|
|
|
|
|
|
by miohtama
860 days ago
|
|
|
Veracode is a compliance solution, not a security solution. You buy it to have it as an insurance when your software gets hacked due to poor software engineering and you leak identities of millions of people. You can claim that “we had a process in place for secure software development” no matter if the tool does something useful or not. CISO and CEO do not get fired, users cannot sure, life goes on. To use such compliance solution may be also top-down requirement like in the case of SolarWinds after they caused the hacking of the half of the US government: https://investors.solarwinds.com/news/news-details/2023/Sola... |
|
|