%term

The Devil's in the Dependency: Data-Driven Software Composition Analysis

Oct 8, 2020 By Veracode In Veracode

We all know that lurking within even the most popular open source packages are flaws that can leave carefully constructed applications vulnerable. In fact, 71% of all applications contain flawed open source libraries, many (70.7%) coming from downstream dependencies which might escape the notice of developers. Using graph analytics and a broad data science toolkit, we untangle the web of open source dependencies and flaws and show the best way for developers to navigate this seemingly intractable game of whack-a-mole.

View Video

Veracode

Read more about The Devil's in the Dependency: Data-Driven Software Composition Analysis

Install Veracode for VS Code to Run Greenlight Scans

Sep 30, 2020 By Veracode In Veracode

In this video, you will learn how to install the Veracode for VS Code extension. The Veracode for VS Code extension is available from the Visual Studio Marketplace. Greenlight finds security defects in your code in seconds so you can fix the findings directly in your IDE. Veracode for VS Code is an extension to Visual Studio Code, which performs a Veracode Greenlight scan at the file level, and supports JavaScript, TypeScript, and C#.

View Video

Veracode

Read more about Install Veracode for VS Code to Run Greenlight Scans

Black Box Testing: What You Need to Know

Sep 24, 2020 By Patricia Johnson In Mend

Today’s software development life cycle includes a variety of quality and security testing techniques at every stage. Frequent testing throughout the DevOps pipeline is imperative considering the ever-increasing pace of development. One of the most common testing methods that companies use to ensure the products they are pushing out are secure and high-quality is black box testing.

Read Post

Mend

Read more about Black Box Testing: What You Need to Know

Veracode Overview

Sep 11, 2020 By Veracode In Veracode

View Video

Veracode

Read more about Veracode Overview

Red Team testing explained: what is Red Teaming?

Sep 2, 2020 By Nick Cavalancia In AT&T Cybersecurity

In the world of cybersecurity preparedness, there are a variety of strategies organizations large and small can take to help protect their networks and data from cyber-attacks. One such strategy involves an organization testing its own environment for security vulnerabilities. But because security weaknesses come in different forms, it’s necessary to have a focused security team that comprehensively searches for vulnerabilities that go beyond simple risk assessments.

Read Post

AT&T Cybersecurity

Read more about Red Team testing explained: what is Red Teaming?

How to Understand the Software Supply Chain

Sep 2, 2020 By Veracode In Veracode

The software supply chain can come with great risk if you’re not set up with the right processes, solutions, and tools, as well as the right checks and balances for third-party vendors. What Will You Learn? The entire development process, from ideation to creation and even the tools you have in place, can stall if there are security issues in your software supply chain. Without the right infrastructure in place, that can mean problems for your CI/CD and, down the road, the applications your customers rely on.

View Video

Veracode

Read more about How to Understand the Software Supply Chain

Application Security Testing: Security Scanning Vs. Runtime Protection

Aug 27, 2020 By Julie Peterson In Mend

The application layer continues to be the most attacked and hardest to defend in the enterprise software stack. With the proliferation of tools aimed at preventing an attack, it’s no wonder the application security testing market is valued at US 4.48 billion. Forrester’s market taxonomy breaks up the application security testing tools market into two main categories: security scanning tools and runtime protection tools.

Read Post

Mend

Read more about Application Security Testing: Security Scanning Vs. Runtime Protection

Create and Manage API Users in the Veracode Platform

Aug 24, 2020 By Veracode In Veracode

In this video, you will learn how to configure an API service account in the Veracode Platform. To be able to access the Veracode APIs, you must either have a user account or API service account with the required user roles for performing specific API tasks. Before you can configure these two account types, you must log into the Veracode Platform using an account with the Administrator role or Team Admin role. A user account with the required role permissions can access the Results XML API, Upload XML API, and the Mitigation and Comments XML API.

View Video

Veracode

Read more about Create and Manage API Users in the Veracode Platform

New Data Reveals How AppSec Is Adapting to New Development Realities

Aug 3, 2020 By Hope Goslin In Veracode

In today’s fast-paced world, companies are racing to bring new, innovative software to market first. In order to keep up with the speed of innovation, many organizations are shifting toward DevSecOps. DevSecOps brings security to the front of the software development lifecycle, allowing for both fast deployments and secure applications.

Read Post