DevSecOps

Live from Black Hat: Healthscare - An Insider's Biopsy of Healthcare Application Security with Seth Fogie

Aug 6, 2020 By Chris Kirsch In Veracode

Healthcare providers heavily leverage technology. In his talk, Seth Fogie, information security director at Penn Medicine takes apart different vendor systems at the “fictitious” Black Hat Clinic. Fogie gives a lot of examples and drives home the point that you shouldn’t just look at network security … you have to dig deep into the applications to ensure the security of your data.

Read Post

Veracode

Read more about Live from Black Hat: Healthscare - An Insider's Biopsy of Healthcare Application Security with Seth Fogie

Live from Black Hat: Practical Defenses Against Adversarial Machine Learning with Ariel Herbert-Voss

Aug 6, 2020 By Chris Kirsch In Veracode

Adversarial machine learning (ML) is a hot new topic that I now understand much better thanks to this talk at Black Hat USA 2020. Ariel Herbert-Voss, Senior Research Scientist at OpenAI, walked us through the current attack landscape. Her talk clearly outlined how current attacks work and how you can mitigate against them. She skipped right over some of the more theoretical approaches that don’t really work in real life and went straight to real-life examples.

Read Post

Veracode

Read more about Live from Black Hat: Practical Defenses Against Adversarial Machine Learning with Ariel Herbert-Voss

Moody's Shares How to Learn from Organizations Running Successful AppSec Programs

Aug 5, 2020 By Veracode In Veracode

Veracode has helped thousands of customers integrate security into their development cycle, and we’ve now got lessons learned, best practices, and pitfalls to avoid. Join Adrian Benvenuti, Vice President of Cybersecurity Risk and Architecture at Moody’s and Chris Kirsch, Director, Product Marketing at Veracode as they discuss how real-life AppSec programs are helping security and development teams work together to secure code.

View Video

Veracode

Read more about Moody's Shares How to Learn from Organizations Running Successful AppSec Programs

Live From Black Hat: Stress-Testing Democracy - Election Integrity During a Global Pandemic with Matt Blaze

Aug 5, 2020 By Chris Kirsch In Veracode

Technology and elections are heavily interrelated – but it wasn’t always that way. We started to adopt technology once we weren’t able to fit everyone into a town hall. The first piece of technology was simply a piece of paper and a ballot box. We may not think of it as technology, but the ballot box can be tampered with. That technology gave us ballot secrecy, a trait that a hand-raise in the town hall didn’t.

Read Post

Veracode

Read more about Live From Black Hat: Stress-Testing Democracy - Election Integrity During a Global Pandemic with Matt Blaze

New Data Reveals How AppSec Is Adapting to New Development Realities

Aug 3, 2020 By Hope Goslin In Veracode

In today’s fast-paced world, companies are racing to bring new, innovative software to market first. In order to keep up with the speed of innovation, many organizations are shifting toward DevSecOps. DevSecOps brings security to the front of the software development lifecycle, allowing for both fast deployments and secure applications.

Read Post

Veracode

Read more about New Data Reveals How AppSec Is Adapting to New Development Realities

Man vs. Machine: Three-Part Virtual Series on the Human Element of AppSec

Aug 3, 2020 By Meaghan McBee In Veracode

In 2011 when IBM’s Watson supercomputer went up against ‘Jeopardy’ icon Ken Jennings, the world watched as a battle of man vs. machine concluded in an impressive win for Watson. It wasn’t simply remarkable that Watson could complete calculations and source documents quickly; the real feat was the brainpower it took to create fine-tuned software with the ability to comprehend questions contextually and think like a human.

Read Post

Veracode

Read more about Man vs. Machine: Three-Part Virtual Series on the Human Element of AppSec

Reduce Your Risk of a Breach with Dynamic Analysis

Aug 3, 2020 By Veracode

While shifting security left in your software development lifecycle is crucial to application security success, it's still imperative to maintain testing in the later stages of your process. After all, some web application vulnerabilities can only be discovered at that point in the SDLC.

Get White Paper

Veracode

Read more about Reduce Your Risk of a Breach with Dynamic Analysis

After Years of Security Prioritization, How Do You Finally Protect Lingering Vulnerabilities?

Aug 3, 2020 By Veracode

With a comprehensive AppSec program, you want to understand your entire development, security, and application footprint so you can roll out consistent tools and processes. As a result, only a portion of your applications are covered, leaving vulnerabilities unprotected. And blind spots are clouding visibility into risk reduction efforts, making it difficult to report on progress throughout your organization.

Get EBook

Veracode

Read more about After Years of Security Prioritization, How Do You Finally Protect Lingering Vulnerabilities?

Veracode Static Analysis

Aug 1, 2020 By Veracode

Veracode Static Analysis provides fast, automated security feedback to developers; conducts a full policy scan before deployment; and gives clear guidance on what issues to focus on and how to fix them faster.

Get White Paper

Veracode

Read more about Veracode Static Analysis

When AppSec Integration Threatens Development, How Do You Safely Sustain Innovation?

Aug 1, 2020 By Veracode

You want AppSec tools in your development process, but anything less than full integration undermines your program's effectiveness. Getting the right resources into developers' hands typically requires: tools, systems, and processes.

Ongoing maintenance: Routine patches and upgrades can be time consuming-especially if you're supporting multiple geographies or teams-and may break your customizations.

Get EBook