Topic: veracode

Report: over 30% of applications contain flaws at first scan

Veracode, provider of modern application security testing solutions, today released the results of the Veracode State of Software Security 2023 report, revealing that flaw build up overtime poses a real issue for many businesses. According to the report, nearly 32% of applications are found to have flaws at the first scan, jumping to almost 70% … continue reading

Veracode expands platform to support container security

Application security company Veracode has announced that its Continuous Software Security Platform now supports container security.  According to Veracode, containers suffer from a lot of the same issues as traditional physical or virtual server hardware. This includes things like poorly managed secrets and security misconfigurations, both of which are addressed by Veracode’s solution.  Veracode also … continue reading

Veracode updates security platform with extended SCA integrations, SBOM API

Veracode has announced that it updated its Continuous Software Security Platform with enhancements like extended integrations for software composition analysis (SCA), an API for creating software bill of materials (SBOMs), and new improved language and framework support for static analysis.  “Modern applications are mostly assembled, not written from scratch,” said Brian Roche, chief product officer … continue reading

New study shows 20x increase in security scan cadence

As security continues to shift left and DevSecOps efforts expand, software security best practices are rapidly evolving. The State of Software Security Report conducted by the application security company Veracode, showed that on average, organizations are running scans on their apps 20 times more than they were just 10 years ago. With this, the report … continue reading

Veracode launches scanning tool to find API vulnerabilities

Veracode launched an advanced scanning tool that enables organizations to find and fix vulnerabilities in APIs.  The new capability leverages Veracode’s Dynamic Analysis (DAST) scanning engine to provide comprehensive security insights and remediation guidance for APIs. “The explosion of APIs means that application development is becoming more fragmented and decentralized in nature, so the attack … continue reading

SD Times news digest: Lightrun’s free Java debugger, Veracode Technology Alliance Program, and Logi Analytics Acquired by insightsoftware

Lightrun announced the release of a free, self-service version of its debugging solution for developers.  With Lightrun Cloud, users can troubleshoot production applications live from within the IntelliJ IDE and debug modern application architectures like containers, microservices and serverless. “Distributed frameworks are the cornerstone of the most interesting cloud-native development use cases today, but all … continue reading

Grants can be modified from the Modify object and Modify user/role dialogs

SD Times news digest: DataGrip 2021.1, Visual Studio Code 1.55, and Veracode Hacker Games winner

The first major release of JetBrains’ database IDE is now available. DataGrip 2021.1 focuses on providing a better user experience and solving pain points for users. Updates include UI for grants, context live templates, ability to edit data in MongoDB, new navigation controls, database explorer, and improvements for unsupported databases.  UI for grants are now … continue reading

SD Times news digest: The Hacker Gamers by Veracode, GrammaTech Shift Left Academy, and Talend to be acquired by Thoma Bravo

Veracode has introduced a secure coding competition, The Hacker Games, which aims to challenge university students to hack and patch real-life apps online to win individual prizes, plus $15,000 in charitable donations for the top universities. “Training around secure coding is almost absent at the university level. We’ve launched The Veracode Hacker Games to help … continue reading

Veracode uncovers the top security issues facing specific programming languages

It’s not enough to keep on top of the most common security issues plaguing software today. Developers should understand exactly what issues are impacting the programming languages they are using. Veracode has released new data that shows the top security flaws affecting .NET, C++, Java, JavaScript, PHP and Python.  “Knowing these trends in application security … continue reading

Veracode Security Labs Community Edition launches to close the security gap

Security company Veracode has announced it will be offering a Security Labs Community Edition as a free-to-use alternative to its Enterprise Edition. This new edition will allow developers to hack and patch real applications, allowing them to learn new tactics and best practices in a controlled, safe environment. The company had recently partnered with Enterprise … continue reading

‘Security debt’ focus of 2019 State of Software Security report

In 2011, Marc Andreessen wrote an article in the Wall Street Journal that included the now-famous phrase “software is eating the world.” Eight years on, that statement rings truer than ever. It’s not a stretch to say that software is eating the cybersecurity world as well. The fallout from not integrating security early in the … continue reading

Veracode finds DevSecOps teams are a key component to reducing security debt

Software security company Veracode has revealed that organizations should use DevSecOps as a way to reduce security debt. Similar to technical debt, security debt occurs when flaws age and accumulate without getting fixed. In their 10th annual State of Software Security (SOSS) report, the company revealed that many of the flaws discovered 10 years ago … continue reading

DMCA.com Protection Status