Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2022

Configure the API Credentials File on Windows

In this video, you will learn how to generate Veracode API credentials in the Veracode Platform and configure an API credentials file for storing your API credentials on Windows. Veracode API credentials consist of an ID and secret key. You use these credentials to access the Veracode APIs and Veracode integrations. API ID and key authentication provides improved security and session management for accessing the APIs.

As the Holiday Season Begins, 73% of Retail and Hospitality Apps Have a Flaw

After the pandemic upended the retail and hospitality industries, digital transformation became imperative to survival – the key to meeting ever-changing customer expectations and overcoming supply chain complexities. As the landscape continues to shift, 55 percent of retailers say they’re open to improving their innovation capabilities, while 51 percent want to adopt new business models.

Anatomy of a Stored Cross-site Scripting Vulnerability in Apache Spark

One of the services that Veracode offers is a consultation with an Application Security Consultant – a seasoned software developer and application security expert. In the context of a consultation, my team works with the software engineers of Veracode’s customers to understand and, ideally, remediate security flaws found by the Veracode tool suite.

4 Reasons Scan Results May Differ Over Time: Advice from an Application Security Consultant

You didn’t change anything in your code, yet the scan is different this time. Here’s advice from an Application Security Consultant on why that may be. Have you ever wondered why you scan code one day and get one result, and then scan the same code a month later and get different results – even though you never changed anything?

The Power of Manual Penetration Testing in Securing Your Attack Surface

When it comes to protecting software, don’t count on automated testing to find all the vulnerabilities in your code. Here’s why manual penetration testing is more essential (and more accessible) than one might think.

How Government Agencies Can Secure Mission Critical Software in the Cloud

Government agencies are instructed by Executive Order to improve the delivery of digital services to citizens while also safeguarding critical data and systems. Often, this leads to a difficult decision between speed of application production and software security. However, as recent events have shown, sacrificing security in the name of speed compromises the safety of citizens and government infrastructure.