Innovating to Secure Software Supply Chains: Veracode Acquires Phylum, Inc. Technology for Enhanced Software Composition Analysis
Veracode Security Blog
by Jens Wessling@veracode.com (Jens Wessling)
1M ago
The rise of emerging open-source threats presents a growing risk to organizations as attackers increasingly exploit vulnerabilities in widely used libraries, frameworks, and tools. In fact, most Software Composition Analysis (SCA) tools on the market today are unable to keep up with the volume of new overtly malicious activities in the open-source ecosystem.   To address the critical threat, I’m excited to announce Veracode’s acquisition of Phylum Inc.’s technology to advance our capabilities in securing software supply chains. The addition of Phylum will help the market’s ability to ..read more
Visit website
5 Predictions About Managing Software Risks in 2025
Veracode Security Blog
by broche@veracode.com (broche)
2M ago
How does the exponential advancement of technology impact the security landscape? It makes managing the fundamental risk of the technology, the software, exponentially more complex. From AI accelerating risky code production to cloud infrastructure increasing the attack surface, the world of application risk management is enduring a rapid transformation that needs immediate attention.   Here are my predictions for 2025 and how to ride this wave of transformation to security as an enabler of progress rather than a barrier.  1. Exponentially Complex Risk Will Make Context Everythi ..read more
Visit website
Revolutionizing Risk Management in Application Security
Veracode Security Blog
by Donna Namorato@veracode.com (Donna Namorato)
2M ago
In our hyper-connected reality, software applications are the unsung heroes of business operations. But, let's face it, with great tech comes great vulnerability to cyber shakedowns and data leaks. This begs the question: “Is scanning enough to manage risk?” Organizations are playing a high-stakes game of keeping their apps secure to safeguard their secrets. Let’s explore how to enhance application security by not only identifying vulnerabilities but also by prioritizing these threats, giving teams a playbook with the Next Best Actions to understand the root cause analysis of flaws and tacklin ..read more
Visit website
The Veracode Customer Advantage: 184% ROI Realized
Veracode Security Blog
by creidy@veracode.com (creidy)
2M ago
Are you getting the results you want from your application security (AppSec) program? Discovering the return on investment (ROI) is a great start, but how should you go about calculating that? That’s where our recently commissioned Total Economic Impact™ (TEI) study conducted by Forrester Consulting comes in. We’re thrilled and deeply grateful to share these customer stories with you. Here are the key benefits realized by organizations leveraging the Veracode Application Risk Management Platform.     Unveiling the ROI: A Significant 184%  The Forrester Consulting TEI study ..read more
Visit website
Speed vs Security: Striking the Right Balance in Software Development with AI
Veracode Security Blog
by broche@veracode.com (broche)
2M ago
Software development teams face a constant dilemma: striking the right balance between speed and security. How is artificial intelligence (AI) impacting this dilemma? With the increasing use of AI in the development process, it's essential to understand the risks involved and how we can maintain a secure environment without compromising on speed. Let’s dive in.  The Need for Speed  Speed is of the essence. Organizations are constantly striving to deliver code faster and innovate quickly to stay ahead of the competition. This need for speed has led to the adoption of AI and large lang ..read more
Visit website
Software Liability Comes to the EU: Navigating New Compliance Challenges
Veracode Security Blog
by cwysopal@veracode.com (cwysopal)
3M ago
The European Union has taken a significant step by introducing a directive to update the EU’s civil liability law that extends the definition of "defective products" to include software. These pivotal liability rules hold manufacturers accountable for harm caused by software vulnerabilities, urging them to prioritize cybersecurity and compliance. Here’s how manufactures should think about navigating these new compliance challenges.  The Redefinition of “Defective Products”  The redefinition of "defective products" under the EU software liability directive marks an important shift in ..read more
Visit website
Introducing Veracode Risk Manager: A New Chapter in ASPM Built for Scale
Veracode Security Blog
by Derek Maki@veracode.com (Derek Maki)
3M ago
In a digital world that’s evolving faster than ever, industry landscapes are shifting, and customer needs are becoming more complex. At Veracode, we recognize these fundamental changes in the application security space. That’s why Veracode strategically acquired Longbow Security, now rebranded as Veracode Risk Manager. This pivotal move brings Application Security Posture Management (ASPM) into our suite of offerings, transforming us from a leader in world-class code testing to a comprehensive platform that delivers unified risk management from code to cloud.  Join us as we explore what t ..read more
Visit website
What a 3-Year Plan to Cut Software Risks by 75% Looks Like
Veracode Security Blog
by cwysopal@veracode.com (cwysopal)
4M ago
Organizations face an increasing number of software security threats that can compromise their sensitive data and disrupt business operations. To effectively manage these risks and enhance their security posture, it’s crucial for organizations to adopt modern application risk reduction strategies that not only mitigate potential vulnerabilities but also provide clear, actionable next steps and insights for reporting purposes.  In the journey to mitigate software risks by 75%, the 2024 Forrester Consulting TEI study, commissioned by Veracode, outlines a robust 3-year strategic plan, based ..read more
Visit website
Bringing Veracode Fix to GitHub
Veracode Security Blog
by rhaynes@veracode.com (rhaynes)
4M ago
If you’re an avid reader of Application Security surveys, analyst papers, or incident reports, you may have concluded that the biggest issue most organizations have with application security is NOT finding the flaws in their codebase, but is, in fact, finding ways to remediate them while also creating new applications and updates, oh and keeping the lights on.  Many organizations are drowning in security debt. Worse, every innovation that helps new code get created faster — like AI coding assistants - is just adding to it. What they have been asking us for are more and more ways to accele ..read more
Visit website
Data-driven Strategies for Effective Application Risk Management in 2024
Veracode Security Blog
by cwysopal@veracode.com (cwysopal)
4M ago
Insecure software is significantly impacting our world. In a recent statement, CISA Director Jen Easterly declared: “Features and speed to market have been prioritized against security, leaving our nation vulnerable to cyber invasion. That has to stop... We are at a critical juncture for our national security.”  Our State of Software Security 2024 report explores a key area this trade-off of speed to market prioritized against security has resulted in: security debt. Our data shows that nearly half of organizations have persistent, high-severity flaws that constitute critical security deb ..read more
Visit website

Follow Veracode Security Blog on FeedSpot

Continue with Google
Continue with Apple
OR