Software code governance is a large part of mitigating risks. Discover how this strategy can proactively establish policies or thresholds around code quality and security, test against these policies early in the project lifecycle, and control risk through better visibility into areas of risk in the project or in the supply chain. 

The latest edition of the Application Usage and Risk Report (Spring 2010) covers a sample size that has grown more than 15 fold to 347 and is truly global. Since the Spring 2008 Report, the number of applications Palo Alto Networks identifies has grown to nearly 1,000 with nearly 750 of them found during the six month period. 

When organizations fail to comply with regulations, they can face costly fines. It is no surprise, then, that organizations rank achieving compliance as a top priority in order to avoid the overwhelming cost of noncompliance. Learn about an approach that helps effectively manage compliance activities. 

In a recently-released State of Software Security featured supplement, Veracode examines the software security posture of public companies and the material risks they face due to the weaknesses in their software applications. This webinar uses Veracode data to examine how public companies manage the risks inherited from software. 

This white paper explains a structured way to manage requirements and how risk-based requirements and quality management are inseparable from the larger process of managing the planning, test and release of a software system. 

Many of the risks of moble devices are similar to those of traditional spyware, Trojan software, and insecurely designed apps. However, mobile devices are not just small computers. They are designed around personal and communication functionality which makes the top mobile applications risks different from the top traditional computing risks. 

Risk is a function of the likelihood that a potential vulnerability will be exploited, and the resulting impact of that exploitation. In IT systems, risk can be introduced from the internet, servers, networks, malicious insiders, and even lapses in physical security. This whitepaper provides IT risk management best practices. 

Analysts Clive Longbottom and Rob Bamforth offer advice on managing IT assets more effectively. 

This Cyber Risk Report aims to provide your organization the security intelligence you need to better understand modern day threats, know where to allocate your limited resources, and thwart potential risks. 

Business continuity planning and IT security management are increasingly becoming a critical part of enterprise-wide risk management and business resilience frameworks. This report explores how the shift towards more holistic risk management is affecting the day-to-day work for business continuity planners, IT risk managers and security executives. 

This overview of the 2010 IBM Global IT Risk Study uncovers the challenges associated with IT risk, and the steps IT managers and CIOs are taking to better understand, confront and resolve this concern. 

Though most organizations have invested considerable time and effort in improving their endpoint risk management processes, many of them are ill-equipped to handle the myriad of third-party applications that are increasingly introducing the most risk into today’s IT environment. Read this white paper to learn more. 

The State of Software Security is a semi-annual report that draws on continuously updated information in Veracode’s cloud-based application risk management services platform. Unlike a survey, the data comes from actual code-level analysis of billions of lines of code and thousands of applications.