Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Find Security Flaws in Your Dart & Flutter Applications: Veracode Expands Mobile Application Security Support

Veracode recently released Static Analysis support for Dart 3 and Flutter 3.10. This makes it possible for developers to leverage the power of Dart and Flutter and deliver more secure mobile applications by finding and resolving security flaws earlier in the development lifecycle when they are fastest and least expensive to fix.

Why SCA is Critical for Securing the Software Supply Chain

Weaknesses within software supply chains create a foothold for exploitation from cyberattacks. The problem is so significant that even the White House released an Executive Order that speaks directly on this topic. “The Federal Government must take action to rapidly improve the security and integrity of the software supply chain,” states the Executive Order emphatically. Now, you may be wondering what your organization can do to mitigate this risk.

SBOM Explained: How SBOMs Improve Cloud-native Application Security

A staggering 96% of organizations utilize open-source libraries, yet fewer than 50% actively manage the security vulnerabilities within these libraries. Vulnerabilities are welcome mats for breaches from bad actors, and once they've entered your system, the impact can be colossal. A software bill of materials (SBOM) is an important tool for managing the security of open-source software.

Improve Visibility, Reporting, and Automation With Veracode's Reporting API

A high-functioning security program leverages data to drive optimization – by satisfying governance, reporting, and compliance (GRC) requirements efficiently, creating visibility for risk-based prioritization, and leveraging automation throughout the software development lifecycle. Often, however, the data needed to drive these processes is spread across a complex ecosystem.

How to Decide Whether Vulnerability Remediation Augmented by Generative AI Reduces or Incurs Risk

Software security vendors are applying Generative AI to systems that suggest or apply remediations for software vulnerabilities. This tech is giving security teams the first realistic options for managing security debt at scale while showing developers the future they were promised; where work is targeted at creating user value instead of looping back to old code that generates new work.

Public Sector Software Security Two Years After Cybersecurity Executive Order

When the Public Sector wins, we all win. Rooting for the security of Public Sector software is something that comes naturally to Veracode. Federal agencies are tackling an incredibly difficult job, and the road to success is meaningful to us all – regardless of our sector or industry. The push for software security came strongly via specific requirements in the Executive Order on Improving the Nation’s Cybersecurity in 2021.

The Art of Reducing Security Debt In 3 Key Steps

In the ever-evolving landscape of digital threats and cybersecurity challenges, organizations face a significant burden known as security debt. Just like financial debt, security debt accrues when organizations compromise security measures in favor of convenience, speed, or cost-cutting measures. Over time, this accumulated debt can pose serious risks to the organization's data, reputation, and overall stability.

Get It Right First Time with a Comprehensive Approach to Application Security

In the rapidly evolving digital landscape, ensuring robust application security is paramount for organizations. With the emergence of AI-powered attacks and other sophisticated threats, it is crucial to integrate comprehensive Application Security Testing (AST) into the Software Development Lifecycle (SDLC).

Application Security in the Era of AI-driven Attacks

In today’s digital landscape, the importance of application security cannot be overstated, as businesses worldwide face evolving cyber threats. Both defenders and attackers are now harnessing the power of Artificial Intelligence (AI) to their advantage. As AI-driven attacks become increasingly sophisticated, it is crucial for organizations to adopt a comprehensive approach to application security that effectively addresses this emerging threat landscape.