Software Integrity Blog

What is continuous testing?

Continuous testing means testing an application continuously throughout the software life cycle. It’s a critical part of CI/CD and—like any other part—should be automated.

Continue Reading...

More medical mega-breaches thanks to third-party insecurity

The AMCA breach hammers home the need for supply chain security. Here’s how to vet your vendors so you can keep from becoming the next Quest or LabCorp.

Continue Reading...

Using the cloud as a cheap DevSecOps lab environment

A DevSecOps lab gives you valuable hands-on experience with the tools and technologies you need to evaluate. Thanks to the cloud, it’s cheap to create one.

Continue Reading...

Web AppSec interview questions every company should ask

Preparing for a web application security interview? Here’s a thorough list of web AppSec interview questions for companies to ask and candidates to review.

Continue Reading...

Q&A: Interactive application security testing (IAST) and Seeker

Do you have questions about IAST? We’ve got answers, explanations, and recommendations. Read our responses to audience questions from our last IAST webinar.

Continue Reading...

[Webinars] Tech due diligence and AppSec tools for developers

Learn how to manage your software asset risk in tech due diligence, and discover AppSec tools and techniques to enable your developers to build security in.

Continue Reading...

Synopsys receives a 2019 SD Times 100 award in security

As a software security company, we value recognition from development organizations above all else. So we’re pleased to receive a 2019 SD Times 100 security award.

Continue Reading...

You’re using open source software, and you need to keep track of it

How should you track open source? It’s almost definitely in your codebase, so the question is not whether to track it but what could happen if you don’t.

Continue Reading...

Top 4 website security tips for development and hosting

If you design, develop, or host websites for SMBs, your clients are trusting you to keep their data secure. Here are our top 4 website security tips.

Continue Reading...

The Verizon DBIR and the art of the breach

An attack path is a series of threat actions leading to a successful data breach. The Verizon 2019 DBIR (Data Breach Investigations Report) offers insights.

Continue Reading...