Software Integrity Blog

More medical mega-breaches thanks to third-party insecurity

The AMCA breach hammers home the need for supply chain security. Here’s how to vet your vendors so you can keep from becoming the next Quest or LabCorp.

Continue Reading...

Using the cloud as a cheap DevSecOps lab environment

A DevSecOps lab gives you valuable hands-on experience with the tools and technologies you need to evaluate. Thanks to the cloud, it’s cheap to create one.

Continue Reading...

Web AppSec interview questions every company should ask

Preparing for a web application security interview? Here’s a thorough list of web AppSec interview questions for companies to ask and candidates to review.

Continue Reading...

Q&A: Interactive application security testing (IAST) and Seeker

Do you have questions about IAST? We’ve got answers, explanations, and recommendations. Read our responses to audience questions from our last IAST webinar.

Continue Reading...

[Webinars] Tech due diligence and AppSec tools for developers

Learn how to manage your software asset risk in tech due diligence, and discover AppSec tools and techniques to enable your developers to build security in.

Continue Reading...

Synopsys receives a 2019 SD Times 100 award in security

As a software security company, we value recognition from development organizations above all else. So we’re pleased to receive a 2019 SD Times 100 security award.

Continue Reading...

You’re using open source software, and you need to keep track of it

How should you track open source? It’s almost definitely in your codebase, so the question is not whether to track it but what could happen if you don’t.

Continue Reading...

Top 4 website security tips for development and hosting

If you design, develop, or host websites for SMBs, your clients are trusting you to keep their data secure. Here are our top 4 website security tips.

Continue Reading...

The Verizon DBIR and the art of the breach

An attack path is a series of threat actions leading to a successful data breach. The Verizon 2019 DBIR (Data Breach Investigations Report) offers insights.

Continue Reading...

[Webinars] Software security metrics and open source security

Learn how to drive your software security initiative with metrics, and get practical advice for open source security with Red Hat, in our new webinars.

Continue Reading...