John Smith, Senior Principal Solution Architect for Veracode in EMEA, has been working in Information Security for more than 20 years and specifically in Application Security since 2004. He has been part of the evolution of AppSec from ad-hoc testing using technologies such as Dynamic Analysis through to the comprehensive and programmatic approaches seen in mature organizations today, where highly integrated and automated testing is backed up with strong policy and governance. At Veracode John is responsible for helping our customers and prospects understand the ways we can help them to be more effective and efficient in identifying and reducing their software security risks.
SBOM stands for Software Bill of Materials
Before we jump into definitions, let’s quickly level set on how we got here. Over the last few years, the way we build software has changed drastically. With the increasing need to move faster and release more frequently, organizations are opting to…
When you make an investment in an application security program, you’re expecting to derive value from the initiative; in other words, you’re expecting to get some kind of return on your investment. After more than 10 years working with organizations to implement and build out application security…
I recently had an interesting question from a prospective customer:
What are the top 5 lessons learned from implementing your solution at companies similar to ours?
After careful thought, and soliciting input from my fellow solution architects in the EMEA region, I came up with the list below. We’…
