Just as the move to DevOps required a cultural shift, incorporating security into a DevSecOps initiative typically requires a delicate dance between developer and security teams. The two groups historically haven’t seen eye to eye and view one another with distrust.

Code Dx was recognized for its leadership in application security development. Learn how Code Dx helps to build trust in your software. Synopsys is proud to announce that Code Dx® has won the 2021 CybersecAsia Reader’s Choice Award for Best in Application Development Security.

It’s Clint Pollock, principal solutions architect, here for the final lesson in the four-part series on how to use Veracode from the command line in the Cloud9 IDE to submit a software composition analysis (SCA) scan and a dynamic scan. To start, if you’re looking to leverage the Veracode API signing docker image with the Veracode rest APIs, go to the Help Center, go to the Rest API section, and take a look at the available options.

The Open Web Application Security Project (OWASP) is a nonprofit organization with the purpose to help secure software. They provide data that can give engineering and security teams a better idea of where the most common risks may lie. The 2021 OWASP Top 10, released in November 2021, lists the most critical web application security risks. But OWASP also maintains the API Security Top 10 project which was last updated in 2019. Each category is ranked based on the frequency and severity of the defect.

To paraphrase the familiar yuletide song, in the world of IT this is “the most speculative time of the year.” True, tying predictions to the regular calendar may be a bit out of sync for much of the business and government world—the federal fiscal year begins on Oct. 1, and here at Synopsys we say Happy First Quarter on Nov. 1. But we all still celebrate the new year on New Year’s Day.

In part three of a four-part series, Clint Pollock, principal solutions architect at Veracode, details how to use Veracode from the command line in the Cloud9 IDE to submit a software composition analysis (SCA) scan. Check out the video and step-by-step instructions below. It’s Clint Pollock, principal solutions architect, back again for part three of our four-part series on using Veracode from the command line in Cloud9 IDE.

The holidays are right around the corner. It’s a well-deserved time to spend with your friends and family, and it likely translates to increased online sales. But more eCommerce activity also means increased cybersecurity risks. Most organizations with eCommerce deploy cybersecurity measures such as Content Security Policies (CPSs), to help secure their site and protect their customer’s personally identifiable information from a breach.

The most common application vulnerabilities will come as no surprise to cyber security experts. If we know about them, why do they persist?

In part two of a four-part series, Clint Pollock, principal solutions architect at Veracode, details how to use Veracode from the command line in the Cloud9 IDE to submit a static pipeline scan. Check out the video and step-by-step instructions below. It’s Clint Pollock, principal solutions architect, back for part two of our four-part series on using Veracode from the command line in Cloud9 IDE.

“Why focus on building your personal brand?” This was the first question that Elana Anderson, Chief Marketing Officer at Veracode, asked during her presentation Plotting the Course for Your Personal Brand at the recent Executive Women’s Forum (EWF). Anderson, a lifelong student of marketing, and a former analyst at Forrester Research, has a deep understanding of the importance of both corporate and personal brands and the steps necessary to both build and maintain a brand.