Things we learned from the Log4j vulnerability.

In this video, you will learn how to upload, update, and delete API specifications using the API Specification Management tab in the Veracode Platform. This tab is a feature of Dynamic Analysis API Scanning.

In this video, you will learn how to review Dynamic Analysis prescan scan results for an API specification. After creating and submitting a Dynamic Analysis API specification scan, you can return to the list of Dynamic Analyses at any time to check for status updates and to view results. Please note, you must have the Creator, Reviewer, or Security Lead role to be able to view the results of a Dynamic Analysis, unless the results are linked to a Veracode application profile for which you have permission to view.

In this video, you will learn how to review Dynamic Analysis scan results for an API specification. After creating and submitting a Dynamic Analysis API specification scan, you can return to the list of Dynamic Analyses at any time to check for status updates and to view results. Please note, you must have the Creator, Reviewer, or Security Lead role to be able to view the results of a Dynamic Analysis, unless the results are linked to a Veracode application profile for which you have permission to view.

Claire Bailey and Neal Byrd talk through a few exciting things happening in the world of Veracode in 2022.

Chris Wysopal, founder and CTO, Veracode, Brian Roche, Chief Product Officer, and Mansi Sheth, Senior Principal Security Researcher chat through the Log4j.2.x vulnerability.

Is the Log4j Zero-Day RCE (CVE-2021-44228) vulnerability affecting you? Check out this quick chat with Chris Wysopal and Giuseppe Trovato to learn more about this new #vulnerability and what it could mean for you.

This video shows how to integrate Veracode’s Static Analysis solution to automate scans and consume results in the GitHub platform.

Traditionally Veracode Dynamic Analysis has targeted applications with a Web user interface. But increasingly, web applications are composed of many small microservices, many of which have Representational State Transfer (REST) interfaces with which the UI layer communicates. With API scanning, you can now scan the APIs of your microservices earlier in the software development process, before they are integrated into a web application.

Chris Wysopal, Veracode Chief Technology Officer and Co-Founder, recently sat down to discuss the open source supply chain attack on the popular NPM repository. Below is the transcript and corresponding video of his reaction.