Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Testing

riskoptics

How to Implement Effective Compliance Testing

Aug 25, 2020 By Tricia Scherer In RiskOptics

Compliance testing, also known as conformance testing, is a periodic, independent, and objective assessment of compliance-related processes and/or controls. The goal of compliance testing is to determine whether the elements, processes, and controls of your compliance program are designed appropriately and operating as designed. Compliance testing follows an established process and plan as well as a risk-based approach.

Read Post

Create and Manage API Users in the Veracode Platform

Aug 24, 2020 By Veracode In Veracode
In this video, you will learn how to configure an API service account in the Veracode Platform. To be able to access the Veracode APIs, you must either have a user account or API service account with the required user roles for performing specific API tasks. Before you can configure these two account types, you must log into the Veracode Platform using an account with the Administrator role or Team Admin role. A user account with the required role permissions can access the Results XML API, Upload XML API, and the Mitigation and Comments XML API.
View Video
veracode

New Data Reveals How AppSec Is Adapting to New Development Realities

Aug 3, 2020 By Hope Goslin In Veracode

In today’s fast-paced world, companies are racing to bring new, innovative software to market first. In order to keep up with the speed of innovation, many organizations are shifting toward DevSecOps. DevSecOps brings security to the front of the software development lifecycle, allowing for both fast deployments and secure applications.

Read Post
veracode

Why is Dynamic Analysis an Important Part of Your AppSec Mix?

Jul 31, 2020 By Hope Goslin In Veracode

By now, most are familiar with the concept of DevSecOps. With DevSecOps, application security (AppSec) is moved to the beginning of the software development lifecycle (SDLC). By scanning earlier in the SDLC, you are able to find and fix flaws earlier. This can result in significant time and cost savings. Most organizations understand the importance of static analysis, which scans for flaws during development, but dynamic application security testing (DAST) is just as important.

Read Post
mend

Dynamic Application Security Testing: DAST Basics

Jul 30, 2020 By Julie Peterson In Mend

Application security testing (AST), which are tools that automate the testing, analyzing, and reporting of security vulnerabilities, is an indispensable part of software development. In a modern DevOps framework where security is shifted left, AST should be thought of as compulsory. And this has never been more important when you consider that Forrester reports the most common external attack method continues to be application weaknesses and software vulnerabilities.

Read Post

Tips for Unifying the Security Professional and Developer Roles

Jul 27, 2020 By Veracode In Veracode
Watch our video "Tips for Unifying the Security Professional and Developer Roles" to hear from Veracode’s Chief Technical Officer Chris Wysopal and Chief Product Officer Ian McLeod on how the security and development roles became misaligned, and how organizations can tackle the problem head-on.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.