Telemarking failurers can be extended...

Some marketing agency from the UK called me to peddle Veracode. Of course, I tell them to get lost. 20min later I again get a call from the same agency, but different phone number and voice from a different ethnicity.
How hard is it to understand I taold them to get lost the first time?
Veracode went on my "Do Never Ever Buy" list. With the second call the made sure I'll post the info everywhere and up in the corporate chain.

#telemarketers #telemarketing #veracode

New insights from Veracode’s CISO Sohail Iqbal on how attackers infiltrate CI/CD pipelines and escalate inside runtime environments using stolen tokens, API keys, and misconfigurations.

Full interview:
https://www.technadu.com/how-hackers-slip-into-pipelines-and-stay-undetected-the-quiet-risks-hidden-in-your-software-supply-chain/614248/

#AppSec #Veracode #CyberSecurity #CICD #ThreatDetection #SupplyChainSecurity

@Piloot Overigens gebruiken wij daar #Veracode en #Renovate voor. De eerste zorgt ervoor dat de pipeline omvalt bij een vulnerability en de tweede maakt automatisch merge requests aan om je dependencies up te graden.

Nou hebben ze me ooit ingehuurd als #Java developer die ook ops mocht gaan doen, maar for some reason is ons team nagenoeg volledig ops geworden.

Gelukkig mocht ik laatst wat lelijke #Cucumber-tests met dynamisch aangemaakte #WireMock stubs all over the place fixen. Daarvoor had ik een analyse-utility geschreven en ik had en passant het buildscript gereshuffled zodat #Veracode er niet meer 20 minuten over deed. Ik heb geleerd dat het geen #ScopeCreep is zolang je het maar #BoyScoutRule noemt. 😁

Veracode unravels 12-layer npm attack to find RAT https://www.developer-tech.com/news/veracode-unravels-12-layer-npm-attack-find-rat/ #veracode #malware #javascript #developers #coding #programming #infosec #opensource #security #tech #news #technology

This week they want do a PoC with #VeraCode and #GitHub

How that will be more cheap than #GitLab Ultimate price?

I had created a report in which I evaluated all missing features from GitHub that need to be contracted to compensate GitLab Ultimate.

Values from GitLab was $570K year, versus $1.04M-$2.35M(value depends on the 3rd party tool)

The total is based on 600 licenses.

Waarom checkt #Veracode mijn pom? 🤔

Dus dan schrijf je software. Die software maakt gebruik van dependencies. In die dependencies kunnen vulnerabilities zitten. En dan zeg je in je dependency management: doe eens even de juiste versie van die transitive dependency gebruiken. En dus komt alleen de juiste versie in mijn JAR terecht. En dan zegt Veracode: check, die zie ik, maar ik leid uit je pom ook nog eens een impliciete versie van diezelfde dependency af. En die is vulnerable. Foei. 🤨

Security products like #veracode need to stop forcing customers to follow outdated password requirements.

Encore Edition: Veracode CEO Sam King on Infosec’s Leaky Talent Pipeline - Women are more than 50% of the population, but barely 20% of the information security workforce. Why... https://feeds.feedblitz.com/~/646418110/0/thesecurityledger~Encore-Edition-Veracode-CEO-Sam-King-on-Infosec%e2%80%99s-Leaky-Talent-Pipeline/ #womenintheworkforce #womenshistorymonth #womanexecutive #cybersecurity #companies #diversity #spotlight #business #podcasts #veracode

Holiday Shopping Craze, COVID-19 Spur Retail Security Storm - Veracode's Chris Eng discusses the cyber threats facing shoppers who are going online due to the p... https://threatpost.com/holiday-shopping-covid-19-retail-security/160550/ #vulnerabilities #holidayshopping #amazonprimeday #onlineshopping #retailsecurity #retailsoftware #websecurity #blackfriday #cybermonday #podcasts #covid-19 #magecart #pandemic #veracode #podcast #retail #target

Open source libraries a big source of application security flaws - How many vulnerabilities lurk inside the open source libraries that today’s developers happily bor... more: https://nakedsecurity.sophos.com/2020/05/27/open-source-libraries-a-big-source-of-application-security-flaws/ #developmentlibraries #opensourcebugs #vulnerability #veracode

70 Percent of Mobile, Desktop Apps Contain Open-Source Bugs - A lack of awareness about where and how open-source libraries are being used is problematic, resea... more: https://threatpost.com/70-of-apps-open-source-bugs/156040/ #securityvulnerabilities #mostrecentthreatlists #percentageofapps #vulnerabilities #mobilesecurity #appsecurity #opensource #codereuse #libraries #thereport #veracode #bugs #iot