Is Trying to Address the Cybersecurity Skills Gap
Software development is ever-evolving, and with that demand for innovation and scale comes the need to ensure software is secure. Many enterprise organizations have invested in AppSec to help them identify security flaws throughout the development process. However, within higher education, secure coding skills are often not part of computer science or software engineering curriculums.… Continue reading How One College Professor Is Trying to Address the Cybersecurity Skills Gap
Cracking the Code to a Successful Remediation Plan
Creating a remediation plan can be tricky. In fact, customers often tell us that it???s much easier to create a plan to help developers scan applications quickly and easily than it is to establish remediation goals. But if vulnerabilities aren???t remediated right away, there???s a higher chance that they will never be remediated. Our recent… Continue reading Cracking the Code to a Successful Remediation Plan
Frequency, Speed, and Accuracy Are a Match Made in AppSec Heaven
???Make it work, make it right, make it fast.??? These words from renowned software engineer Kent Beck will always ring true for developers, especially with the pace of development picking up, not slowing down. A GitLab survey from last year showed nearly half (43 percent) of respondents deploy software on-demand or multiple times per day… Continue reading Frequency, Speed, and Accuracy Are a Match Made in AppSec Heaven
Cyberthreats During the Pandemic Are on the Rise
With the sudden shift to digital that many businesses are facing in response to the pandemic, preventing cyberattacks is more important than ever. According to the FBI, attacks related to COVID-19 have increased 400 percent in recent months. And with data from Gartner showing that 74 percent of companies expect to maintain some level of… Continue reading Cyberthreats During the Pandemic Are on the Rise
Verizon Data Breach Investigations Report Finds an Increase in Web Application Breaches
Verizon recently published its 2020 Data Breach Investigations Report (DBIR), which analyzed 32,002 security incidents in 16 different industries and four different world regions. Similar to last year???s findings, the majority of breaches ??? 86 percent ??? are financially motivated, and most ??? 70 percent ??? are caused by outsiders. Credential theft, social attacks (i.e.,… Continue reading Verizon Data Breach Investigations Report Finds an Increase in Web Application Breaches
Realigning Priorities and Building a Bridge Between Security and Development
It???s a common conundrum for application security (AppSec) teams??ヲhow can developers and security professionals work together to release software faster? It takes a working relationship, good communication, and the right tools, which most teams don???t have. Even more discouraging, stigmas follow both teams around the office; developers often worry that security is there to slow… Continue reading Realigning Priorities and Building a Bridge Between Security and Development