Common Mobile Malware Types: Cybersecurity 101

The amount and variety of mobile malware programs targeting smartphone and tablet users is significant and growing at an alarming rate. This blog post will explain the common types of malicious programs targeting mobile platforms, and provide a brief description of each.

Mobile malware first emerged as early as 2004 targeting the Symbian OS, but exploded in 2011 when computer security pros reported a new incident on the Android platform every few weeks. These nefarious programs either install themselves or are installed on the device by unwitting mobile users…

Similarities Between Building Software and LEGO: Talking Code Part 5

Chris Wysopal, Paul Roberts, and Joshua Corman break down the intricacies of externally developed software. Third party code has been a growing issue for many organizations that have been pushing out software regularly. The trio talks about the concept of Legoland and how building applications today shares many similarities with our favorite childhood hobby.

The Virtual Scan Appliance, Scan Internal Applications

The Virtual Scan Appliance (VSA) is a virtual appliance that enables dynamic application security testing behind a customer’s firewall through the installation of a virtual machine (VM) in a datacenter behind the firewall. The VSA is integrated into the Veracode Platform for workflow, policy management, and reporting, giving customers a single location for managing the security of public applications and those behind the firewall. To request a VSA, please contact a services representative.

Damaged, But Undaunted, NIST Plugs Ahead On Cyber Security

NIST took a big hit to its reputation with the NSA scandal. Will that damage its ability to move ahead on an ambitious cyber security agenda?

For most of its history, the National Institute of Standards and Technology has been an important, if un-sexy arm of the U.S. government. Originally the National Bureau of Standards, NIST is the U.S. government’s measurements and standards laboratory, with a mission to promote innovation and industrial competitiveness by advancing technology standards.

Is it Wrong to Assume Software Should be Secure? Part 4 of Talking Code

Where does the responsibility of securing software lie, with vendors or their customers? Ultimately once customers start consistently asking for security, it’s a feature that should be delivered like any other. So what does this mean for all of us? Demand security, trust but verify and hold companies accountable for the quality of the products they sell.

Veracode’s VAST Program Named a Finalist at the Financial World Innovation Awards

Veracode’s VAST Program Named a Finalist in the Financial World Innovation Awards for the Most Innovative Financial Services Solution.

The Veracode Vendor Application Security Testing (VAST) program has been named a finalist in the Financial World Innovation Awards in recognition for its ability to deliver a solution to the complex problem of third party application security in the category of “Technology vendors – Most Innovative financial services solution”.

After Ten Years, Cracks In Microsoft’s Patch Program

Do Microsoft’s recent patch woes portend deeper problems with the security team in Redmond?

It has been quite a while since I wrote, critically, about Microsoft’s patch program, but the company’s latest patch woes have me a bit concerned.

OWASP Top Ten 2013

The open Web Application Security Project (OWASP) was started in 2001 with the avowed mission of ‘making software security visible, so that individuals and organizations worldwide can make informed discussions about true software risks.’ Since then OWASP’s influence has grown to the point that their Top 10 project is referenced by many standards, books, tools, and organizations, including MITRE, PCI DSS, DISA, FTC and more.

1 7 8 9 10 11 64