February 2022

New in Security Labs: Kotlin & Swift Mobile Courses

Feb 28, 2022 By Saoirse Hinksmon In Veracode

This week we’ve added new Kotlin & Swift Courses to the Security Labs catalog! The update includes 4-5 Kotlin (Android) labs and 4 Swift (iOS) labs that cover common mobile security topics such as secret storage, authorization, and custom URL handling.

Read Post

Veracode

Read more about New in Security Labs: Kotlin & Swift Mobile Courses

SQL Injection in Today's Landscape

Feb 17, 2022 By Dustin Silveri In Veracode

A SQL injection flaw allows for an attacker to modify or inject SQL syntax into the request to make the application behave in a manner that was not initially intended. In other words, an attacker can change a database query to: Now with almost all web applications having integrations with databases in some way, this flaw has the potential to arise often. However, many frameworks and libraries are available to make database connections and queries safe.

Read Post

Veracode

Read more about SQL Injection in Today's Landscape

Create an API Specification Scan

Feb 16, 2022 By Veracode In Veracode

Traditionally Veracode Dynamic Analysis has targeted applications with a Web user interface. But increasingly, web applications are composed of many small microservices, many of which have Representational State Transfer (REST) interfaces with which the UI layer communicates. With API scanning, you can now scan the APIs of your microservices earlier in the software development process, before they are integrated into a web application.

View Video

Veracode

Read more about Create an API Specification Scan

What Is an SBOM & Why Do You Need One?

Feb 14, 2022 By John Smith In Veracode

Before we jump into definitions, let’s quickly level set on how we got here. Over the last few years, the way we build software has changed drastically. With the increasing need to move faster and release more frequently, organizations are opting to get rid of monolithic architectures and adopt a microservices architecture for greater agility, resiliency, and efficiency.

Read Post

Veracode

Read more about What Is an SBOM & Why Do You Need One?

DevSecOps Is Mainstream: New Research Finds 20x Increase in Software Security Scanning Over the Past Decade

Feb 8, 2022 By Veracode In Veracode

Veracode State of Software Security report reveals the average cadence for organizations scanning apps has grown 20x since 2010. The number of apps scanned for security flaws per quarter has more than tripled over the past decade. Businesses with hands-on security training for developers fix software flaws 35% faster.

Read Post

Veracode

Read more about DevSecOps Is Mainstream: New Research Finds 20x Increase in Software Security Scanning Over the Past Decade

Announcing the 12th Volume of Our State of Software Security Report

Feb 8, 2022 By Hope Goslin In Veracode

The 12th volume of our annual State of Software Security (SOSS) report is now live! Rather than examining a single year of activity associated with an application, in this year's report we looked at the entire history of active applications. By doing so, we can view the full life cycle of applications, which results in more accurate metrics and observations.

Read Post

Veracode

Read more about Announcing the 12th Volume of Our State of Software Security Report

Review API Scanning Prescan Results

Feb 7, 2022 By Veracode In Veracode

In this video, you will learn how to review Dynamic Analysis prescan scan results for an API specification. After creating and submitting a Dynamic Analysis API specification scan, you can return to the list of Dynamic Analyses at any time to check for status updates and to view results. Please note, you must have the Creator, Reviewer, or Security Lead role to be able to view the results of a Dynamic Analysis, unless the results are linked to a Veracode application profile for which you have permission to view.

View Video