We recently released volume 11 of our annual State of Software Security (SOSS) report, which analyzes the security activity and history of applications Veracode scanned during a one-year period. Giving us a view of the full lifecycle of applications, that data tells us which languages and vulnerabilities to keep an eye on, and how factors like scanning frequency can impact your remediation time.

Imagine that you are in an elevator in a high rise building when suddenly the elevator starts to plummet with no apparent stopping mechanism other than the concrete foundation below. While this may sound like something from a Hollywood movie, consider the idea that a securely tethered, fully functional elevator is as vulnerable as it is smart.

Industry: Healthcare Employees: 244 HQ Location: San Diego, CA Keely Strong, Director of Operations Complex problems, like delivering high quality mental health services during a pandemic, require creative thinking. Foresight Mental Health began at the intersection of ingenuity and necessity: changing the way people interact with and think about mental health care by creating accessibility through the use of insurance plans and increasing provider availability.

We are about to enter the most wonderful time of the year. As consumers increasingly turn towards online and mobile commerce, are you confident in your card-not-present fraud detection capabilities? 2020 has been a year of great surprise and change. While the global health pandemic has changed how we physically interact with each other, it has also revolutionized how we shop.

In a year marked by unprecedented challenges, we revisit the 2020 cyber security predictions to see which projections held up and which ones didn’t. ’Tis the season. No, we’re not talking about the holidays—Thanksgiving, Hanukkah, Kwanzaa, Christmas, and others. In the world of cyber, ’tis the season for speculation. Every year around this time, experts dust off their crystal balls and tell us what to expect in the coming year.

Ransomware has been the scourge of cybersecurity and may have led to a recent death. Now it soon may get way more dangerous The threats to cybersecurity are constantly evolving. As security teams develop solutions to the threats, malicious actors change their tactics to keep chasing their ill gotten gains. After all, the Game is the Game. And the game keeps changing. In recent years, ransomware has been the weapon of choice for hackers looking for a payday.

For an organization to be compliant with PCI logging requirements, it must follow PCI Requirement 10 of the Payment Card Industry Data Security Standards (PCI DSS). Below, we’ve listed the highlights of this section and the important details that you need to know.

From containerized workloads to microservice architectures, developers are rapidly adopting new technology that allows organizations to scale their products at unprecedented rates. In order to make sense of these complex deployments, many teams are abstracting applications away from the environments in which they run. Because of this trade-off, developers and security teams lose the access to the unified context from infrastructure to application needed to fully secure their services.

Software containers are at the heart of cloud-native business transformation initiatives. Containers are a natural evolution from virtual machines to a more granular and portable application environment in clouds. They are designed to support rapid development and deployment of cloud-native applications in what is called a DevOps model, a set of practices that combines software development and IT operations.

In part 1 of this blog series on Kubernetes and cloud native application data protection, we addressed The need for Data Protection for Containerized Applications. In part 2 of this blog series, we go through.