Software Integrity Blog

World’s top hackers meet at the first 5G Cyber Security Hackathon

Our Defensics R&D team put a couple of Synopsys tools to the test in the 5G Cyber Security Hackathon in Oulu, Finland, and placed in both of their competitions.

Continue Reading...

Open source for lawyers: Challenges of open source use

Open source is widespread because it’s easy to use. But it comes with unique security challenges, and poor open source management can be a costly liability.

Continue Reading...

Biggest 2019 data breaches: Some of the worst of the worst

How do you evaluate the impact of a data breach? Here are six of the biggest data breaches in 2019 in terms of millions, even billions, of people affected.

Continue Reading...

[Webinars] Container security, tool misuse and abuse, open source in M&A

Learn how containerization changes the security paradigm, how to prevent security tool misuse, and what M&A participants should know about open source.

Continue Reading...

[Infographic] 5 lessons learned from the BSIMM

Here are 5 lessons we’ve learned from 10 years of the BSIMM: There are no special snowflakes, but your firm is unique. People are essential, but they can’t do everything. And pen testing is never enough.

Continue Reading...

The blockchain train: Get on board—with caution

What are the best ways to make enterprise blockchain platforms more secure? Test them, analyze them, and get the bugs out before exposing them to the world.

Continue Reading...

[Webinar] Static Analysis Security Testing (SAST) in CI/CD: Why and How

Learn how to add static application security testing (SAST) to your CI/CD workflows to constantly verify code changes and improve application integrity.

Continue Reading...

SAST vs. SCA: What’s the difference? Do I need both?

Learn how to combine static application security testing (SAST) and software composition analysis (SCA) to strengthen your software security program.

Continue Reading...

Integrating Coverity Scan with GitLab CI

David Woodhouse at AWS, who maintains the open source OpenConnect VPN client, explains how he integrated Coverity Scan with GitLab CI.

Continue Reading...

[Webinar] OWASP Top 10 for JavaScript Developers

The OWASP documentation doesn’t give much attention to JavaScript. This webinar explains the OWASP Top 10 in terms of JavaScript vulnerabilities.

Continue Reading...