- Silicon Design & Verification
- Silicon IP
- Software Integrity
- About Us
- Silicon Design & Verification Products
- Solutions
- Resources
- Services
- Community
- Training
- Silicon IP Products
- Solutions
- Resources
- Services
- Community
- Software Integrity
- Tools & Services
- Training & Education
- Solutions
- Resources
- Support
- Partners
- About Us
< Silicon Design & Verification Products
< Silicon Design & Verification Products
< Silicon Design & Verification Products
< Silicon Design & Verification Products
3D Image Processing
Simpleware Products
Simpleware for Life Sciences
Simpleware for Materials & Manufacturing
< Silicon Design & Verification Products
< Silicon Design & Verification Products
< overview
Silicon Design & Verification Products
+
Design
+
System Simulation & Modeling
+
Verification Continuum
+
3D Model Generation
+
Silicon Engineering
+
Optical Solutions
< Solutions
< Solutions
< Solutions
< Resources
< Resources
< Resources
< overview
< Services
< Services
< Services
< Community
Community
Community Overview
< Community
< Community
< Community
< Community
< Community
< Community
< Community
< overview
Community
+
Community
+
SNUG
+
Partners
+
EmbARC.org
+
Interoperability
+
Academic Programs
+
Company Blogs
+
BSIMM
< Training
< overview
< main menu
< Silicon IP Products
< Silicon IP Products
Memories & Libraries
Logic Libraries
Memory Compliers
Duet Packages
HPC Design Kit
Embedded Test & Repair
Non-Volatile Memory
< Silicon IP Products
< Silicon IP Products
Processor Solutions
ARC Processor IP
Embedded Vision Processor IP
Development Tools
Operating Systems
Ecosystem
ASIP Tools
< Silicon IP Products
< Silicon IP Products
< Silicon IP Products
< Silicon IP Products
< Silicon IP Products
< overview
Silicon IP Products
+
Interface IP
+
Memories & Libraries
+
Analog IP
+
Processor Solutions
+
IP Subsystems
+
Security IP
+
Market Segments
+
IP Accelerated
+
SoC Infrastructure IP
< Solutions
< Resources
< Services
< Services
< Services
< Community
Community
Community Overview
< Community
< Community
< Community
< Community
< Community
< Community
< Community
< overview
Community
+
Community
+
SNUG
+
Partners
+
EmbARC.org
+
Interoperability
+
Academic Programs
+
Company Blogs
+
BSIMM
< overview
Software Integrity
< Tools & Services
< Tools & Services
Professional Services
Strategy and Planning (BSIMM)
Architecture & Design
DecSecOps Integration
Cloud Security
Industry Solutions
< Tools & Services
Open Source Audits
< overview
< Training & Education
< Training & Education
Product Education
< overview
< Solutions
< Solutions
< Resources
< Resources
< Support
< Support
Contact Support
< Partners
< main menu
Software Integrity
+
Software Integrity
+
Tools & Services
+
Training & Education
+
Solutions
+
Resources
+
Support
+
Partners
< About Us
< About Us
< About Us
< About Us
< About Us
< About Us
Software Integrity
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Facing off with Google, Snap out of it, and Password protection. Watch this week’s episode taped live at Black Hat USA 2018. Inside Google’s plan […]
Security researchers Jonathan Butts and Billy Rios wanted to make it clear at the beginning of their presentation. “The benefits of implanted medical devices outweigh the risks (for most people),” read one of their opening slides. But they probably wouldn’t have been doing a session at Black Hat titled “Understanding and Exploiting Implanted Medical Devices” […]
Any effort to overhaul the cyber security of connected medical devices is likely to take considerable time and energy. Given that many of them are made to last decades, securing them while they’re in use can make turning an ocean liner look positively nimble. Still, the announcement last month by the Federal Food and Drug […]
Google’s famous “Don’t be evil” motto got a corollary this week at Black Hat from Parisa Tabriz, director of engineering for the company’s Project Zero: “Do things better.” “We have a responsibility to do things better. Computer security is becoming the security of the world,” she said during her Wednesday morning keynote in Mandalay Bay’s […]
We keep hearing that privacy is dead. But there is a good chance that a lot of us still aren’t aware of just how dead. So this week Synopsys presented codenomi-con, in connection with the Black Hat conference in Las Vegas, offering reminders about that reality in both government and the private sector. At the […]
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Lock the vote (election insecurity), “Spamalot” returns for a second act, and SamSam hits a grand slam as a heavy ransomware hitter. Electoral trust meets […]
When we released Black Duck 4.4, we announced the creation of our own Black Duck Security Advisories (BDSAs). BDSAs offer a more complete and in-depth view of your vulnerabilities. Since then, many of our customers have reached out with various questions. I’m here to provide a brief overview of some of the differences between standard NVD […]
NetSpectre sounds like it could be Spectre on steroids. Then again, it sounds like it could be more like a lab mutation of probably the most serious design flaw in CPUs (central processing units) or computer chips in a generation – interesting, but not much of a threat in the real world. At least not […]
It’s fair to say that regardless of where you live, assuming you have democratic elections, you want your vote to count—without any form of external influence or tampering. It’s also fair to say that until the most recent election cycle, for many Americans, election tampering was pretty low on their list of things to worry […]
On July 25, on his blog Krebs on Security, Brian Krebs covered a flaw in how LifeLock processed “unsubscribe” information related to its marketing activities. For those unfamiliar with LifeLock, it is a subsidiary of Symantec offering identity monitoring and protection services in the U.S. market. Brian outlined an issue impacting recipients of LifeLock marketing material […]
Subscribe via Email
Get the latest Software Integrity news, thought leadership, and more.
Categories
- Agile Methodology
- Application Security
- Automotive Security
- Black Duck by Synopsys
- Blockchain Security
- CI/CD
- CISO
- Cloud Security
- Code Review
- Containers
- Cryptography
- Customer Success
- Data Breach
- DevOps
- DevSecOps
- Dynamic Analysis (DAST)
- eLearning
- Embedded Software Testing
- Ethical Hacking
- Featured
- Financial Services Security
- Fuzz Testing
- GDPR
- Government Security
- Healthcare Security
- Industrial Control System Security
- Infographic
- Insider Threat Detection
- Insurance Provider Security
- Interactive Application Security Testing (IAST)
- Internet of Things
- JavaScript Security
- Legal
- Maturity Model (BSIMM)
- Medical Device Security
- Mobile Application Security
- Network Security
- Open Source Governance
- Open Source Licenses
- Open Source Security
- OWASP
- Penetration Testing
- Privacy
- Red Teaming
- Runtime Application Self-Protection (RASP)
- Secure Coding Guidelines
- Security Architecture
- Security Conference or Event
- Security Metrics
- Security Risk Assessment
- Security Standards and Compliance
- Security Training
- Smart Grid Security
- Software Architecture and Design
- Software Composition Analysis
- Software Development Life Cycle (SDLC)
- Software Quality
- Software Security Program Development
- Software Security Testing
- Software Testing Optimization
- Static Analysis (SAST)
- Synopsys Culture
- Threat Intelligence
- Threat Modeling
- Uncategorized
- Vendor Risk Management
- Vulnerability Assessment
- Web Application Security
- Weekly Security Mashup
Archives