VerAfied Feature – Security: the ugly secret at the heart of #eventtech?

This blog post was originally published by GenieConnect at http://www.genie-connect.com/blog/security-the-ugly-secret-at-the-heart-of-eventtech. GenieConnect joined the ranks of our VerAfied secure software directory in June of this year using our static binary analysis service. We’re excited to see and supportive of GenieConnect’s decision to make the security of their software and users, a priority. If you’re short of […]

Video Survey: What Would You Do with a Monster in Your Corner?

In our final video survey installment as part of the Future of AppSec Series, we talk about the idea of having a “Monster in Your Corner“. Application security often feels like a massive intractable problem, the sort of problem that requires a really big friend to help you solve, or in our thinking – a […]

Med Tech’s Promiscuity Problem

A roundtable discussion of medical device security finds that innovation in the connected health space is outstripping security. And the problem will get worse before it gets better. Physicians are used to counseling their patients on the need to take care of themselves and take reasonable precautions to protect themselves from harm. Are you fond […]

Video Survey: What’s in the future for application security?

Security professionals, analysts, and headlines all seem to agree that many of the most critical vulnerabilities discovered and exploited today are happening on the application layer. Organizations around the world are redirecting their efforts to find and fix these flaws. Thought leaders in the security field are calling for others to follow in their efforts […]

Video Survey: Limitations of On-Premises Software Versus Cloud Solutions

Cloud computing has been around for decades and many of the most widely used platforms today are cloud solutions. Google, Amazon, Microsoft, IBM, Salesforce, Oracle, and Zoho are among some of the most well-known cloud vendors offering cloud-based solutions. If you use the internet on a regular basis chances are, you’re already a cloud consumer. […]

Secure Agile Q&A: Scale, Continuous Integration and Policies

Last week I took some time to answer viewer questions from my webinar, “Secure Agile Through Automated Toolchains: How Veracode R&D Does It”. This is my second post to respond to questions from the webinar so if you haven’t yet read the the first one check it out here. My first post focused on questions […]

Veracode Platform Release Notes 2014.5

Welcome to 2014.5! The fifth Veracode platform release of 2014, which focuses on improved coverage and scanning ease of use for Veracode customers. It adds static coverage for Android 4.4 applications and .NET applications using Telerik, improves static coverage for iOS and Ruby applications, and improves the coverage of Discovery by adding copyright identification. Additionally, […]

Heartbleed Still Causing Heartburn on Industrial Systems

An advisory from DHS’s ICS CERT makes clear that ICS vendors are making progress toward fixing Heartbleed, but that customers face a long slog. The good news about the Heartbleed vulnerability in OpenSSL is that most of the major sites that were found to be vulnerable to the flaw have been patched. As has been […]

Good Ol’ SQLi Used to Hack Naval Database from Nuclear Carrier

Wired Threat Level reports that Nicholas Paul Knight, 27, who called himself a “nuclear black hat,” has been charged with hacking a Navy database while working onboard the nuclear-powered USS Harry S. Truman aircraft carrier (at which point he was caught and discharged from the service). Knight was part of a hacking group called Team […]

1 2 3 38