Software Integrity Blog

Securing software development: NIST joins the parade

The NIST Secure Software Development Framework (SSDF) is the latest standard aimed at improving software security. Can its novel approach help it succeed?

Continue Reading...

Why hackers are targeting your web apps (and how to stop them)

How do you protect your web apps from hackers? Forget firewalls. You need an AppSec toolbelt, including software composition analysis and automated testing.

Continue Reading...

[Webinars] Software supply chain and open source scans

Learn how different open source scans create different value for M&A transactions, and how binary analysis can help you secure your software supply chain.

Continue Reading...

Get ready for a ransomware tsunami

Ransomware payments might seem like a quick solution to get back on your feet after an attack. But paying the attackers just makes the problem worse.

Continue Reading...

Join Synopsys at codenomi-con and Black Hat USA 2019

Black Hat USA 2019 is in Las Vegas, Aug. 7–8. Visit us for a chance to win a Nintendo Switch, and join us at codenomi-con at the Skyfall Lounge on Aug. 6.

Continue Reading...

[Webinars] Software audits for M&A and secure programming

Bring more value to your M&A clients with software audits, and learn how to build a culture of secure programming in your organization in our new webinars.

Continue Reading...

Patch now or pay later: Report

To prevent data breaches, practice these two fundamentals: shift left (perform application security testing early and often in your SDLC), and always patch.

Continue Reading...

It’s not just you they’re after—it’s your supply chain too

Supply chain attacks are not new. But as the supply chain grows longer and more complex, the attacks are evolving to keep up. Is your supply chain secure?

Continue Reading...

Top 3 operational open source risk factors

Consider these three operational open source risk factors when using open source components: version currency, version proliferation, and project activity.

Continue Reading...

What is continuous testing?

Continuous testing means testing an application continuously throughout the software life cycle. It’s a critical part of CI/CD and—like any other part—should be automated.

Continue Reading...