Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Veracode

Dangers of Only Scanning First-Party Code

When it comes to securing your applications, it’s not unusual to only consider the risks from your first-party code. But if you’re solely considering your own code, then your attack surface is likely bigger than you think. Our recent State of Software Security report found that 97 percent of the typical Java application is made up of open source libraries. That means your attack surface is exponentially larger than just the code written in-house.

Message Authentication Code (MAC) Using Java

This is the seventh entry in this blog series on using Java Cryptography securely. Starting from the basics we began diving deeper into various basic cryptographic primitives such as Cryptographically Secure Random Number Generator, symmetric & asymmetric encryption/decryption & hashes. After taking a brief interval, we caught-up with cryptographic updates in the latest Java version. Skip to the TL; DR

Working with Scan Results Using the Veracode Visual Studio Extension

In this video, you will learn how to download, import, and view Veracode scan results using the Veracode Visual Studio Extension. You will also learn how to mitigate findings discovered during the scan in Visual Studio. When the Veracode scan of your application scan has completed successfully, you can download the scan results to your local machine using the Veracode Visual Studio extension or directly from the Veracode Platform. You can also use the Veracode Visual Studio Extension to propose mitigations for flaws discovered in your application during scanning.

AppSec Bites Part 3: Has the New Virtual Reality Created Opportunities for AppSec?

Over the past several months, many organizations have had to shift their operations to a fully digital platform. This sudden shift was more challenging for some industries, like government, than other industries, like technology. And aside from having to adapt to fully remote operations, many organizations were also subject to tighter budgets, forcing them to become more efficient.

75% of Apps in the Healthcare Industry Have a Security Vulnerability

In light of the current pandemic, our healthcare industry has been challenged like never before. Healthcare workers heroically stepped up to the plate, caring for those in need, while the industry itself digitally transformed to keep up with the influx of patient data and virtual wellness appointments.

AppSec Bites Part 2: Top 3 Things to Consider When Maturing Your AppSec Programs

When it comes to maturing an AppSec program, there are several best practices that can help you get started. In part two of our AppSec podcast series, Tim Jarrett, Director of Product Management at Veracode, and Kyle Pippin, Director of Product Management at ThreadFix, share the top 3 things they’ve learned from organizations that have successfully matured and scaled their AppSec programs.

Embracing the Digital Shift: Implementing DevSecOps in the Cloud with AWS

To keep up with increasing time and productivity demands in software development, it’s important that organizations are staying on top of their digital shifts through rapid technology adoption and the prevention of common snags in application security (AppSec).