A Hard Look at Software Security
Activity Overview
Episode publication activity over the past year
Episodes
Ep. 6, S2: Frequency matters: the case for scanning early and often, part 2
23 Jan 2020
Contributed by Lukas
Security debt – which is defined as aging and accumulating flaws in software -- is a lot like credit card debt. You can throw money at the balance, ...
Ep. 5, S2: Frequency matters: the case for scanning early and often, part 1
23 Jan 2020
Contributed by Lukas
The latest Veracode State of Software Security report reveals that scanning early, often, and steadily helps you fix more flaws faster while not contr...
Ep. 4, S2: AppSec grows up
23 Jan 2020
Contributed by Lukas
AppSec awareness has grown in a decade. In Veracode’s State of Software Security report, Volume one, most of the conversation was around trying to e...
Ep.3, S2: Unresolved flaws: security debt grows deeper
23 Jan 2020
Contributed by Lukas
The average number of days to fix software flaws was at 59 days in the first Veracode State of Software report from ten years ago. Today, it’s jumpe...
Ep. 2 S2: Security debt across sectors: behind the numbers
23 Jan 2020
Contributed by Lukas
According to the latest State of Security Software report from Veracode, the retail industry has the lowest average number of unaddressed security fla...
Ep. 1, S2: What’s behind most security debt
23 Jan 2020
Contributed by Lukas
Security debt - defined as aging and accumulating flaws in software - is emerging as a significant pain point for organizations across industries. I...
How Can A Security Champion Help Your Development Team?
05 Apr 2019
Contributed by Lukas
A security champion serves as the voice of the developer while satisfying the needs of the business from a security perspective. In this episode we di...
Flaw Fix Rates Are Low - How Can They Be Improved?
12 Mar 2019
Contributed by Lukas
In this episode we discuss the latest findings on flaw fix rates in enterprises. Chris Eng, Vice President of Research, Veracode, offers perspective o...
Open Source Components Continue to Thwart Enterprises
26 Feb 2019
Contributed by Lukas
In this episode, we’ll discuss why enterprises still struggle with the occurrence of vulnerable open source components within their software - and w...
Building a Security-first Culture Starts with Coding
26 Feb 2019
Contributed by Lukas
In this episode, we learn about changes in application security and the partnership between development and security. Chris Wysopal, Chief Technology ...
Data Supports DevSecOps Practices
29 Jan 2019
Contributed by Lukas
In this episode, we will look at the emergence of DevSecOps in the enterprise. Tim Jarrett, Senior Director of Product Marketing with Veracode, joins ...
The State of Software Security is Still a Challenge
03 Jan 2019
Contributed by Lukas
In the first episode of the series, we are joined by Chris Eng, Vice President of Research at Veracode. We’ll detail highlights of the Veracode Stat...