When it comes to protecting software, don’t count on automated testing to find all the vulnerabilities in your code. Here’s why manual penetration testing is more essential (and more accessible) than one might think.

Learn how the gRPC test suite and gRPC wizard enable Defensics customers to create their own test sequences from protocol buffer definitions.

This is the fourth of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. Be sure to look out for our upcoming blogs on each of the five principles. With new headlines every day about organizations that have been targeted by cyberattackers, it’s not surprising that 75 percent of organizations assume they’re likely to have a breach in the next three years.

GitHub Actions integrates AST capabilities into development workflows and CI/CD pipelines to provide instant, actionable insights into risks. Today, the nature of technology and its accelerated time to market require organizations to extend security practices to development and engineering teams.

Government agencies are instructed by Executive Order to improve the delivery of digital services to citizens while also safeguarding critical data and systems. Often, this leads to a difficult decision between speed of application production and software security. However, as recent events have shown, sacrificing security in the name of speed compromises the safety of citizens and government infrastructure.

OpenSSL released version 3.0.7 with security fixes for High Severity vulnerabilities CVE-2022-3786 & CVE-2022-3602 discussed here. Here's how to know if you're affected and what to do if you are.

Building trust in government is both my passion and part of my character. Last year, when I found myself contemplating my next career move, I knew that I wanted to be at an innovative company devoted to rebuilding trust in federal agencies. It didn’t take long for me to realize that Veracode and I were a perfect fit. Immediately I saw how the company’s mission and innovative application-security technology aligned with my values.

Throughout my career, I’ve seen a lot of change in the realm of cybersecurity. Whether in private- or public-sectors, from pre- to post-pandemic, I’ve witnessed the struggles of agencies coming to terms with digital transformation and cybersecurity. What I’ve found is that federal agencies are expected to keep pace with their civilian counterparts while abiding by mandates to add an extra layer of security to digital operations.