OWASP Releases New Top 10. Is That 9 Too Many?

OWASP released its oft-cited Top 10 list of web application vulnerabilities. But maybe we’d be better with an OWASP Top 1!

OWASP – The Open Web Application Security Project – released its official OWASP Top 10 list for 2013 on Wednesday – the first major update to the oft-cited list of common web application vulnerabilities in three years.

Mobilizing the Masses: Building BYOD Security Awareness in Your Workplace

The rise of BYOD friendly workplaces means employees are now downloading personal apps on devices that have access to corporate as well as private data. It is not uncommon for useful and seemingly harmless applications to be designed to perform tasks that are unrelated and unnecessary to the advertised function of the app.

Launch Day! Mobile Application Reputation Service

It’s a big day for us here at Veracode and those attending the the Gartner Security & Risk Management Summit can get a sneak preview of our latest offering. Today we’re launching our Mobile Application Reputation Service or as we’ve come to refer to it, MARS! BYOD has been a subject at the forefront of enterprise security concerns because of its complexity and user driven nature. MARS will help enterprises and federal agencies prevent accidental data leakage due to the use of risky mobile applications.

Increasing Business with a SaaS-based Application Security Platform

The following video is a recording of a webinar run on May 7th, 2013. The webinar, jointly run by UBM Tech, CRN and Veracode features Rob Westervelt, Senior Editor of CRN and Evan Fromberg, Senior Director of Worldwide Channel and Business Development at Veracode. The two look at data breach trends reported in the 2013 Verizon DBR and what can be done in the face of the current threat landscape.

At FTC Event, Google Plays Dumb On Mobile Security

An FTC-run panel finds the smartest company on earth playing dumb on mobile security.

Google joined the world’s other leading mobile device and operating system makers this week for a forum on mobile threats and security, where the world’s smartest technology company played it kind of dumb.

How to Wipe Your Old Smartphone Data Before You Donate

I stumbled upon this great pdf from CTIA-The Wireless Association this morning detailing steps for properly backing up and removing all data from old smartphones or other mobile devices before you donate or recycle them. They also include helpful links to gowirelessgogreen.org which offers information on where and how to recycle your device and accessories, and also some additional apps and tips you should employ if your current mobile device is ever lost or stolen at beforeyouloseit.org.

Review Your Exceptions Early and Often

It is a fact universally acknowledged that an organization in possession of a good policy must also be in possession of an exception process; the stricter the policy, the more efficient the exception process. While this piece of wisdom can be usually applied to any area, it is doubly true when it comes to application security policies and processes. These must contend not only with resource and budget constraints within the security teams, but also with the ever increasing need to accelerate time-to-market and deliver feature rich applications by development organizations.

Veracode’s CEO a Finalist in Ernst & Young’s Entrepreneur of the Year Award

Yesterday Ernest & Young announced the finalists for the 2013 Ernst & Young Entrepreneur of the Year for the New England region – and Veracode’s very own Bob Brennan was on the list! The awards program recognizes high-growth entrepreneurs who demonstrate excellence and extraordinary success in areas such as innovation, financial performance and personal commitment to their businesses and communities. Award winners will be announced at an event on Wednesday, June 26, 2013.

Hacking and Piracy. Aaargh!!

Are APT hacking crews just modern day buccaneers? And, if so, how do we make them walk the plank?

When it comes to matters of information security, I’m a big fan of what might be called the “anti-exceptionalism” school of information security. That is: I reject the notion that the myriad of problems that we, the IT community, face in regard to security our networks, endpoints and the Internet are exceptional or extraordinary in any way.

1 17 18 19 20 21 69