December 2021

Review API Scanning Prescan Results

Dec 22, 2021 By Veracode In Veracode

In this video, you will learn how to review Dynamic Analysis prescan scan results for an API specification. After creating and submitting a Dynamic Analysis API specification scan, you can return to the list of Dynamic Analyses at any time to check for status updates and to view results. Please note, you must have the Creator, Reviewer, or Security Lead role to be able to view the results of a Dynamic Analysis, unless the results are linked to a Veracode application profile for which you have permission to view.

View Video

Veracode

Read more about Review API Scanning Prescan Results

Review API Scanning Results

Dec 22, 2021 By Veracode In Veracode

In this video, you will learn how to review Dynamic Analysis scan results for an API specification. After creating and submitting a Dynamic Analysis API specification scan, you can return to the list of Dynamic Analyses at any time to check for status updates and to view results. Please note, you must have the Creator, Reviewer, or Security Lead role to be able to view the results of a Dynamic Analysis, unless the results are linked to a Veracode application profile for which you have permission to view.

View Video

Veracode

Read more about Review API Scanning Results

Looking ahead to 2022

Dec 20, 2021 By Veracode In Veracode

Claire Bailey and Neal Byrd talk through a few exciting things happening in the world of Veracode in 2022.

View Video

Veracode

Read more about Looking ahead to 2022

Part 4: Using Veracode From the Command Line in Cloud9 IDE

Dec 18, 2021 By Clint Pollock In Veracode

It’s Clint Pollock, principal solutions architect, here for the final lesson in the four-part series on how to use Veracode from the command line in the Cloud9 IDE to submit a software composition analysis (SCA) scan and a dynamic scan. To start, if you’re looking to leverage the Veracode API signing docker image with the Veracode rest APIs, go to the Help Center, go to the Rest API section, and take a look at the available options.

Read Post

Veracode

Read more about Part 4: Using Veracode From the Command Line in Cloud9 IDE

The Good, the Bad, and The Ugly: Understanding the API Security Top 10 List

Dec 17, 2021 By Jared Carlson In Veracode

The Open Web Application Security Project (OWASP) is a nonprofit organization with the purpose to help secure software. They provide data that can give engineering and security teams a better idea of where the most common risks may lie. The 2021 OWASP Top 10, released in November 2021, lists the most critical web application security risks. But OWASP also maintains the API Security Top 10 project which was last updated in 2019. Each category is ranked based on the frequency and severity of the defect.

Read Post

Veracode

Read more about The Good, the Bad, and The Ugly: Understanding the API Security Top 10 List

2022 software security predictions that should be on your radar

Dec 16, 2021 By Taylor Armerding In Synopsys

To paraphrase the familiar yuletide song, in the world of IT this is “the most speculative time of the year.” True, tying predictions to the regular calendar may be a bit out of sync for much of the business and government world—the federal fiscal year begins on Oct. 1, and here at Synopsys we say Happy First Quarter on Nov. 1. But we all still celebrate the new year on New Year’s Day.

Read Post

Synopsys

Read more about 2022 software security predictions that should be on your radar

Security Update: Log4j.2.x Vulnerability

Dec 13, 2021 By Veracode In Veracode

Chris Wysopal, founder and CTO, Veracode, Brian Roche, Chief Product Officer, and Mansi Sheth, Senior Principal Security Researcher chat through the Log4j.2.x vulnerability.

View Video

Veracode

Read more about Security Update: Log4j.2.x Vulnerability

SECURITY NOTICE: Log4j.2.x NEWS

Dec 10, 2021 By Veracode In Veracode

Is the Log4j Zero-Day RCE (CVE-2021-44228) vulnerability affecting you? Check out this quick chat with Chris Wysopal and Giuseppe Trovato to learn more about this new #vulnerability and what it could mean for you.

View Video

Veracode

Read more about SECURITY NOTICE: Log4j.2.x NEWS

How to Scale Developer Security Using Snyk (Demo)

Dec 9, 2021 By Snyk In Snyk

Emerging cloud-native technologies have shifted and expanded the scope of AppSec as we know it. Digital transformation and scale now hinges on developers’ ability to build and deploy rapidly – and doing so securely. Snyk’s developer security platform is designed to work like a developer tool – making it not only easy to find issues but to fix them quickly. In this recorded webinar, Jim Armstrong walks through a demo to show how developers can secure their proprietary code, open source libraries, container images, and infrastructure as code deployments.

View Video

Snyk

Read more about How to Scale Developer Security Using Snyk (Demo)

Part 3: Using Veracode From the Command Line in Cloud9 IDE

Dec 2, 2021 By Hope Goslin In Veracode

In part three of a four-part series, Clint Pollock, principal solutions architect at Veracode, details how to use Veracode from the command line in the Cloud9 IDE to submit a software composition analysis (SCA) scan. Check out the video and step-by-step instructions below. It’s Clint Pollock, principal solutions architect, back again for part three of our four-part series on using Veracode from the command line in Cloud9 IDE.

Read Post

Veracode

Read more about Part 3: Using Veracode From the Command Line in Cloud9 IDE

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

December 2021

Review API Scanning Prescan Results

Review API Scanning Results

Looking ahead to 2022

Part 4: Using Veracode From the Command Line in Cloud9 IDE

The Good, the Bad, and The Ugly: Understanding the API Security Top 10 List

2022 software security predictions that should be on your radar

Security Update: Log4j.2.x Vulnerability

SECURITY NOTICE: Log4j.2.x NEWS

How to Scale Developer Security Using Snyk (Demo)

Part 3: Using Veracode From the Command Line in Cloud9 IDE

Monthly Archive

Follow Us