Breaking News




Source: Veracode.com

May 03, 2018
Policies are a critical part of your application security program; you need them to frame your program, set goals, measure success, and report on progress. But they can also stall your program if they work against, and not with, developer processes and priorities. With the shift to DevOps, and developers working in a faster and more incremental way, it might be a good time to ensure your polic...

We talk a lot about the digital transformations going on around us – about how organizations of every size and shape are transforming how they do business in order to keep pace with customers and competition in a digital world. But we at CA Veracode are undergoing a transformation of our own. We are evolving to ensure our architecture and processes are optimized to meet our customers’ need in ...


Source: Veracode.com

May 01, 2018
Open source components have gone mainstream. With every company undoubtedly becoming a software company, open source and commercial components are a vital element in developing applications at the speed of DevOps. But while they’re a powerful tool for adding features and functionalities to applications in relatively short order, they also introduce remarkable security risks.  reigning-in-ri...


Source: Veracode.com

May 01, 2018
We recently revamped and relaunched our CA Veracode Verified program. To better suit the needs of organizations that are producing and updating apps at DevOps speed, we are moving away from attesting to the security of an application at one point in time, and, rather, attesting to the security of the overall development process of an application. In this way, your prospects and customers can r...

For the second year in a row, CA Veracode has received several accolades from CRN, a brand of The Channel Company and one of the industry’s top sources for news and analysis for the IT channel. CA Veracode’s world-class Partner Program received the 5-Star Rating in CRN’s 2018 Partner Program Guide, and Leslie Bois, vice president, global channels and alliances, was named to its prestigious lis...


Source: Kaspersky (securelist.com)

Apr 26, 2018
News overview In early January, it was reported that an amateur hacker had come close to pulling off a botnet attack using “improvised” materials. Armed with information gleaned from hacker forums, the DIYer created a Trojan using a zero-day exploit in Huawei routers and released it online. The attack was soon nipped in the bud, but the wannabe cybercriminal could not be traced. Other slightly ...

When officials explore the issues surrounding election integrity in the United States, one obstacle tends to frame those discussions: the huge chasm that exists between the technology sophistication of cyber attackers intent on disrupting U.S. elections, and the technology sophistication of the officials who run those elections. Even an attack as low-tech as an email phishing campaign, where a...


Source: Veracode.com

Apr 26, 2018
When you work in the banking industry, security is a part of everything you do. And just as important as protecting the money is protecting the integrity of the software it all flows through. But for us at CAP COM Federal Credit Union (CAP COM), ensuring that we were producing secure code had become a bigger priority. As part of redefining our software development lifecycle (SDLC), CAP COM beg...