Software Integrity

A 2015 Gartner report estimated that 25% of Global 2000 organizations would be using DevOps and Agile development practices as part of their mainstream strategies by the close of 2016. Our experience with Synopsys customers confirms this prediction has come true. In Agile development, passes through the software development life cycle (SDLC) occur more often […]

Continue Reading...

When I worked as a developer many years ago, we followed the waterfall software development life cycle (SDLC). My focus was always on satisfying functional or business requirements and implementing newer technical capabilities. Deployment happened once every 1 or 2 months. Huge monolithic applications were deployed over a weekend, with almost half the company on […]

Continue Reading...

  “In the face of more rapid iterative and agile design and development efforts, the time required becomes even more precious. It’s not hard to understand why even the most well-intentioned manager will make the pragmatic decision to skip the effort, or pay it lip service.” -Gartner Testing tools help meet the challenges Automation is […]

Continue Reading...

Months back, I called outright for the removal of “A7: Insufficient Attack Protection” from the OWASP Top 10. The OWASP Top 10 team recently published a second release candidate (RC2) for OWASP Top 10 2017—and A7, which was in RC1, is conspicuously absent. So is the Top 10 fixed? My argument to remove A7 was […]

Continue Reading...

Coverity Scan’s impact on open source software (OSS) is both extensive and largely unacknowledged. Since its inception, Scan has enabled developers to fix over 600,000 defects across some of the most important projects in open source. As part of that effort, it has also helped improve the maturity of the software development practices of active […]

Continue Reading...

I recently began the process of college planning with my daughter. For most parents, selecting a degree with a solid career track is of the utmost importance. With the rising cost of tuition and the changing landscape of our global workforce, choosing the right career path is imperative. Today more and more young people are […]

Continue Reading...

Nordic IT Security is the key meeting place for the brave new world of IT security. On November 7, 2017, at the upcoming premier security conference, Synopsys’ Michael White presents an actionable and inspiring talk on how to enhance security measures throughout the software development life cycle (SDLC). What to expect at the Nordic IT […]

Continue Reading...

Last week’s news introduced us to another pair of vulnerabilities hitting right at the foundation of everything we place our trust in. Named KRACK and ROCA, these flaws target specific facets of Wi-Fi networks and cryptographic keys, meaning that attackers can potentially sneak into networks we consider private, and decipher things we consider secret. Who’s affected? […]

Continue Reading...

WPA2? The weekend of Friday the 13th took a frightening turn—even for those of us who aren’t superstitious—when detrimental weaknesses were discovered in Wi-Fi Protected Access II (WPA2), the protocol responsible for securing Wi-Fi networks. WPA2 was first made available back in 2004 and has been required on all Wi-Fi branded devices since March 2006. […]

Continue Reading...

What happened and what can we learn? There’s been some very big news in the cryptographic world this week. So far, several technology news sites have highlighted the impact of a new vulnerability on Estonian and Slovakian smartcards, but the reach of this vulnerability is far wider than that. Five security researchers have just announced […]

Continue Reading...