Latest Videos

The Devil's in the Dependency: Data-Driven Software Composition Analysis

We all know that lurking within even the most popular open source packages are flaws that can leave carefully constructed applications vulnerable. In fact, 71% of all applications contain flawed open source libraries, many (70.7%) coming from downstream dependencies which might escape the notice of developers. Using graph analytics and a broad data science toolkit, we untangle the web of open source dependencies and flaws and show the best way for developers to navigate this seemingly intractable game of whack-a-mole.

Install Veracode for VS Code to Run Greenlight Scans

In this video, you will learn how to install the Veracode for VS Code extension. The Veracode for VS Code extension is available from the Visual Studio Marketplace. Greenlight finds security defects in your code in seconds so you can fix the findings directly in your IDE. Veracode for VS Code is an extension to Visual Studio Code, which performs a Veracode Greenlight scan at the file level, and supports JavaScript, TypeScript, and C#.

How to Understand the Software Supply Chain

The software supply chain can come with great risk if you’re not set up with the right processes, solutions, and tools, as well as the right checks and balances for third-party vendors. What Will You Learn? The entire development process, from ideation to creation and even the tools you have in place, can stall if there are security issues in your software supply chain. Without the right infrastructure in place, that can mean problems for your CI/CD and, down the road, the applications your customers rely on.

Create and Manage API Users in the Veracode Platform

In this video, you will learn how to configure an API service account in the Veracode Platform. To be able to access the Veracode APIs, you must either have a user account or API service account with the required user roles for performing specific API tasks. Before you can configure these two account types, you must log into the Veracode Platform using an account with the Administrator role or Team Admin role. A user account with the required role permissions can access the Results XML API, Upload XML API, and the Mitigation and Comments XML API.

Moody's Shares How to Learn from Organizations Running Successful AppSec Programs

Veracode has helped thousands of customers integrate security into their development cycle, and we’ve now got lessons learned, best practices, and pitfalls to avoid. Join Adrian Benvenuti, Vice President of Cybersecurity Risk and Architecture at Moody’s and Chris Kirsch, Director, Product Marketing at Veracode as they discuss how real-life AppSec programs are helping security and development teams work together to secure code.