Breaking News



For the first time since 2013, the Open Web Application Security Project (OWASP) has updated its top 10 list of the most critical application security risks. According to OWASP, the 2017 OWASP Top 10 is a major update, with three new entries making the list, based on feedback from the AppSec community. The OWASP Top 10 is an influential and widely used AppSec standard – lots of organizations r...


Source: Veracode.com

Nov 18, 2017
We recently hosted Gloria Larson, the President of Bentley University and one of Boston Magazine's “50 Most Powerful People,” at CA Veracode to talk about diversity with a specific focus on women in business. Our General Manager Sam King and Gloria had a discussion about: President Larson’s career and experience, culminating in her current leadership role The data on diversity in business The...


Source: Ars Technica Security RSS

Nov 18, 2017
Enlarge (credit: Flickr user: Ivan T) When a company like Microsoft needs to fix a security flaw in one of its products, the process is normally straightforward: determine where the bug lies, change the program's source code to fix the bug, and then recompile the program. But it looks like the company had to step outside this typical process for one of the flaws it patched this Tuesday. Inst...


Source: Kaspersky (securelist.com)

Nov 17, 2017
Introduction The festive holiday shopping season, which covers Thanksgiving, Black Friday and Cyber Monday in late November as well as Christmas in December, now accounts for a significant share of annual sales for retailers, particularly in the U.S., Europe and APAC. Those selling clothing, jewellery, consumer electronics, sports, hobbies and books can make around a quarter of their sales duri...


Source: Veracode.com

Nov 17, 2017
CA Veracode is pleased to announce a completely redesigned, significantly faster mobile application security scanner for iOS, and mobile behavioral analysis for iOS and Android applications. Our new iOS scanner and mobile behavioral analysis technology combine to give you faster, more thorough mobile scanning results. Faster scan times, plus a unified view of results in the CA Veracode platfor...

Background In early October, a story was published by the Wall Street Journal alleging Kaspersky Lab software was used to siphon classified data from an NSA employee’s home computer system. Given that Kaspersky Lab has been at the forefront of fighting cyberespionage and cybercriminal activities on the Internet for over 20 years now, these allegations were treated very seriously. To assist any ...


Source: Veracode.com

Nov 16, 2017
You wouldn’t be very effective if you didn’t prioritize your to-do list. Treating “prep for board meeting tomorrow” and “organize in-box” with the same level of urgency would slow you down at best, seriously impact your job performance at worst. Similarly, neglecting to prioritize your application security “to-do list” will slow your progress, or prevent it altogether. Even the best applicatio...

You never want to be the developer that wrote and submitted vulnerable code into production, especially if it leads to a data breach. Yet, in many organizations that have adopted DevOps practices, application security testing is shifting left into development. It’s far faster to catch and fix security flaws while you’re coding, than trying to go back and fix everything at the end of the proces...