Expert(s):
EMEA CTOfeature_status*/ ?>
Veracode

Comments Dotted : 4
January 28, 2021

Data Privacy Protection Day (Thursday 28th) – Experts Comments
Data protection takes on new challenges in 2021 with the rapid adoption of new technologies.

Data protection takes on new challenges in 2021 with the rapid adoption of new technologies such as containers, microservices, and serverless functions. These technologies offer major business benefits in terms of automation, cost and scale, as well as rendering the logic to build and configure infrastructure as code (IaC). As IaC becomes the norm, infrastructure becomes immutable, paving the way for greater consistency, reliability and predictability. 

 

While IaC makes it easier to develop

.....Read More

Data protection takes on new challenges in 2021 with the rapid adoption of new technologies such as containers, microservices, and serverless functions. These technologies offer major business benefits in terms of automation, cost and scale, as well as rendering the logic to build and configure infrastructure as code (IaC). As IaC becomes the norm, infrastructure becomes immutable, paving the way for greater consistency, reliability and predictability. 

 

While IaC makes it easier to develop apps, businesses need to be wary of potential security risks associated with IaC and not assume these new technologies are secured as standard by the vendors that provide them. To ensure data is protected, businesses must prioritise application security regardless of the infrastructure on which their apps are built. Since the introduction of GDPR in 2018, a reported total of €272m has been levied in fines by European data protection authorities. These fines have the potential to increase as the number of ways to violate the data protection rules multiply, so employing secure coding best practices from the outset is paramount.

  Read Less
December 21, 2020

Cyber Security Predictions 2021: Experts’ Responses
They will need to focus less on the security of the operating system and runtime environment and more on the application layer.

If 2020 has taught us anything, it is that a business is only as agile as its infrastructure, proving how much we depend on cloud-native technologies. With infrastructure becoming increasingly immutable, I predict we’ll see the impact of this specifically as it relates to the rise of cloud-native technologies and infrastructure as code. Both of these trends offer major business benefits in terms of automation, cost, scale, and security.

 

As companies continue to outsource their infrastructure

.....Read More

If 2020 has taught us anything, it is that a business is only as agile as its infrastructure, proving how much we depend on cloud-native technologies. With infrastructure becoming increasingly immutable, I predict we’ll see the impact of this specifically as it relates to the rise of cloud-native technologies and infrastructure as code. Both of these trends offer major business benefits in terms of automation, cost, scale, and security.

 

As companies continue to outsource their infrastructure to third parties and pivot their focus to consuming services, they will need to focus less on the security of the operating system and runtime environment and more on the application layer. Furthermore, as infrastructure turns into code, the better "choke point" to scan for infrastructure vulnerabilities becomes the code rather than servers in production.

  Read Less
November 23, 2020

Expert Comment On UK Government’s Cyber Investment
It is therefore essential that application security is closely considered as part of this investment.
The notable increase in UK military investment, particularly in cyber defense and automation, is a positive milestone in the government’s growing commitment to addressing new and emerging threats. Given the current technology skills shortage, especially in security – only five undergraduate computer science degrees are certified by the UK’s NCSC for cybersecurity content – it’s clear more needs to be done to prepare for and mitigate the impact of cybersecurity attacks. Both users and.....Read More
The notable increase in UK military investment, particularly in cyber defense and automation, is a positive milestone in the government’s growing commitment to addressing new and emerging threats. Given the current technology skills shortage, especially in security – only five undergraduate computer science degrees are certified by the UK’s NCSC for cybersecurity content – it’s clear more needs to be done to prepare for and mitigate the impact of cybersecurity attacks. Both users and the creators of software will benefit from the investment, which could stimulate the economy through the creation of 40,000 new jobs. There’s no shortage of security flaws to be fixed in the applications we use every day. We know from our Veracode State of Software Security research, for example, that 76% of apps have at least one security flaw. It is therefore essential that application security is closely considered as part of this investment, ensuring people are equipped with the skills, tools, and technology to create software that is robust from the outset. To transform itself, the British military could follow the same way as its European peers as military organisations such as the German Army (Bundeswehr) are relying on open-source software. Using open-source and proprietary software carries both risks and benefits. Application security pioneer Veracode’s recent SoSS report has shown, there is an alarming number of security flaws in the applications that we use every day, proving that a large focus on cybersecurity, and also on improving the technology skills shortage, is imperative.  Read Less
January 27, 2020

Cybersecurity Experts Weigh In On Jan. 28 Data Privacy Day
By shifting security left, developers are able to fix vulnerabilities faster and more effectively.
Many businesses today are software-driven and they are conscious of the role software security plays in keeping data protected. There is a greater need to ensure security is a core part of the software development process going forward. As a new data-driven decade commences, businesses should empower developers by training them on best practices in secure coding and providing the tools to enable them to find and fix vulnerabilities in their software. We know that unresolved vulnerabilities.....Read More
Many businesses today are software-driven and they are conscious of the role software security plays in keeping data protected. There is a greater need to ensure security is a core part of the software development process going forward. As a new data-driven decade commences, businesses should empower developers by training them on best practices in secure coding and providing the tools to enable them to find and fix vulnerabilities in their software. We know that unresolved vulnerabilities that pile up over time, also known as security debt, can leave organisations exposed to data breaches. Hackers will continue to look for weak points at the application layer, which is still the predominant threat vector. By shifting security left, developers are able to fix vulnerabilities faster and more effectively, improving an organisation’s overall security and ultimately better protecting sensitive data. Across Europe, more businesses are learning that they are able to adopt application security without stifling innovation.  Read Less