The following post is about a beta software release, which may — and hopefully will — change. You know what they say about assuming… My faithful army of security-minded Twitter followers alerted me to a sudden change in the Ubuntu Linux distribution’s 12.10 beta build that they found alarming: Amazon search had been integrated into […]
Without the software equivalent of an FDA inspector to walk the floor and impose costs (fines, penalties) for shoddy work or unsanitary conditions, it’s a race to the bottom when it comes to the quality of the code that’s produced.
The playwright and existentialist Jean-Paul Sartre famously observed that “Hell is other people.” Put in the modern context, however, it might be more accurate to say that “Hell is other people’s code.”
With yesterday’s launch of our VAST (Vendor Application Security Testing) program comes our Secure Software Supply Chain Toolkit. This kit is aimed to get you on the road to reducing your company’s risk. We hope you find these best practices and tools helpful as you you and your vendors take steps to securing their applications.
Navigating the security superhighway of application perimeters, vendor software and in house development efforts can be a complex and intimidating task. We aim to shift your efforts to the fast lane with our new program, VAST!
Today marks the official launch of our new Vendor Application Security Testing (VAST) program, designed to help enterprises manage the risks inherent in vendor-supplied software applications.
This summer, Veracode Solutions Architect Chad Holmes presented a webinar on third party application analysis. The webinar recommended several best practices for enterprises, application vendors, and application analyzers to follow in the third party application analysis process. In this blog post we’ll highlight Chad’s best practices and the key takeaways from his presentation.
The annual Gartner Security & Risk Management Summit is a two-day event that brings Gartner analysts and the security and risk management community together in one location to discuss the latest research, insights and forward-thinking perspectives found nowhere else. The summit features five in-depth programs and more than 50 sessions. Veracode will be exhibiting and speaking at the Gartner Risk & Security Management conference in London, UK this week September 19-20.
On today’s webinar, “Web & Mobile Applications: The Silent Assassins in your Cyber Security Strategy”, we will discuss the evolution of the application security perimeter with Erik Peterson, Veracode’s Director of Product Strategy. Erik will highlight how mobile devices and web applications are impacting security teams and present guidelines for addressing the changes to our […]
Millions of web sites suddenly became unreachable on Monday due to severe DNS-related problems at GoDaddy. Whether this was the result of a hack, or an internal problem, or a combination of both remains a hot topic, but today we’re going to ask a more pragmatic question: Could your domain survive a DNS attack or […]
Internet privacy is a hot topic these days as advertisers are looking to make money off every bit of available data. There are increasing concerns over unsolicited tracking done by advertisers and website owners and recent legislation has shone a spotlight on the topic as well. Collusion is a great add-on for Firefox made by Mozilla that shows, in real time, how the data you share creates a spider-web of interaction between companies and other trackers.
After our latest Hackathon I wanted to get feedback from our various participants on what they thought of the event and what they thought could be improved. We came up with three simple questions and welcomed any answers at all. What you see below is a sampling of the responses we received.