SEARCH RESULTS
 
Showing 1-10 of 11 records
 
Expand article

Scrawlr: Are We Being Too Greedy?

2008-06-25 16:19:45 by Chris Eng in Zero in a bit
 
...veracode.com/blog/?p=111&foo=1 http://www.veracode.com/blog/?p=111&foo=2 http://www.veracode.com/blog/?p=111&foo=3 Or, does it mean that it will really only crawl 1500 pages total, so if I have the same link 1500 times on the front page, it wont go any further? Either way, for most smaller websites this is probably fine. If you need more...
 
Tags: sql injection, sql injection scanners, sql injection vulnerabilities, blind, blind sql injection, scrawlr, tool, free tool, mass attacks
 
 
 
 
Expand article

Show 023 - An Interview with Chris Wysopal

The Article has images The Article has audio podcast
2008-02-19 16:41:13 by rmacmich in The Silver Bullet Security Podcast
...Veracode and author of The Art of Software Security Testing . Chris was one of the seven original members of the L0pht hacker collective (operating under the hacker handle Weld Pond) and later went on to work for @stake. Gary and Chris reminisce about L0pht (and the warehouse full of stuff) and discuss the role of security researchers now...
 
Tags: chris wysopal, chris, l0pht heavy industries, l0pht, software security, software security market, chris reminisce, chris wikipedia entry, l0pht hacker collective
 
 
 
 
Expand article

Funny Code Review Cartoon

2008-02-06 00:07:23 by mcurphey in Mark Curphey - SecurityBuddha.com
 
http://www.veracode.com/blog/?p=77
 
Tags: comblog, p77, veracode
 
 
 
 
Expand article

What If All Vulnerabilities Had This Disclosure Timeline?

2008-02-07 02:08:33 by Chris Wysopal in Zero in a bit
 
...Veracodes Vendor SecurityReview service works. Customers that are concerned about the security of software they are purchasing use Veracode as a 3rd party assessment service. We will contact the vendor and have them upload their software binary executable to our portal. We analyze the software and deliver a detailed report of the security...
 
Tags: vulnerability finders, vulnerability, vulnerability exists, heap overflow vulnerability, gleg realplayer vulnerability, gleg customer, customer, gleg, exploit code
 
 
 
 
Expand article

New Unit of Reviewed Code Quality

The Article has images
2008-02-05 16:14:53 by Chris Wysopal in Zero in a bit
Now I can finally tell my non-technical friends and family what Veracode does. We offer a globally accessible, on-demand automated version of WTF reporting. However since our technology is automated we report quality in kiloWTF/sec
 
Tags: non-technical friends, report quality, on-demand, version, offer, veracode, kilowtfsec, wtf, technology
 
 
 
 
Expand article

Not a CISSP

The Article has images
2008-04-18 14:36:41 by Chris Eng in Zero in a bit
...Veracode (we booth babes have responsibilities, you know So, why indeed? The long answer is that like many security certifications, its an ineffective measure of a security professionals practical abilities. Employers and customers often assume the guy with the five magic letters on his resume is technically superior to the guy without. In my...
 
Tags: cissp, cissp certification, security, cissp button, network security, information security, security career, career, cissp title
 
 
 
 
Expand article

Veracode offers app testing service

2008-04-25 00:00:00 by HASH0x8b54c44 in Network World on Security
 
Corporates worried about the nasty security holes that might lie under the surface of their expensively-assembled applications are being offered a new code testing service
 
Tags: nasty security holes, service, surface, applications, lie, code
 
 
 
 
Expand article

Why Do I Attend BlackHat?

2008-06-26 18:33:51 by Chris Eng in Zero in a bit
 
...Veracode employees Trading war stories Picking up vendor schwag for my kids (RSA is much better for this one Meeting current and former customers and future ones, hopefully Things I could do without The cigarette smoke The heat Quarks Ive stuck around for DEFCON a couple times in the past, but I dont anymore. I fly out Friday morning or...
 
Tags: blackhat, attend blackhat, attend, blackhat time, time, topic, future veracode employees, alan shimels topic, future
 
 
 
 
Expand article

Security Briefing: July 2nd

The Article has images
2008-07-02 13:20:43 by Dave Lewis in Liquidmatrix Security Digest
...Veracode HSBC sites vulnerable to XSS flaws, could aid phishing attacks | ZDNet HMRC goes cap-in-hand to Americans for help with fraud | The Independent Tags: News , Daily Links , Security Blog , Information Security , Security News
 
Tags: encourage internet competition, internet, security news, news, hsbc sites vulnerable, web browsers prevalent, governments top hackers, security pro portal, north america
 
 
 
 
Expand article

Poor security quality in software. Someone is watching over me.

The Article has images
2008-07-30 14:51:49 by Chris Wysopal in Zero in a bit
...Veracode are beginning to give software buyers an automated method of evaluating assurance levels of software. While not complete in and of themselves, these solutions are, as I stated, sparks that can help us progress down paths that were once not easily open to us As for the larger issue of cyber security, which software assurance is only a...
 
Tags: software, approach insecure software, insecure software, repeatable software security, secure online environment, environment, secure, secure software, software assurance