You've requested...

Understanding Your Open Source Risk

By: Veracode, Inc. View more from Veracode, Inc. >>

If a new window did not open, click here to view this asset.

Download this next:

Developer’s guide to secure coding

By: Veracode

Type: eBook

Today’s cybercriminals have your applications and software in their crosshairs. As a result, delivering secure code has never been more important.

 

But what, exactly, are the common software vulnerabilities you need to know about? How do attackers exploit them? And what should you do to prevent a breach?

 

This 31-page eBook answers all these questions and more, providing a roadmap to secure coding in practice. Topics covered inside include:

 

  • A brief history of hacking
  • 4 key pillars of secure coding
  • How to deliver safer code faster
  • And more

These are also closely related to: "Understanding Your Open Source Risk"

  • Cover

    Download

    Address vulnerabilities during app development

    By: Veracode

    Type: White Paper

    Software development teams operate in high-pressure environments with critical deadlines often leading to rushed development cycles.

    While incorporating security into the development process makes sense in theory, the reality is that in the turmoil of development, security is often the first corner cut to save time.

    By seamlessly integrating into the development workflow and offering AI-driven remediation suggestions, Veracode Fix emerges as a critical tool in the arsenal of application development teams and application security managers.

    Read on to learn more.

  • Cover

    Download

    Your path to a mature AppSec program

    By: Veracode, Inc.

    Type: eBook

    According to a recent Verizon study, almost 40% of observed security incidents and data breaches were the direct result of a cyberattack targeting web applications – but it’s no secret that apps are often the target of today’s threats.

    This e-book, Your Path to a Mature AppSec Program, provides expert guidance to help your organization modernize its AppSec approach – chapters include:

    • An introduction to application security
    • AppSec stages
    • Steps to reach AppSec security
    • & more

    Download the e-book to get started.

Find more content like what you just read:

  • Application security: Understanding how software is protected

    By: Veracode, Inc.

    Type: Resource

    According to a recent report, 76% of all software applications have some sort of a security flaw. Applications are often seen as products in and of themselves, but when they are given sensitive information, it is important that they also be secure. Access the full infosheet to learn more about the current state of application security.

    Download

  • Stop sacrificing innovation for security

    By: Veracode

    Type: eBook

    Application security has evolved significantly over the past few years. Today, organizations are now running daily static scans, weekly dynamic scans, and at least weekly SCA scans. However, this is not just going through the motions. Having security at the front of mind allows teams to reduce risk and build resilience. Read on to learn more.

    Download

  • App Sec Tools Need a Software Supply Chain Security Upgrade.

    By: ReversingLabs

    Type: White Paper

    Learn why traditional application security testing tools alone leave your organization exposed to supply chain attacks — and how software supply chain security tools represent an evolution of traditional application security tools, ensuring end-to-end software security.

    Download

  • How Do Vulnerabilities Get into Software?

    By: Veracode, Inc.

    Type: White Paper

    Despite the best efforts of IT security teams, vulnerabilities in applications are bound to happen. In fact, research shows that 3 out of 4 apps produced by software vendors fail to meet security standards. Download this white paper to discover the 4 most common causes that lead to software vulnerabilities and ensure your readiness.

    Download

  • How to choose the right AppSec vendor/offering

    By: Veracode, Inc.

    Type: Resource

    The application security (AppSec) market is oversaturated with an abundance of options, which can make finding an AppSec vendor/offering best fit for your unique needs a difficult task. Read this infosheet for some expert guidance to help get you started on your AppSec journey.

    Download

  • 3 ways to safeguard your software supply chain

    By: Contrast Security

    Type: eBook

    The massive cyberattack on SolarWinds in 2020 was a wake-up call for organizations years to come to prioritize application security for all parts of their software supply chain. Download this e-book to learn how Contrast aims to help you safeguard your software supply chain from potential cyberattacks in 3 ways.

    Download

  • SAST vs. DAST: What Are the Differences and Why Are They Both Important?

    By: Veracode, Inc.

    Type: Resource

    If you only use SAST, you miss out on detecting critical flaws from open source vulnerabilities and configuration errors. The more application security scan types you employ, the more flaws you uncover. This infographic dives deeper into the differences between SAST and DAST, and establishes the benefits of using both scan types in unison.

    Download

  • Moving beyond traditional AppSec: The growing software attack surface

    By: ReversingLabs

    Type: White Paper

    According to findings from ReversingLabs’ recent study, software supply chain threats rose 1300% between 2021 to 2023. This buyer’s guide to supply chain security analyzes the current state of supply chain attacks and distills the analysis into actionable information you can use to choose an offering. Download now to learn more.

    Download

  • Web-facing applications: Security assessment tools and strategies

    By: TechTarget Security

    Type: White Paper

    Read this expert E-guide to find out how you can properly asses web application threats and the tools your organization can use for protection. Learn how to mitigate likely web application threats and how you can ensure your business is protected.

    Download

  • Navigating the GDPR

    By: Veracode

    Type: White Paper

    Today’s businesses encounter not only rising cyberattacks but also regulations with stringent requirements. To help organizations navigate that challenging landscape, this white paper presents best practices for complying with the EU’s GDPR. Keep reading to unlock insights.

    Download

  • How CM.com improved their application security

    By: Contrast Security

    Type: Case Study

    CM.com has become a global leader in cloud software for conversational commerce that enables businesses to deliver a customized customer experience. By partnering with Contrast Security, CM.com were able to overhaul their application security. Read on to learn more.

    Download

  • OWASP Top Ten: How to keep up

    By: Contrast Security

    Type: eBook

    The newest addition to the OWASP Top Ten was recently published to help organizations assess their application security efforts – but false positives could lead to unnecessary stress. Download now to learn how Contrast’s observability platforms is designed to keep up with the rapidly expanding scope of the OWASP Top Ten.

    Download

  • IDC TechBrief: Interactive Application Security Testing

    By: Contrast Security

    Type: White Paper

    With modern application development operating at break-neck speeds, DevOps teams pressured by deadlines are often forced to compromise security for efficiency’s sake. This white paper examines the benefits of using interactive application security testing to mitigate the security risk and complexities of using DevSecOps. Read on to learn more.

    Download

  • How & Why NIST is Driving SBOM Evolution

    By: ReversingLabs

    Type: eBook

    In December 2020, a supply chain attack on SolarWinds Orion software exposed over 100 private sector entities and 9 Federal agencies to cyber threats. The incident prompted the issuance of Cybersecurity Executive Order 14028. Download this guide and get insight into The National Institute of Standards (NIST) role in the EO.

    Download

  • DevSecOps: A comprehensive guide

    By: Contrast Security

    Type: eGuide

    Read this DevSecOps Buyer’s Guide and get the comprehensive checklist you need to assess, vet, and purchase a DevSecOps platform that delivers accurate, continuous, and integrated security monitoring and remediation.

    Download

  • Supply chain security: 5-part e-book

    By: JFrog

    Type: eBook

    The first step toward defending against supply chain attacks is deepening your understanding of how they work. Enter this e-book, which contains 5 articles about supply chain security. Download the book to discover 5 actions that you can take to level up your security posture – and much more.

    Download

  • What security pros need to know about software development today

    By: Veracode, Inc.

    Type: Resource

    Download this resource to learn about how software development tools and processes changed recently, challenges developers run into while trying to balance these new tools and processes, and what security professionals can do to get developers fully on board with security.

    Download

  • The state of financial institution cyberattacks

    By: Contrast Security

    Type: Research Content

    With cyberattacks increasingly targeting financial institutions, modern bank heists can occur without a hint of noise. This annual report aims to shed light on the cybersecurity threats facing the financial sector, focusing on the changing behavior of cybercriminal cartels and the defensive shift of the financial sector. Read on to learn more.

    Download

  • 34-page report: Software supply chain landscape

    By: JFrog

    Type: Research Content

    To understand the state of the software supply chain landscape in 2024, tap into this 34-page research report.

    Download

  • Web-Facing Applications: Mitigating Likely Web Application Threats

    By: TechTarget Security

    Type: eGuide

    In this expert E-Guide, learn how the increased use of business-centric Web applications has spawned alarming new information security threats. Also inside, uncover tips, tricks, and best practices for making your Web apps more secure – read on to get started.

    Download

  • How to navigate turbulent times in business

    By: Contrast Security

    Type: White Paper

    In the past few years, there have been several significant disruptions to global markets. With events creating uncertainty and fear, and with new technology emerging at a rapid pace, businesses must adapt, grow, and be more resilient than ever before. Read on to learn how to overcome these challenges with an enhanced security posture.

    Download

  • Enterprise Strategy Group: How to secure your development practices

    By: Contrast Security

    Type: ESG Showcase

    This report from primary research and analyst firm Enterprise Strategy Group (ESG) outlines the significant consequences of failing to modernize your application security strategy and provides an actionable roadmap that developers can follow to secure their development practices from the outset.

    Download

  • Security leader’s guide to supply chain security

    By: ReversingLabs

    Type: Research Content

    Over the last 3 years, supply chain attacks rose 1300%. This report is designed to give readers a map with which they can navigate the landscape of software supply chain security, exploring some of the high-level trends in software supply chain threats and how recent attacks provide insight into what’s to come. Read on to learn more.

    Download

  • The DORA act explained

    By: Contrast Security

    Type: White Paper

    The Digital Operational Resilience Act (DORA) went into effect in 2023, but do you know what is required from you to stay compliant? Explore this white paper to find out and learn how Contrast Security helps support DORA regulation.

    Download

  • A guide to continuous software delivery

    By: TechTarget ComputerWeekly.com

    Type: eBook

    Software empowers business strategy. In this e-guide we explore how to deliver new software-powered functionality for continuous business improvement.

    Download

  • Application Security Handbook: Application Security: Managing Software Threats

    By: TechTarget Security

    Type: eBook

    Check out this expert e-book from the editorial team at SearchSoftwareQuality.com to read the following three articles designed to help you address your application security before it's threatened: 'Ten Ways to Build in Security From the Start', 'Secure Your Mobile Apps in Enterprise Integration', and 'How to Boost Your Application Security Savvy'.

    Download

  • DevSecOps delivers better business

    By: TechTarget ComputerWeekly.com

    Type: eGuide

    Firms need to consider the move from DevOps to DevSecOps. This e-guide focuses on the benefits of DevSecOps, paints a picture of the rise of this approach, and explains why using the right DevSecOps tools leads to more secure development. DevSecOps delivers better business, and it's time for you to find out how and why.

    Download

  • Cyber threats on the rise despite economic slowdown

    By: Contrast Security

    Type: White Paper

    When markets become unstable, businesses face uncertainties. This usually means that budgets are tighter, and some business processes may be disrupted. To compound the issue, even if an economic slowdown affects your business, it won’t affect cyber criminals. Read more to learn how to recession-proof your business in uncertain times.

    Download

  • Your 48-page primer to understanding DevSecOps

    By: VMware Tanzu

    Type: eBook

    DevSecOps is about making security an inextricable, if not intrinsic, part of the application lifecycle to support increasingly complex, cloud-native applications. But where do you start? Begin by downloading a copy of this comprehensive DevSecOps for Dummies e-book, in which you’ll find helpful definitions and how-tos.

    Download

  • A Computer Weekly buyer's guide to secure and agile app development

    By: TechTarget ComputerWeekly.com

    Type: eGuide

    As apps become increasingly integral to business operations, the importance of keeping them secure can never be overstated. In this 15-page buyer's guide, Computer Weekly looks at how firms can protect apps from ransomware, why app creation needs to happen at pace, and how to get the right balance between security and coding

    Download

  • ISM Essentials Guide on Cloud and Virtualization Security

    By: TechTarget Security

    Type: Essential Guide

    Moving applications, development and data to the cloud means a new paradigm of IT and security management. You’ll need clear visibility into how data moves outside your organization, where it’s stored and who has access to it. This essential guide from ISM offers expert advice on security around your organization’s cloud computing efforts.

    Download

  • AWS Differences between Active and Passive IAST and how to get the best of both worlds

    By: Contrast Security

    Type: White Paper

    Interactive Application Security Testing (IAST) is a relatively new technology that has caused a lot of confusion for not being clearly explained. This article sets out to clear the air. It will explain:What is IAST?What’s the difference between Active IAST & Passive IAST? Which approach is better for you?Access the paper here.

    Download

  • Software bill of materials (SBOMs) — a critical component of software supply chain security

    By: Tanium

    Type: White Paper

    In November 2022, open-source toolkit developers announced two high-severity vulnerabilities that affect all versions of OpenSSL 3.0.0 up to 3.0.6. How should organizations prepare? One of the most effective tools for finding and addressing

    Download

  • Toughening up web and mobile application security

    By: TechTarget ComputerWeekly.com

    Type: eGuide

    In this e-guide, read more about the best practices for web application security, how to balance app innovation with app security, why API security needs to be part of your defence strategy, and what are the top tools to keep your applications safe, among other trends.

    Download

  • The Monsters in Your Software Supply Chain

    By: ReversingLabs

    Type: White Paper

    Software supply chain attacks are up over 1000%. Are you prepared to confront the monsters that hackers are setting loose in your software supply chain? Download the new white paper to help arm yourself with knowledge and the tools to stay ahead of the modern software attack.

    Download

  • Jargon Buster Guide to Container Security

    By: TechTarget ComputerWeekly.com

    Type: eGuide

    The definitions and articles in this Jargon Buster will help you understand the business benefits of using containers as well as the potential security pitfalls and most importantly, how to avoid them using the correct tools and approaches.

    Download

  • Australia's cybersecurity game plan

    By: TechTarget ComputerWeekly.com

    Type: eGuide

    In this e-guide, find out how the Australian government is tackling cyber security issues head-on, why local businesses continue to fall prey to ransomware and how to mitigate supply chain security risks.

    Download

  • CW ANZ, July 2020: Expert Advice on Security

    By: TechTarget ComputerWeekly.com

    Type: Ezine

    In this handbook, Computer Weekly looks at how organisations in Australia and New Zealand can better protect themselves against evolving cyber threats.

    Download

  • Top trends shaping APAC's tech landscape in 2024

    By: TechTarget ComputerWeekly.com

    Type: eGuide

    While GenAI is not expected to supersede other IT priorities such as cloud, application development and cyber security, it will augment those areas by making it easier to build software and improve cyber resilience. In this round-up, we review some of the key IT trends that are likely to shape the industry across the region in 2024.

    Download

  • E-Guide: Remediating IT vulnerabilities: Expert Tips

    By: TechTarget Security

    Type: eGuide

    This expert E-Guide uncovers 3 quick ways you can remediate IT vulnerabilities and discusses best practices for improved vulnerability management.

    Download

  • 6 key criteria for developer-first secrets scanning solutions

    By: Palo Alto Networks

    Type: White Paper

    Hardcoding secrets enables developers to seamlessly access or authenticate the services needed to build and deploy applications. But those secrets, if not stored securely, present a huge risk. This checklist presents 6 key criteria that you should use when evaluating a potential secrets-scanning solution. Download now to learn more.

    Download

  • Learn application security in a practical way

    By: VMware Tanzu

    Type: eBook

    Application security is a hot topic in the digital-first era. Developers today face more cyber threats than ever before. Because of that, it is critical that all developers continue to enhance their skillset. For those developers who want to learn more about app security, but in a practical way, this eBook is what you need. Read on to learn more.

    Download

  • 5 principles for securing DevOps

    By: Veracode, Inc.

    Type: White Paper

    Integrating security operations into pre-existing DevOps processes can yield numerous business benefits – including a measurable growth in both profit and revenue. Read this whitepaper to unlock the 5 principles of DevSecOps to help you get started.

    Download

  • The Issue With Open-Source Code Utilization

    By: Nexum

    Type: Blog

    Due to ongoing geopolitical events, some individuals have begun to “poison” major open-source projects to try to cause damage. Access this blog article to learn complications with open-source code utilization.

    Download

  • Protecting the IT attack surface while advancing digital transformation

    By: Tanium

    Type: White Paper

    To survive and to thrive, organizations must continue innovating, launching new products and services, and optimizing old ones. As a result, every organization’s attack surface will continue to change and, likely, grow. Learn how business leaders can keep up with these changes in this latest technical deep dive from Tanium experts.

    Download

  • Security and risk management in the wake of the Log4j vulnerability

    By: Tanium

    Type: eBook

    Read this e-book to get a quick refresher on the Log4j vulnerability and its threat, the longer-term issues of software management, compliance risks, and threat hunting — and how security and risk teams should rethink their roles and processes as a result.

    Download

  • Computer Weekly - 3 December 2019: Meet the most influential people in UK technology

    By: TechTarget ComputerWeekly.com

    Type: Ezine

    In this week's Computer Weekly, we reveal our 10th annual list of the 50 most influential people in UK technology, and profile this year's UKtech50 winner, Demis Hassabis, CEO and founder of AI pioneer DeepMind. Also: we examine how continuous software development can improve application security. Read the issue now.

    Download