Over the past several months, many organizations have had to shift their operations to a fully digital platform. This sudden shift was more challenging for some industries, like government, than other industries, like technology. And aside from having to adapt to fully remote operations, many…

A joint blog post from Veracode and ThreadFix When it comes to maturing an AppSec program, there are several best practices that can help you get started. In part two of our AppSec podcast series, Tim Jarrett, Director of Product Management at Veracode, and Kyle Pippin, Director of Product…

Across the thousands of customer conversations we have each year, one theme continues to emerge regardless of industry, size, or geography: the pace of development is accelerating rapidly, and the pressure to innovate quickly is more intense than ever before. Veracode’s customers are not alone. A…

When considering new language support, we think about our customers’ existing technology stacks and the new and emerging languages that will enable them to securely bring innovations to market faster. With this in mind, we recently added support for Apex, Go, and PLSQL: Apex, a Salesforce.com…

Today, PCI shared its new Software Security Framework. PCI describes this framework as “a collection of software security standards and associated validation and listing programs for the secure design, development and maintenance of modern payment software.” The framework includes two standards for…

The discussion surrounding which is superior – binary or source code scanning – has plagued the static analysis market since its inception. A source code scanner analyzes un-compiled code, whereas a binary scanner analyzes compiled code, but in the end, the result is the same. They are simply two…