Earlier today we announced the winners of our first ever Secure Development Awards. For those that haven’t heard of our new awards this quote from our Co-Founder Chris Wysopal sums it up nicely; “We’ve created this award to recognize developers’ successes in properly implementing security features during the software development lifecycle…” Read more about our Secure Development Award winners!
Veracode’s remedy for the Application Security headache is in full swing at the Black Hat Conference. Swing by the booth (#229) and you can pick up an “I <3 Binaries” t-shirt, some Veracode Vitamins, a Water Bottle, or a chance to win $1,000. But we aren’t the only great booth here at Black Hat this year; quite a few security vendors have gone all to create great themes and fun giveaways. See our picks!
I’ll be speaking at Black Hat Briefings in Las Vegas this year, on “Lessons Of Static Binary Analysis”. The talk will be a two hour intensive workshop covering the details of binary transformation that make Veracode possible. The topics will range from an introduction to decompilation theory, to the details of how to build an […]
It’s that time of year again. Veracode’s security research team and our Chief Scientist will be at the Vegas cons in force this year engaging in the usual roguery. Here’s where to see us speaking: Christien Rioux, “Lessons of Binary Analysis”, BlackHat, July 26, 10:15am Zach Lanier and Andrew Reiter, “Mapping and Evolution of Android […]
This roundup for the week of July 20th features a post on cyber threats by Barack Obama, a new malware named Messiah targeting Iran and Israel, BYOD best security practices, a huge growth in online identity theft and some lessons learned from the recent Yahoo hack! See you what you missed this week in application security news.
Last week, a fake iOS App Store server went live with simple instructions for how to circumvent paying for in-app purchases (such as bonus levels in games) and unlock them for free. Most apps were vulnerable to being duped into believing the user had already paid for their content. Many people willing to engage in software […]
Having a program allows an organization to address the full scope of the application security problem (including vendor management and compliance issues) with better information for decision making, and a roadmap for managing organizational change. But, how does one get a program started? Read on to find out five tips for getting started on your application security program.
Veracode Researcher Chris Lytle is presenting a talk on Competitive Puzzles at BSides Las Vegas this month. Newbies to the world of competitive puzzles will find valuable resources and tools in Chris’s talk that they can use to break into doing more complex puzzles. Learn more about competitive puzzling and read on!
Secure coding is a challenge that every software company in the world faces. Even the largest companies that attract the best developers in the world (Read: Google, Facebook) have multiple instances of vulnerabilities in their code ranging from XSS to SQL injection to backdoors. So how can you integrate security into your SDLC?