Three Ways to Align with the White House’s Cybersecurity Recommendations
The global pandemic and more recent geo-political events have brought an even greater focus on the threat of cyber attacks on individuals …
Security Trends
Unifying Security and Development
The responsibility of training developers in secure coding best practices usually falls on security practitioners. Security practitioners …
A Look Back at the Executive Order on Cybersecurity
It has officially been one year since the release of the Biden administration’s Executive Order on Cybersecurity, which outlines security …
What Is Software Supply Chain Security?
Most software today isn’t developed entirely from scratch. Instead, developers rely on a range of third-party resources to create their …
Coded for Safety
Ready to secure government applications? Start with Zero …
NASCIO and the Challenge of Cybersecurity
My name is Claire Bailey, the Vice President of Government Affairs at Veracode. My team recently asked me to describe technology policy, …
Testing OWASP’s Top 10 API Security Vulnerabilities (Part 1)
Application Programming Interface (API) attacks are set to become one of the most prevalent cyberattacks with a broad target range. By …
Spring4Shell Vulnerability vs Log4Shell Vulnerability
On March 29, 2022, details of a zero-day vulnerability in Spring Framework (CVE-2022-22965) were …
Shifting Log4j Discovery Right
You hear a lot about shifting your application security (AppSec) left – in other words, shifting AppSec to the beginning of the software …
SQL Injection in Today’s Landscape
What is SQL injection? A SQL injection flaw allows for an attacker to modify or inject SQL syntax into the request to make the application …
3 Critical Software Development Security Trends and Best Practices
It seems as if we’re encountering new cyber threats every day — and the severity of their impact is growing. We now routinely deal with …
Announcing the 12th Volume of Our State of Software Security Report
The 12th volume of our annual State of Software Security (SOSS) report is now live! Rather than examining a single year of activity …
Champion Spotlight: Damian Sniezek
This interview was cross-posted from the Veracode Community. With his third consecutive championship in the Secure Coding Challenge – the …