DevSecOps and the Cloud: How Leaning on Your Cloud Provider Can Help You Shift Left

Over the past several years, an increasing amount of organizations have been moving their applications from on-premises to cloud-hosted platforms. And with the current pandemic forcing most businesses to adopt a fully remote work environment, the cloud is even more appealing. Gartner reported that cloud spend rose by double digits in 2020, and it’s expected to continue to grow by 18.4 percent in 2021.


Technology Companies Have the Largest Proportion of Applications With High-Severity Flaws

As a result of the worldwide pandemic, technology companies were forced to pivot to fully remote operations. For many organizations, this meant accelerating their digital transformation efforts. But despite the investment in digital transformation efforts, there haven’t been enough investments in security measures.


Password Storage Using Java

This is the eighth entry in the blog series on using Java Cryptography securely. The first few entries talked about architectural details, Cryptographically Secure Random Number Generators, encryption/decryption, and message digests. Later we looked at What’s New in the latest Java version. All of this equipped us to talk in detail about some of the most common Cryptographic applications. We started by looking at the symmetric cryptography-based application with Message Authentication Code.


AppSec with LolCats: Click2Cat - the Security Extension to Veracode You Didn't Realize You Needed

Fixing security findings in your code can be hard. Sometimes you need help from other developers who have solved these problems before. Veracode provides one-on-one time with ex-developers who can coach you through different approaches to address security findings. But sometimes, you don’t really want advice. Instead, you need a boost to help you get through the day of reducing risk in your software.

Create Users Within Veracode Security Labs or by Using Your Company SSO

In this video, you will learn how to create Security Labs users from within the Security Labs interface. Veracode Security Labs provides interactive training labs that give developers practical security knowledge. Security Labs teaches security and application security (AppSec) skills through hands-on experience. The lab-based approach to developer enablement can improve the time it takes to resolve findings and help developers avoid introducing flaws into the code.

Manufacturing Has the Lowest Percentage of High-Severity Flaws but Needs to Improve Time to Remediation

The past 12 months have been especially challenging for the manufacturing industry. The pandemic affected in-person manufacturing jobs as well as supply and demand, causing many manufacturing companies to shut their doors or lay off valuable employees. Recognizing the vulnerable state of manufacturing companies, cybercriminals saw manufacturing as an easy target. In fact, the manufacturing industry saw an 11 percent increase in cyberattacks in 2020.


Veracode Hacker Games: The Results Are In!

The first ever Veracode Hacker Games competition has come to a close, but were the flaws in favor of our brave competitors? Read on to find out. Over the course of the two-week challenge, students from several universities in the U.S. and the U.K. came together to explore vulnerabilities and threats that they’ll one day face on the job.