- Silicon Design & Verification
- Silicon IP
- Software Integrity
- About Us
- Silicon Design & Verification Products
- Solutions
- Resources
- Services
- Community
- Training
- Silicon IP Products
- Solutions
- Resources
- Services
- Community
- Software Integrity
- Tools & Services
- Training & Education
- Solutions
- Resources
- Support
- Partners
- About Us
< Silicon Design & Verification Products
< Silicon Design & Verification Products
< Silicon Design & Verification Products
< Silicon Design & Verification Products
3D Image Processing
Simpleware Products
Simpleware for Life Sciences
Simpleware for Materials & Manufacturing
< Silicon Design & Verification Products
< Silicon Design & Verification Products
< overview
Silicon Design & Verification Products
+
Design
+
System Simulation & Modeling
+
Verification Continuum
+
3D Model Generation
+
Silicon Engineering
+
Optical Solutions
< Solutions
< Solutions
< Solutions
< Resources
< Resources
< Resources
< overview
< Services
< Services
< Services
< Community
Community
Community Overview
< Community
< Community
< Community
< Community
< Community
< Community
< Community
< overview
Community
+
Community
+
SNUG
+
Partners
+
EmbARC.org
+
Interoperability
+
Academic Programs
+
Company Blogs
+
BSIMM
< Training
< overview
< main menu
< Silicon IP Products
< Silicon IP Products
Memories & Libraries
Logic Libraries
Memory Compliers
Duet Packages
HPC Design Kit
Embedded Test & Repair
Non-Volatile Memory
< Silicon IP Products
< Silicon IP Products
Processor Solutions
ARC Processor IP
Embedded Vision Processor IP
Development Tools
Operating Systems
Ecosystem
ASIP Tools
< Silicon IP Products
< Silicon IP Products
< Silicon IP Products
< Silicon IP Products
< Silicon IP Products
< overview
Silicon IP Products
+
Interface IP
+
Memories & Libraries
+
Analog IP
+
Processor Solutions
+
IP Subsystems
+
Security IP
+
Market Segments
+
IP Accelerated
+
SoC Infrastructure IP
< Solutions
< Resources
< Services
< Services
< Services
< Community
Community
Community Overview
< Community
< Community
< Community
< Community
< Community
< Community
< Community
< overview
Community
+
Community
+
SNUG
+
Partners
+
EmbARC.org
+
Interoperability
+
Academic Programs
+
Company Blogs
+
BSIMM
< overview
Software Integrity
< Tools & Services
< Tools & Services
Professional Services
Strategy and Planning (BSIMM)
Architecture & Design
DevSecOps Integration
Cloud Security
Industry Solutions
< Tools & Services
Open Source Audits
< overview
< Training & Education
< Training & Education
Product Education
< overview
< Solutions
< Solutions
< Resources
< Resources
< Support
< Support
Contact Support
< Partners
< main menu
Software Integrity
+
Software Integrity
+
Tools & Services
+
Training & Education
+
Solutions
+
Resources
+
Support
+
Partners
< About Us
< About Us
< About Us
< About Us
< About Us
< About Us
Software Integrity
Tineola: Taking a bite out of enterprise blockchain
September 24, 2018
Fuzzing Bitcoin with the Defensics SDK, part 1: Create your network
September 19, 2018
Let’s write more CodeXM checkers (second-stage ignition)
September 16, 2018
What is IAST? Interactive application security testing is an emerging technology that is transforming the way organizations secure their web apps at the speed of DevOps. IAST automatically and continuously scans apps during QA testing to detect security vulnerabilities earlier in the SDLC than traditional DAST or pen testing solutions—when it’s easier, faster, and cheaper […]
This article was originally published in Forbes. I hate to say I told you so…well, actually, like most people, I love to say I told you so. I’m just willing to admit it. Because the state of software security a year after the catastrophic data breach of Equifax became public, basically confirms what I wrote last October: […]
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Dude, don’t take my Tesla! Plus Tor Browser zero-day (already wiped away), and you’ve got malware (if you fall for it!). Watch this week’s episode […]
Open source is the foundation of most modern applications. However, left untracked, open source can put containerized applications at risk of known vulnerabilities such as Heartbleed and CVE-2017-5638 found in Apache Struts. Tracking open source can be difficult in containerized production environments, which pose new challenges to application security. Organizations need visibility into the open […]
Synopsys is well-known for our software integrity portfolio: integrated testing tools, managed services, professional services, and developer education. But products, services, and training aren’t all we offer. We also perform hundreds of Black Duck On-Demand open source audits every year. And all that audit data fuels the open source security research and vulnerability analysis we […]
The Internet of Things is all around us. But it doesn’t stop there—now it’s inside us too. As the era of “connected everything” explodes, so does the use of network-connected medical devices. These interconnected devices, ranging from hospital imaging equipment to implantable pacemakers to infusion pumps, help healthcare providers and patients in a variety of […]
Hacking Security is a monthly podcast on emerging trends in application security development. What is Hacking Security? Episode 1 covers how we came up with the name “Hacking Security.” Why did we decide on this name? Take five minutes to learn more, or read the transcript below. Follow Steve Giguere on Twitter Read Steve Giguere’s […]
This article was originally published in Forbes. The cybersecurity of connected medical devices—notoriously poor for decades—should finally start to improve. That is genuinely good news. But it is tempered by the reality that it will not happen quickly. The long-overdue change is coming thanks to the federal Food and Drug Administration’s (FDA) announcement in June that it […]
All systems are go. We have liftoff. Let’s write some CodeXM. If you’ve read the previous two posts, you should come away with a sense that writing a CodeXM checker isn’t rocket science. Let’s put that to the test. In order to get this hands-on experience, you should have access to an installed version of […]
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? CamuBot malware is the new kid on the block, the sounds of hacking (SonarSnoop), and back to the government’s wish for chat backdoors. Watch this […]
Subscribe via Email
Get the latest Software Integrity news, thought leadership, and more.
Categories
- Agile Methodology
- Application Security
- Automotive Security
- Black Duck by Synopsys
- Blockchain Security
- CI/CD
- CISO
- Cloud Security
- Code Review
- Containers
- Cryptography
- Customer Success
- Data Breach
- DevOps
- DevSecOps
- Dynamic Analysis (DAST)
- eLearning
- Embedded Software Testing
- Ethical Hacking
- Featured
- Financial Services Security
- Fuzz Testing
- GDPR
- Government Security
- Hacking Security
- Healthcare Security
- Industrial Control System Security
- Infographic
- Insider Threat Detection
- Insurance Provider Security
- Interactive Application Security Testing (IAST)
- Internet of Things
- JavaScript Security
- Legal
- Maturity Model (BSIMM)
- Medical Device Security
- Mobile Application Security
- Network Security
- Open Source Governance
- Open Source Licenses
- Open Source Security
- OWASP
- Penetration Testing
- Privacy
- Red Teaming
- Runtime Application Self-Protection (RASP)
- Secure Coding Guidelines
- Security Architecture
- Security Conference or Event
- Security Metrics
- Security Risk Assessment
- Security Standards and Compliance
- Security Training
- Smart Grid Security
- Software Architecture and Design
- Software Composition Analysis
- Software Development Life Cycle (SDLC)
- Software Quality
- Software Security Program Development
- Software Security Testing
- Software Testing Optimization
- Static Analysis (SAST)
- Synopsys Culture
- Threat Intelligence
- Threat Modeling
- Uncategorized
- Vendor Risk Management
- Vulnerability Assessment
- Web Application Security
- Weekly Security Mashup