What was top of mind for your peers regarding AppSec in 2020?
Yes, we realize no one really wants a 2020 retrospective – who wants to look back at that mess? But we are going to carry on with our annual look-back at our most popular blogs from the previous year. We always gain a lot of insight with this exercise – we find out what resonated with security professionals and developers, uncover trends, and learn what people have questions or concerns about. We hope you find this valuable too.
So what were the hot AppSec topics in 2020? Topping the list: Developer security training, best practices made practical, open source security, technical details on vulnerabilities, and, of course, the sudden shift to remote work and a digital world last March. Did you catch all these popular blog posts?
Developer security training
Our new Security Labs offering was a hot topic last year. Clearly, training developers on secure coding is a requirement and a concern for many. If you want to see what Security Labs is all about, check out the Community Edition. Developers can use it to learn to code securely by hacking and patching real apps, at no cost.
Announcing Veracode Security Labs Community Edition
Stay Sharp and Squash Security Debt With Veracode Security Labs
Our survey report with ESG covered some of the pain points organizations are facing regarding security training, and blogs on that topic were in our most-viewed list as well.
16% of Orgs Require Developers to Self-Educate on Security
How 80% of Orgs Can Overcome a Lack of Training for Developers
Best practices for the rest of us
Our guide on AppSec best practices vs. practicalities and its associated blog were among our most-read content pieces last year. Highlighting not only what to strive for, but also where to start, with application security seemed to resonate with many.
Best Practices and Practical Steps to Guide Your AppSec Journey
Securing open source code
As with the past several years, open source security was one of the most popular topics. The first open source edition of our annual State of Software Security report got a lot of attention in 2020. Take a look at the report to get the results of our analysis of 351,000 external libraries in 85,000 apps. We unearthed some really interesting data about the number of dependencies in open source libraries, and about challenges and best practices in securing them.
Announcing Our State of Software Security: Open Source Edition
Breaking Down Risky Open Source Libraries by Language
Details on vulnerabilities and secure coding
Blogs that take a technical deep dive into particular vulnerabilities typically resonate with our audience, and last year was no exception. Our blog posts on spring view manipulation vulnerability and preventing sensitive data exposure got a lot of attention in 2020.
Write Code That Protects Sensitive User Data
Spring View Manipulation Vulnerability
Covid life
And finally … a topic of interest last year on our blog was life at Veracode, both professional and personal, after the Covid shutdown. Our two blogs on the topic were some of our most viewed. We especially like the one about all the Veracoders suddenly working from home (The pets! The amazing Star Wars workspace!). It was quite the upheaval at the time, but now it’s hard to remember life with bumper-to-bumper traffic, conference rooms, and hallway conversations. And stay tuned … as we approach the one-year anniversary of our shift to remote work, we’re looking back and thinking about all we’ve learned and pulling it all together in another blog post on the topic.
We’re All WFH Too – Here’s What We’ve Learned
Business Continuity During the COVID-19 Outbreak – We Are Here to Help
Keep up with the latest AppSec news and advice
We hope you found some useful information in these blog highlights. Don’t miss any gems this year -- stay up to date with all our content on AppSec news and best practices in 2021 by becoming a content subscriber. We’ll send you our monthly newsletter (and some exclusive content) to keep you in the loop. Happy 2021 everyone, thanks for reading and engaging with our content -- stay secure, stay healthy, and stay sane!