What You Need to Know About OpenSSL-3.0.7
OpenSSL released version 3.0.7 with security fixes for High Severity vulnerabilities CVE-2022-3786 & CVE-2022-3602 discussed here. Here's how to know if you're affected and what to do if you are.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Application Security
The latest News and Information on Application Security including monitoring, testing, and open source.
Why an SBOM Strategy is Essential Worldwide
Join Veracode and Cybeats as they engage in a discussion breaking down all of the details from creation to strategies around SBOMs.
New OpenSSL Critical Vulnerability: What to Know and How to Fix | Synopsys
Understand what steps your organization needs to take now to prepare for the upcoming patch to address OpenSSL’s critical security vulnerability on Nov 1.
Why Security is Central to Citizen Experience Part 3: A Helping Hand from the Private Sector
Building trust in government is both my passion and part of my character. Last year, when I found myself contemplating my next career move, I knew that I wanted to be at an innovative company devoted to rebuilding trust in federal agencies. It didn’t take long for me to realize that Veracode and I were a perfect fit. Immediately I saw how the company’s mission and innovative application-security technology aligned with my values.
Why Security is Central to Citizen Experience Part 2: The Changing Cyber Landscape of Government
Throughout my career, I’ve seen a lot of change in the realm of cybersecurity. Whether in private- or public-sectors, from pre- to post-pandemic, I’ve witnessed the struggles of agencies coming to terms with digital transformation and cybersecurity. What I’ve found is that federal agencies are expected to keep pace with their civilian counterparts while abiding by mandates to add an extra layer of security to digital operations.
Why Mitigate Flaws to Manage Risk: Advice from an Application Security Consultant
Documenting flaws that you don't prioritize today will save you time should they become high-severity flaws in the future. Here's the best way to approach them. The topic of mitigations is a commonplace source of questions and discussion for our Application Security Consulting group.
Snyk Customer Story: GoodLeap
David Barker, Head of Application Security at GoodLeap explains how how fast and easy it was for his team to roll out Snyk and why the ideal relationship between security and engineering teams is collaborative.
Meticulous Prep and Planning-A Linchpin of Modern AppSec Programs
This is the second of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. Be sure to look out for our upcoming blogs on each of the five principles. It’s no exaggeration to say that IT and application security teams from all organizations are facing a perfect storm.
Despite Lowest Software Flaw Frequency, Manufacturing's Fix Times Lag and Create Ransomware Risk
In 2021, manufacturing became cybercriminals’ most targeted industry as a surge in global ransomware attacks disrupted manufacturing operations and exacerbated supply chain woes. This put even more pressure on manufacturing organizations that were already feeling the heat. Recognizing that ransomware attacks can stem back to software vulnerabilities, many manufacturers are exploring ways to strengthen their software security programs.
AppSec Decoded: DevSecOps in a post-pandemic world | Synopsys
In this episode of AppSec Decoded, recorded live at RSA 2022 in San Francisco, cybersecurity experts Natasha Gupta, security solutions manager at Synopsys, and Taylor Armerding, security advocate at Synopsys, discuss pandemic-accelerated improvements in DevSecOps.