Veracode, provider of modern application security testing solutions, today released the results of the Veracode State of Software Security 2023 report, revealing that flaw build up overtime poses a real issue for many businesses. According to the report, nearly 32% of applications are found to have flaws at the first scan, jumping to almost 70% … continue reading
Application security company Veracode has announced that its Continuous Software Security Platform now supports container security. According to Veracode, containers suffer from a lot of the same issues as traditional physical or virtual server hardware. This includes things like poorly managed secrets and security misconfigurations, both of which are addressed by Veracode’s solution. Veracode also … continue reading
Veracode has announced that it updated its Continuous Software Security Platform with enhancements like extended integrations for software composition analysis (SCA), an API for creating software bill of materials (SBOMs), and new improved language and framework support for static analysis. “Modern applications are mostly assembled, not written from scratch,” said Brian Roche, chief product officer … continue reading
As security continues to shift left and DevSecOps efforts expand, software security best practices are rapidly evolving. The State of Software Security Report conducted by the application security company Veracode, showed that on average, organizations are running scans on their apps 20 times more than they were just 10 years ago. With this, the report … continue reading
Veracode launched an advanced scanning tool that enables organizations to find and fix vulnerabilities in APIs. The new capability leverages Veracode’s Dynamic Analysis (DAST) scanning engine to provide comprehensive security insights and remediation guidance for APIs. “The explosion of APIs means that application development is becoming more fragmented and decentralized in nature, so the attack … continue reading
Lightrun announced the release of a free, self-service version of its debugging solution for developers. With Lightrun Cloud, users can troubleshoot production applications live from within the IntelliJ IDE and debug modern application architectures like containers, microservices and serverless. “Distributed frameworks are the cornerstone of the most interesting cloud-native development use cases today, but all … continue reading
The first major release of JetBrains’ database IDE is now available. DataGrip 2021.1 focuses on providing a better user experience and solving pain points for users. Updates include UI for grants, context live templates, ability to edit data in MongoDB, new navigation controls, database explorer, and improvements for unsupported databases. UI for grants are now … continue reading
Veracode has introduced a secure coding competition, The Hacker Games, which aims to challenge university students to hack and patch real-life apps online to win individual prizes, plus $15,000 in charitable donations for the top universities. “Training around secure coding is almost absent at the university level. We’ve launched The Veracode Hacker Games to help … continue reading
It’s not enough to keep on top of the most common security issues plaguing software today. Developers should understand exactly what issues are impacting the programming languages they are using. Veracode has released new data that shows the top security flaws affecting .NET, C++, Java, JavaScript, PHP and Python. “Knowing these trends in application security … continue reading
Security company Veracode has announced it will be offering a Security Labs Community Edition as a free-to-use alternative to its Enterprise Edition. This new edition will allow developers to hack and patch real applications, allowing them to learn new tactics and best practices in a controlled, safe environment. The company had recently partnered with Enterprise … continue reading
In 2011, Marc Andreessen wrote an article in the Wall Street Journal that included the now-famous phrase “software is eating the world.” Eight years on, that statement rings truer than ever. It’s not a stretch to say that software is eating the cybersecurity world as well. The fallout from not integrating security early in the … continue reading
Software security company Veracode has revealed that organizations should use DevSecOps as a way to reduce security debt. Similar to technical debt, security debt occurs when flaws age and accumulate without getting fixed. In their 10th annual State of Software Security (SOSS) report, the company revealed that many of the flaws discovered 10 years ago … continue reading
