Burlington, MA, USA
Apr 8, 2021   |  By Hope Goslin
As a result of the worldwide pandemic, technology companies were forced to pivot to fully remote operations. For many organizations, this meant accelerating their digital transformation efforts. But despite the investment in digital transformation efforts, there haven’t been enough investments in security measures.
Apr 7, 2021   |  By Mansi Sheth
This is the eighth entry in the blog series on using Java Cryptography securely. The first few entries talked about architectural details, Cryptographically Secure Random Number Generators, encryption/decryption, and message digests. Later we looked at What’s New in the latest Java version. All of this equipped us to talk in detail about some of the most common Cryptographic applications. We started by looking at the symmetric cryptography-based application with Message Authentication Code.
Apr 6, 2021   |  By Veracode
Extends partner ecosystem making it easier to deliver secure software at scale.
Apr 1, 2021   |  By Veracode
Next Generation of Developers Establish Secure Coding Skills Through Two-Week Competition.
Apr 1, 2021   |  By Anne Nielsen
Fixing security findings in your code can be hard. Sometimes you need help from other developers who have solved these problems before. Veracode provides one-on-one time with ex-developers who can coach you through different approaches to address security findings. But sometimes, you don’t really want advice. Instead, you need a boost to help you get through the day of reducing risk in your software.
Apr 1, 2021   |  By Meaghan McBee
“Science and technology revolutionize our lives, but memory, tradition, and myth frame our response.” – Author Arthur M. Schlesinger Urban myths rely on their communities of origin to thrive and survive.
Mar 30, 2021   |  By Hope Goslin
The past 12 months have been especially challenging for the manufacturing industry. The pandemic affected in-person manufacturing jobs as well as supply and demand, causing many manufacturing companies to shut their doors or lay off valuable employees. Recognizing the vulnerable state of manufacturing companies, cybercriminals saw manufacturing as an easy target. In fact, the manufacturing industry saw an 11 percent increase in cyberattacks in 2020.
Mar 29, 2021   |  By Meaghan McBee
The first ever Veracode Hacker Games competition has come to a close, but were the flaws in favor of our brave competitors? Read on to find out. Over the course of the two-week challenge, students from several universities in the U.S. and the U.K. came together to explore vulnerabilities and threats that they’ll one day face on the job.
Mar 23, 2021   |  By Meaghan McBee
Last year brought a lot of change. Companies across the globe had to pivot, ready or not, and many went fully remote just like we did here at Veracode.
Mar 16, 2021   |  By Veracode
Today, more than ever before, development organizations are focusing their efforts on reducing the amount of time it takes to develop and deliver software applications. While this increase in velocity provides significant benefits for the end users and the business, it does complicate the process for testing and verifying the function and security of a release.
Mar 31, 2021   |  By Veracode
In this video, you will learn how to create Security Labs users from within the Security Labs interface. Veracode Security Labs provides interactive training labs that give developers practical security knowledge. Security Labs teaches security and application security (AppSec) skills through hands-on experience. The lab-based approach to developer enablement can improve the time it takes to resolve findings and help developers avoid introducing flaws into the code.
Mar 12, 2021   |  By Veracode
In this video you will learn how to use the Identify REST API command to: Veracode REST APIs enable you to access Veracode Platform data and functionality using REST API programming conventions. The API provides endpoints for managing users, teams, and business units, using the create, update, read, and delete actions on their respective objects. It also provides a consistent way of onboarding teams by scripting the process from start to finish.
Feb 19, 2021   |  By Veracode
In this video, you will learn how to download, import, and view Veracode scan results using the Veracode Visual Studio Extension. You will also learn how to mitigate findings discovered during the scan in Visual Studio. When the Veracode scan of your application scan has completed successfully, you can download the scan results to your local machine using the Veracode Visual Studio extension or directly from the Veracode Platform. You can also use the Veracode Visual Studio Extension to propose mitigations for flaws discovered in your application during scanning.
Jan 28, 2021   |  By Veracode
In this video, you will learn how to create, configure, and schedule an unauthenticated Dynamic Analysis. An unauthenticated Dynamic Analysis scan is appropriate when the site you are scanning does not require a login. Veracode Dynamic Analysis also supports the scanning of websites that require authentication, such as such as login via a webform, browser based, or NTLM.
Dec 11, 2020   |  By Veracode
In this video, you will learn how to prepare a build of your application using Veracode Static for Visual Studio and upload the build to a new or existing application profile in your Veracode portfolio. Veracode Static for Visual Studio integrates with Visual Studio and assists you with compiling and uploading applications for scanning. It also provides quick information about potential security flaws in your applications, enabling remediation directly within your IDE.
Dec 3, 2020   |  By Veracode
Learn how to use the Veracode Integration for Jira Cloud.
Dec 3, 2020   |  By Veracode
Learn how to use the Veracode Integration for Jira Server.
Dec 2, 2020   |  By Veracode
In this video, you will learn how to: Veracode IDE Scans find potential security issues in your code in seconds so that you can fix the findings directly in your IDE. Veracode for VS Code is an extension to Visual Studio Code, which performs an IDE Scan at the file level. It supports JavaScript, TypeScript, and C#. You can scan either a single file or all files in a selected Visual Studio folder.
Aug 3, 2020   |  By Veracode
While shifting security left in your software development lifecycle is crucial to application security success, it's still imperative to maintain testing in the later stages of your process. After all, some web application vulnerabilities can only be discovered at that point in the SDLC.
Aug 3, 2020   |  By Veracode
With a comprehensive AppSec program, you want to understand your entire development, security, and application footprint so you can roll out consistent tools and processes. As a result, only a portion of your applications are covered, leaving vulnerabilities unprotected. And blind spots are clouding visibility into risk reduction efforts, making it difficult to report on progress throughout your organization.
Aug 1, 2020   |  By Veracode
Veracode Static Analysis provides fast, automated security feedback to developers; conducts a full policy scan before deployment; and gives clear guidance on what issues to focus on and how to fix them faster.
Aug 1, 2020   |  By Veracode
You want AppSec tools in your development process, but anything less than full integration undermines your program's effectiveness. Getting the right resources into developers' hands typically requires: tools, systems, and processes.
  • Ongoing maintenance: Routine patches and upgrades can be time consuming-especially if you're supporting multiple geographies or teams-and may break your customizations.
  • Jul 1, 2020   |  By Veracode
    In a world where time is money, companies are required to churn out software quickly or get left in the dust. To stay ahead of the market, developers are turning towards open source code, which - when secure - can be a valuable asset towards their efforts
    Jul 1, 2020   |  By Veracode
    Developers want to create secure code, but lack training, so they must rely on AppSec experts to create secure applications. But the severe cybersecurity talent shortage leads to: As a result, developers are often conducting their own security research, which takes substantial time, increasing software delays and costs. With Veracode, you enable developers to write secure code and decrease flaws, so you can make your developers security self-sufficient.
    Jun 1, 2020   |  By Veracode
    Veracode Security Labs shifts application security knowledge "left," earlier in the development cycle, through guided, interactive exercises that train developers to tackle modern threats in the evolving cybersecurity landscape and deliver secure code on time.
    Jun 1, 2020   |  By Veracode
    Today, most organizations are in a race to deliver new, innovative software before their competitors. In turn, they have gone from bi-annual software releases to daily, hourly, or even by-the-minute releases. To keep up with these rapid deployments, security has had to shift from being a late-stage blocker, to an integrated part of the development process. Developers have been doing their best to implement these security measures, but since their performance is often tied to the rate of deployments, speed tends to take precedence. As a security professional, what are some steps you can take so that security doesn't take a back seat to speed?

    Veracode delivers the application security solutions and services today’s software-driven world requires. Veracode’s unified platform assesses and improves the security of applications from inception through production so that businesses can confidently innovate with the web and mobile applications they build, buy and assemble as well as the components they integrate into their environments.

    Veracode’s powerful cloud-based platform, deep security expertise, and systematic, policy-based approach provide enterprises with a simpler and more scalable way to reduce application-layer risk across their global software infrastructures.

    The Veracode Solution:

    • Overcoming DevSecOps Challenges: Innovating through software holds many promises but also bears risks. AppSec programs often struggle with the same problems:
      • Some solutions are hard to manage and scale.
      • Developers are not empowered to fix security issues.
      • Security teams lack bandwidth to manage DevSecOps programs.
      Veracode addresses all of these challenges with a unique combination of automated application analysis in the pipeline, plus DevSecOps expertise for developers and security professionals, all delivered through a scalable SaaS platform.
    • Delivered Through SaaS: Our SaaS model delivers a better, more scalable service at a lower cost. Because we've analyzed over 10 trillion lines of code, Veracode is able to provide the fastest path to accuracy - without tuning. Our expertise is based on analyzing customer programs for over a decade.
    • Application Analysis: Veracode simplifies AppSec programs by combining five application security analysis types in one solution, all integrated into the development pipeline.
    • Developer Enablement: Most AppSec programs forget that there is only one team that can fix security findings: the development team. Veracode provides developers with security feedback in their IDE in seconds as they are writing code, helping them learn on the job.
    • AppSec Governance: AppSec programs can only be successful if all stakeholders value and support them. That’s why Veracode helps security teams to demonstrate the value of AppSec.

    Manage Your Entire Application Security Program in a Single Platform.