Software Integrity Blog

What the 2021 OSSRA report tells us about the state of open source in commercial software

Open source vulnerabilities are on the rise according to the new OSSRA report. Get the latest information on open source security, compliance, and code quality risk.

Continue Reading...

Neil Daswani talks about his big breaches book and the BSIMM

Dr. Neil Daswani discusses the root causes of today’s breaches and how the BSIMM can help companies achieve the right security habits.

Continue Reading...

Penetration testing: A yearly physical for your applications

Regardless of your company’s maturity level, penetration testing should be conducted annually to understand the health of your applications.

Continue Reading...

Integrating fuzzing into DevSecOps

Fuzzing helps detect unknown vulnerabilities before software is released. Learn when and where to integrate and automate fuzz testing in your SDLC.

Continue Reading...

Don’t be the weak link in your customers’ supply chain security

To solve the supply chain security dilemma, producers must get back to security basics. Get best practices for securing your supply chain.

Continue Reading...

Medical device security in a pandemic world

The pandemic has put a lot of things on hold over the last year, but medical device security shouldn’t be one of them.

Continue Reading...

AppSec Decoded: What are organizations doing to manage open source vulnerabilities?

In this AppSec Decoded interview, we look at the top takeaways from the ‘DevSecOps Practices and Open Source Management in 2020’ report. 

Continue Reading...

Synopsys CyRC named a CVE Numbering Authority

As a CVE Numbering Authority, Synopsys can assign CVE ID numbers and publish newly discovered vulnerabilities.

Continue Reading...

How to cyber security: Minimize risk and testing time with Intelligent Orchestration

Integrating AST tools into your CI/CD pipeline shouldn’t compromise your development velocity. Learn how Intelligent Orchestration can help.

Continue Reading...

Hacking medical devices: Five ways to inoculate yourself from attacks

Healthcare companies must follow medical device security best practices to defend against attacks on devices and the networks and systems they connect to.

Continue Reading...