Stop Freaking Out About Facebook Messenger

Facebook recently announced that mobile chat functionality would soon require users to install Facebook Messenger. Fueled by the media, many people have been overreacting about the permissions that Messenger requests before taking time to understand what the true privacy implications were. In a nutshell, Messenger is hardly an outlier relative to the other social media […]

Coming to a computer near you, SQL: The Sequel

It might sound like a bad movie, but it’s playing out in real life – despite what seems like endless hacks using SQL injections, SQLi related breaches keep turning up like a bad penny. Most recently, Hold Security reported that they discovered a breach by Russian Hacker Ring. While details of this series of breaches […]

Endless Summer: Hacker Cons Ride Wave of Third-Party Software Holes

OpenSSL set the stage, but at this week’s Black Hat and DEFCON conferences, researchers will bring down the house on third-party code. We didn’t need the Black Hat and DEFCON hacker conferences to make us aware that vulnerabilities in third-party software were a major security concern – for software vendors and their customers. The “Heartbleed” […]

VerAfied Feature – Security: the ugly secret at the heart of #eventtech?

This blog post was originally published by GenieConnect at GenieConnect joined the ranks of our VerAfied secure software directory in June of this year using our static binary analysis service. We’re excited to see and supportive of GenieConnect’s decision to make the security of their software and users, a priority. If you’re short of […]

Video Survey: What Would You Do with a Monster in Your Corner?

In our final video survey installment as part of the Future of AppSec Series, we talk about the idea of having a “Monster in Your Corner“. Application security often feels like a massive intractable problem, the sort of problem that requires a really big friend to help you solve, or in our thinking – a […]

Med Tech’s Promiscuity Problem

A roundtable discussion of medical device security finds that innovation in the connected health space is outstripping security. And the problem will get worse before it gets better. Physicians are used to counseling their patients on the need to take care of themselves and take reasonable precautions to protect themselves from harm. Are you fond […]

Video Survey: What’s in the future for application security?

Security professionals, analysts, and headlines all seem to agree that many of the most critical vulnerabilities discovered and exploited today are happening on the application layer. Organizations around the world are redirecting their efforts to find and fix these flaws. Thought leaders in the security field are calling for others to follow in their efforts […]

Video Survey: Limitations of On-Premises Software Versus Cloud Solutions

Cloud computing has been around for decades and many of the most widely used platforms today are cloud solutions. Google, Amazon, Microsoft, IBM, Salesforce, Oracle, and Zoho are among some of the most well-known cloud vendors offering cloud-based solutions. If you use the internet on a regular basis chances are, you’re already a cloud consumer. […]

Secure Agile Q&A: Scale, Continuous Integration and Policies

Last week I took some time to answer viewer questions from my webinar, “Secure Agile Through Automated Toolchains: How Veracode R&D Does It”. This is my second post to respond to questions from the webinar so if you haven’t yet read the the first one check it out here. My first post focused on questions […]

Veracode Platform Release Notes 2014.5

Welcome to 2014.5! The fifth Veracode platform release of 2014, which focuses on improved coverage and scanning ease of use for Veracode customers. It adds static coverage for Android 4.4 applications and .NET applications using Telerik, improves static coverage for iOS and Ruby applications, and improves the coverage of Discovery by adding copyright identification. Additionally, […]

1 2 3 38