Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Software Liability Comes to the EU: Navigating New Compliance Challenges

The European Union has taken a significant step by introducing a directive to update the EU’s civil liability law that extends the definition of "defective products" to include software. These pivotal liability rules hold manufacturers accountable for harm caused by software vulnerabilities, urging them to prioritize cybersecurity and compliance. Here’s how manufactures should think about navigating these new compliance challenges.

Introducing Veracode Risk Manager: A New Chapter in ASPM Built for Scale

In a digital world that’s evolving faster than ever, industry landscapes are shifting, and customer needs are becoming more complex. At Veracode, we recognize these fundamental changes in the application security space. That’s why Veracode strategically acquired Longbow Security, now rebranded as Veracode Risk Manager.

Revolutionizing Risk Management in Application Security

In our hyper-connected reality, software applications are the unsung heroes of business operations. But, let's face it, with great tech comes great vulnerability to cyber shakedowns and data leaks. This begs the question: “Is scanning enough to manage risk?” Organizations are playing a high-stakes game of keeping their apps secure to safeguard their secrets.

What a 3-Year Plan to Cut Software Risks by 75% Looks Like

Organizations face an increasing number of software security threats that can compromise their sensitive data and disrupt business operations. To effectively manage these risks and enhance their security posture, it’s crucial for organizations to adopt modern application risk reduction strategies that not only mitigate potential vulnerabilities but also provide clear, actionable next steps and insights for reporting purposes.

Bringing Veracode Fix to GitHub

If you’re an avid reader of Application Security surveys, analyst papers, or incident reports, you may have concluded that the biggest issue most organizations have with application security is NOT finding the flaws in their codebase, but is, in fact, finding ways to remediate them while also creating new applications and updates, oh and keeping the lights on. Many organizations are drowning in security debt.

Celebrating Five Years as a Customers' Choice in Application Security Testing

We are thrilled to announce that, thanks to your support and trust, Veracode has been recognized as a Customers' Choice in the 2024 Gartner Peer Insights Voice of the Customer for Application Security Testing for the fifth consecutive year! We believe this distinction is not just a testament to our solutions and services but, more importantly, a reflection of the strong partnerships we have formed with each of you.

Breaking Down the OWASP Top 10 API Security Risks 2023 (& What Changed From 2019)

The OWASP Top Ten lists have been the cornerstone for application security best practices for over two decades. The 2019 list was the first edition of the OWASP API Security Top 10. The latest, OWASP API Security Top 10 2023, gives our security and engineering teams a glimpse of attack vectors that are becoming more common. With that in mind, it also helps our security teams to ensure that they have adequate coverage for security testing.

Leveraging ASPM for Maximum Impact: A Security Leader's Guide

For assessing and reporting on the risks associated with your applications, you know you need Application Security Posture Management (ASPM). However, this quickly evolving space has many variables that security leaders may not realize. Here’s how you can elevate your security strategy by optimizing ASPM tools in a way that minimizes risks, enhances operational efficiency, and builds a robust security-aware culture in your organization.

Two New IDE's get Veracode Scan

We're happy to announce two new Veracode Scan products: Veracode Scan for Eclipse and Veracode Scan for Visual Studio. Building on the success and adoption of Veracode Scan in Visual Studio Code, IntelliJ, PyCharm, and Rider, we're releasing versions for Eclipse and Visual Studio. Now the power of Veracode’s outstandingly accurate Static Application Scanning is avaialble two of the most widely used and customer-requested IDE’s.

Automating Security Workflows with DAST Essentials

In today's digital landscape, developers face mounting pressure to deliver secure applications within tight deadlines. But with faster release cycles, it becomes challenging to prioritize security. Security testing needs to work and scale within your DevOps speed and release frequency. Web applications are highly targeted assets, accounting for 40% of breaches within organizations, according to the Verizon Data Breach Investigations Report.