Intro to AppSec
For those new to application security, we cover the application security basics and answer questions such as what is application security, why it's important, how it fits in the security ecosystem and how to get started.
- The Evolution of AppSec: Past, Present, and Future
In a recent podcast with IDG, Chris Wysopal, Veracode Chief Technology Officer, speaks to the evolution of application security (AppSec) over the past ten years. In his evaluation, Wysopal leverages findings from Veracode’s annual State of Software Security (SOSS) reports. The first volume of the SOSS report, published in March of 2010, focuses on explaining and advocating for an application READ MORE
Stay up to date on Application Security
- 4 First Steps to Help Your Organization Shift AppSec LeftBy Hope Goslin March 18, 2020
In order to stay competitive in today’s fast-past world, organizations need to rapidly deploy new software. One way to ensure fast deployment is to take Beyoncé’s advice and move security, “to the left, to the left.” By shifting security left – to the beginning of the software deployment lifecycle (SDLC) – there are significant business benefits. Running security tests early enables organizations READ MORE
- Weighing Pros and Cons to Select AppSec Testing Types
When determining the right testing types for your application security (AppSec) program, there are several questions that likely come to mind: What is the difference between the various AppSec tests? What vulnerabilities do the tests uncover? How many testing types do I need to include in my program? You can answer these questions and form the appropriate mix of security tests for your READ MORE
- Best Practices and Practical Steps to Guide Your AppSec JourneyBy Hope Goslin January 31, 2020
Imagine that you are tasked with planning a vacation for you and your family. For your ideal trip, you would jet off to a five-star resort on a private island for a month of pampering and fine dining. But, since you have two children, a limited budget, and only one week of paid time off, you settle for a three-star, theme park resort with a spa and outdoor pool. Your family has a great time on READ MORE
- What Software Composition Analysis and Your Dentist Have in CommonBy Hope Goslin January 29, 2020
SAST, DAST, IAST, SCA … confused about the differences? We thought it might be helpful to clear things up by using the analogy of human health. When you visit the doctor with an ailment, or even for a routine checkup, you are likely to undergo a series of tests to find potential health conditions or diseases. Since the tests are targeting different parts of the mind or body, the results may vary READ MORE
The power of software to improve our lives and our world is almost limitless. Consequently, those creating software are wielding a power that demands a new level of responsibility. When I think about how fast the world is changing, I wonder how our ancestors must have felt at the dawn of past industrial revolutions. Everything changed – the way we made, shipped, and sold goods evolved, and daily READ MORE
- The 80’s called….they want their on-premises solution back!By Nancy Goudreau February 27, 2019
Are you still breakdancing? Storing data on your floppy disk? Performing your searches through the card catalog? Assuming the answer is no, then why are you still using an on-premises application security solution? In all seriousness, take a look at the benefits, and cost savings, you would see with a cloud-based AppSec solution: Start scanning immediately: No need to install servers and tools, READ MORE
- Why I'm Going to RSA 2018: Veracode's New SVP of Engineering
Paiman Nodoushan has been working at Veracode for about two months. In that time, he's met a lot of his peers and claims he already remembers over 50% of their names, no small feat. Jokes aside, he's been getting to know his team, our projects, and the ins and outs of our entire SaaS operation. In our quick interview, he describes the team at Veracode as hard working and passionate, and goes on READ MORE
- AppSec Buyers’ Insights: Binary vs. Source Code ScanningBy Brittany O'Shea March 6, 2018
The discussion surrounding which is superior – binary or source code scanning – has plagued the static analysis market since its inception. A source code scanner analyzes un-compiled code, whereas a binary scanner analyzes compiled code, but in the end, the result is the same. They are simply two engineering solutions for the same problem. However, as a fundamental part of vendors’ approaches to READ MORE
- How Are We Securing the Booming Digital Economy? Our Latest Survey Results
The holiday season is upon us; are you buying all your gifts at the mall? Probably not. Many, if not most, of you are going to research, purchase and pay for all your holiday gifts online this year. Digitization is everywhere – changing every interaction and transaction. But it seems like breaches are everywhere as well – affecting all industries in all geographies. Are business leaders simply READ MORE
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.