How secure are open source libraries?
Seven in 10 applications have a security flaw in an open source library, highlighting how use of open source can introduce flaws, increase risk, and add to security debt, a …
Veracode
Photos: RSA Conference 2020, part 1
RSA Conference 2020 is underway at the Moscone Center in San Francisco. Check out our microsite for the conference for all the most important news. Here are a few photos from …
Veracode Static Analysis: Comprehensive analysis across the development lifecycle
Veracode, the largest independent global provider of application security testing (AST) solutions, announced the launch of the next-generation of Veracode Static Analysis. The …
Chance that flaws will ever be dealt with diminishes the longer they stick around
More than half of all security findings (56%) are fixed, but a focus on fixing new findings while neglecting aging flaws leads to increasing security debt, according to …
Disclosing vulnerabilities to improve software security is good for everyone
Today, software companies and security researchers are near universal in their belief that disclosing vulnerabilities to improve software security is good for everyone, …
Accenture, Splunk and UTC join SAFECode, Veracode rejoins the organization
The Software Assurance Forum for Excellence in Code (SAFECode) announced that Accenture, Splunk and United Technologies joined SAFECode as new Associate Members, and Veracode …
Photo gallery: RSA Conference 2019 Expo, part three
RSA Conference 2019 is underway at the Moscone Center in San Francisco. Check out our microsite for the conference for all the most important news. Here are a few photos from …
Companies implementing DevSecOps address vulnerabilities faster than others
A new study from CA Veracode includes promising signs that DevSecOps is facilitating better security and efficiency, and provides the industry with the company’s first look at …
Chris Eng: An infosec journey from offense to defense
“Come to my lab, I promise you’ll learn something cool,” a friend told Chris Eng. Within a couple of hours, he had walked him through writing an exploit for …
The pervasive risk of vulnerable open source components
Veracode announced findings from the 2017 State of Software Security Report, a comprehensive review of application security testing data from scans conducted by a base of more …
DevOps skills gap: Do you have the necessary skills to succeed?
New research shows that software developers are not receiving the training they need to be successful as DevOps becomes the prevalent approach to building and operating …
DevSecOps: Build a bridge between fast and secure software development
Despite the pervasive belief that security and development teams have conflicting priorities, initiatives such as creating DevOps environments and focusing on product …
