- Silicon Design & Verification
- Silicon IP
- Software Integrity
- About Us
- Silicon Design & Verification Products
- Solutions
- Resources
- Services
- Community
- Training
- Silicon IP Products
- Solutions
- Resources
- Services
- Community
- Software Integrity
- Tools & Services
- Training & Education
- Solutions
- Resources
- Support
- Partners
- About Us
< Silicon Design & Verification Products
< Silicon Design & Verification Products
< Silicon Design & Verification Products
< Silicon Design & Verification Products
3D Image Processing
Simpleware Products
Simpleware for Life Sciences
Simpleware for Materials & Manufacturing
< Silicon Design & Verification Products
< Silicon Design & Verification Products
< overview
Silicon Design & Verification Products
+
Design
+
System Simulation & Modeling
+
Verification Continuum
+
3D Model Generation
+
Silicon Engineering
+
Optical Solutions
< Solutions
< Solutions
< Solutions
< Resources
< Resources
< Resources
< overview
< Services
< Services
< Services
< Community
Community
Community Overview
< Community
< Community
< Community
< Community
< Community
< Community
< Community
< overview
Community
+
Community
+
SNUG
+
Partners
+
EmbARC.org
+
Interoperability
+
Academic Programs
+
Company Blogs
+
BSIMM
< Training
< overview
< main menu
< Silicon IP Products
< Silicon IP Products
Memories & Libraries
Logic Libraries
Memory Compliers
Duet Packages
HPC Design Kit
Embedded Test & Repair
Non-Volatile Memory
< Silicon IP Products
< Silicon IP Products
Processor Solutions
ARC Processor IP
Embedded Vision Processor IP
Development Tools
Operating Systems
Ecosystem
ASIP Tools
< Silicon IP Products
< Silicon IP Products
< Silicon IP Products
< Silicon IP Products
< Silicon IP Products
< overview
Silicon IP Products
+
Interface IP
+
Memories & Libraries
+
Analog IP
+
Processor Solutions
+
IP Subsystems
+
Security IP
+
Market Segments
+
IP Accelerated
+
SoC Infrastructure IP
< Solutions
< Resources
< Services
< Services
< Services
< Community
Community
Community Overview
< Community
< Community
< Community
< Community
< Community
< Community
< Community
< overview
Community
+
Community
+
SNUG
+
Partners
+
EmbARC.org
+
Interoperability
+
Academic Programs
+
Company Blogs
+
BSIMM
< overview
Software Integrity
< Tools & Services
< Tools & Services
Professional Services
Strategy and Planning (BSIMM)
Architecture & Design
DevSecOps Integration
Cloud Security
Industry Solutions
< Tools & Services
Open Source Audits
< overview
< Training & Education
< Training & Education
Product Education
< overview
< Solutions
< Solutions
< Resources
< Resources
< Support
< Support
Contact Support
< Partners
< main menu
Software Integrity
+
Software Integrity
+
Tools & Services
+
Training & Education
+
Solutions
+
Resources
+
Support
+
Partners
< About Us
< About Us
< About Us
< About Us
< About Us
< About Us
Software Integrity
Automation: One of the keys to DevSecOps
October 12, 2018
BSIMM9: Not a how-to but a roadmap to a better SSI
October 5, 2018
Now more than ever, deciding on a career is a daunting prospect. Yes, unemployment’s at a record low, and new jobs will inevitably replace whatever jobs are lost to “progress.” But those seeking new careers now have to consider that their next career will probably not be their last one. Between artificial intelligence, robots, and […]
In early October, we released the latest version of the BSIMM report, BSIMM9. While many things about the report haven’t changed much, it’s the new things that make it really exciting. After 10 years of study and 167 total firms measured, we’re seeing interesting trends in the state of software security initiatives and how firms […]
The original version of this article was published in Forbes. “Smart but insecure” sounds like you’re talking about a high achiever who needs therapy. Which you could be. But in the online world, it applies to semi-animate objects—the hundreds of millions of devices in American homes that are, at one level, smart. They range from […]
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Remote robbery by Hidden Cobra, a breach by any other name, and facing down the Fourth and Fifth Amendments. Watch this week’s episode here: Hidden […]
The world looks different when you’re in the cloud. As you move to a cloud environment from an on-premises environment, you’ll encounter a whole new set of processes and demands. Access expands. Responsibilities change. Control shifts. The speed of provisioning resources and applications increases. And these changes significantly affect all aspects of IT security. Security […]
The original version of this article was published in Forbes. We’re all familiar with saber rattling. But this is the digital age. Welcome to the world of cyber rattling. This version of it comes in two policy papers from the U.S. government: the White House Cyber Policy and the Department of Defense (DoD) Cyber Strategy. One of […]
October is National Cybersecurity Awareness Month. By now you’ve heard a story—or you have a story—about someone mentioning a product casually in a conversation and later seeing an online ad for the product. Once is coincidence. Twice is surprising. But every other day? How do web and mobile ads somehow seem to know what your […]
Automation in the cloud can help you build faster and deliver continuously, but it can also make managing security a challenge. By integrating Black Duck by Synopsys with the development tools you use in Amazon Web Services, you can scan images in your container registry, automate build scans in your CI pipeline, and stay notified […]
The use of open source has surpassed the occasional and solidified itself as the standard. In fact, the Black Duck by Synopsys 2018 Open Source Security and Risk Analysis found that 96% of the applications we scanned last year contained open source components. It’s increasingly difficult to properly manage open source in an organization to ensure […]
Every organization that develops or integrates software needs a software security initiative (SSI)—that has been true for years. Security is, or ought to be, as important as function and features. What is also true now, given that the large majority of organizations have already migrated or are planning to migrate some or all of their […]
Subscribe via Email
Get the latest Software Integrity news, thought leadership, and more.
Categories
- Agile, CI/CD & DevOps
- Archive
- Automotive Security
- Cloud Security
- Containers
- Critical Infrastructure Security
- Data Breach
- Developer Enablement
- Event
- Featured
- Financial Services Security
- Fuzz Testing
- General
- Government Security
- Hacking Security
- Healthcare Security
- Infographic
- Interactive Application Security Testing (IAST)
- Internet of Things
- Legal
- Maturity Model (BSIMM)
- Medical Device Security
- Mobile Application Security
- Open Source Security
- Privacy
- Red Teaming
- Security Standards and Compliance
- Security Training
- Software Architecture and Design
- Software Composition Analysis
- Software Security Initiative (SSI)
- Static Analysis (SAST)
- Web Application Security
- Webinar
- Weekly Security Mashup