Application Security & Software Security Blog

Six key findings from the ‘DevSecOps Practices and Open Source Management in 2020’ report

Synopsys surveyed 1,500 IT professionals working in cyber security to analyze the DevSecOps practices used to address open source vulnerability management.

Gazing into the crystal ball: A look at 2021 software security predictions

Experts share their 2021 software security predictions about DevSecOps adoption, the risks of social engineering and ransomware, cloud adoption, and more.

Fuzzing Bitcoin with the Defensics SDK, part 1: Create your network

This is the first part of a two-part advanced technical tutorial that describes how you can use the Defensics SDK to set up your own Bitcoin network.

Configure security tools for effective DevSecOps

Managing security vulnerabilities and false positives is a challenge in today’s DevSecOps environment. Configure the right tools correctly to avoid overload.

AppSec Decoded: The consequences of insecure IoT devices

Watch the latest video in our AppSec Decoded series to learn why manufacturers should consider building security into their IoT devices.

20/20 hindsight shows that foresight wasn’t 20/20

In a year marked by unprecedented challenges, we revisit the 2020 cyber security predictions to see which projections held up and which ones didn’t.

Four requirements for open source vulnerability management in a DevOps environment

Most applications contain open source code, which can expose companies to risks if left unchecked. Make the most of your open source vulnerability management with the right approach and tooling.

Automotive threat analysis and risk assessment method

The TARA method provides risk evaluation, assessment, treatment, and planning for identified risks. Learn how to apply this method to the ISO SAE 21434 standard.

Can your security keep pace in a DevOps environment?

There’s a growing need for both security and speed in application development. DevSecOps introduces security earlier in the SDLC to ensure secure code.