Once again, our rapid growth has been recognized by a major publication. Veracode has earned the position of #1055 on the 2013 Inc. 500/5000 list of the fastest-growing private companies in the United States.
Putting political motivations aside, why were the Washington Post, CNN.com, Time and others recently hacked? Simply put, they extended their trust perimeter to include a third party component without vetting its security properly. Extending trust is necessary in the business world but in the immortal words of Ronald Reagan, to maintain security we must “trust but verify”.
Fixing the security flaws in “smart” home devices is easy. Changing the culture of insecurity that created them will be much harder.
I find myself talking with customers about program maturity a lot these days. Our customers all have application security programs in place, but each one is a little different with different approaches, requirements, priorities, and sitting at different stages of maturity. Each program also has things in common as well such as testing techniques and the overall goals of catching security coding flaws early on or preventing altogether.
At On-Line Strategies [OLS], many of the tools we use in our Software Development Lifecycle (SDLC) have helpful APIs, including Veracode. We leverage them to automate tasks that were once performed manually by developers or technical managers, such as running a Veracode static scan on a pending release.
Today, our Veracode static scans run alongside automated regression tests for every public release, to ensure we catch security flaws that may have slipped by our developers.
What was hot at Black Hat this year? And how has the show changed since its early days as a raucous, midsummer retreat for North America’s hacking community? We sat down with Veracode’s “three Chrises” (Wysopal, Rioux and Eng) to remember Black Hat’s early days and talk about the highlights of this year’s show.
Seems like the hallmark of new technology is always based on a question of how we can automate tasks to do them faster and less expensively. Efficiency is an asset for any growing business and in the hyper-competitive world of modern tech it’s a requirement. Automation is great; it was the spark behind the industrial revolution and has allowed industries to reach a level of unprecedented production.
Christien Rioux (@dildog) was this keynote speaker at this year’s BSidesLV event. His presentation was titled “The Security Industry: How to Survive Becoming Management” and the slides are now available over on slideshare.
When selling software, whether to businesses or consumers, differentiation is the key to successfully marketing a product. Software providers can take a lesson from auto manufacturers and use safety and security to set their products apart.