Tag Archives: Security

Coding Horrors

From Zack on the Plinky team: Top 25 Most Dangerous Programming Mistakes. Many of these are issues that application security offerings, such as Veracode‘s, can automatically look for.

Tagged , , | Leave a comment

Bringing Security to the Masses

Xconomy did a good write up on Veracode. Matt’s point below is spot on: the only way to address the application security problem is (a) through technology as opposed to people and (b) through easy-to-adopt SaaS solutions as opposed to … Continue reading

Posted in SaaS, startups | Tagged , , | Leave a comment

Steve Jobs: Apple iPhone Opens Up

Here is another great example of a company trying to walk the fine line between an open and a closed value chain ecosystem. From a Steve Jobs letter: Let me just say it: We want native third party applications on … Continue reading

Posted in Apple, iPhone, Mobile | Tagged , , , , | 2 Comments

Top 10 Security Companies

A friend once told me that when the media puts you on a pedestal it is because they want to swing at you with a baseball bat. So it is slightly bittersweet to see Veracode on NetworkWorld‘s list of top 10 IT security … Continue reading

Posted in startups | Tagged , , | 2 Comments

You Are Safe Until You Are Not

ZDNet reports on John Pescatore’s talk at the Gartner Symposiumin SF this week. John is probably the best security analyst at Gartner and an influencer of many a CIO. It’s a good article and there are links to the hype … Continue reading

Posted in Web 2.0 | Tagged , , | Leave a comment

To Find the Danger, This Software Poses as the Bad Guys

Michael Fitzgerald published a nice article on Veracode in NYT today. He gets to the heart of the matter about why the Veracode approach matters. Veracode isn’t the first company to try to automate elements of hacking. Companies like Fortify, … Continue reading

Posted in Uncategorized | Tagged | Leave a comment

Analysis: Automated Code Scanners

One of the best articles I’ve seen on application security analysis. Of course, some of the problem with current approaches are remedied when one takes a binary, SaaS approach and issues are scrubbed for false positives by trained security experts–in … Continue reading

Posted in SaaS, startups | Tagged , , | Leave a comment

SaaS Brings Increased Responsibilities

Software-as-a-service vendors carry the responsibility of taking care of their customers’ data. They must protect it from corruption, loss, and theft. From architecture to operations, it takes careful planning to build a good, scalable SaaS offering. Yesterday, at an RSA … Continue reading

Posted in SaaS | Tagged , | 4 Comments

Best RSA Quote

Saw Chris Darby (Managing Director of In-Q-Tel and ex-CEO of Sarvega and @stake) this morning. We talked about the mess of companies on the exhibit floor. Chris’s comment was: “Many are solving yesterday’s problems with today’s money.” Yup.

Tagged | Leave a comment

RSA Keynotes

It may be the lack of sleep but I’m unimpressed by the keynotes so far this year. Bill Gates + Craig Mundie, MS We’ve made mistakes in the past but now we get it. Acronym overload: SDLC is also Secure … Continue reading

Tagged , | 1 Comment