Application Security & Software Security Blog

Report: Security and development teams need to ‘embrace’ new roles in DevSecOps

For sustainable, long-term application security, both developers and information security professionals must embrace their new roles created by DevSecOps.

JDA Software: Extending their SDLC to remediate open source issues

Smart organizations in the business of building software need to use a mix of application testing tools to ensure their code is high-quality and secure.

How to Cyber Security: Unicorns and donkeys

A security group should help lift the organization into a positive, proactive attitude and work security into all aspects of development and operations.

[Infographic] 7 truths to improve your software security program

The Building Security In Maturity Model (BSIMM) can help you improve your software security program, regardless of industry, size, or application mix.

Open source for lawyers: Costs of open source use

Open source might be free, but it’s not risk-free. Let’s examine the potential legal cost of open source use associated with license noncompliance.

Multiple bills seek to secure elections: Will they do it?

A number of election security bills and discussion drafts are currently before the House and Senate. If passed, could they really lead to secure elections?

[Webinars] CI/CD optimization and automated testing, open source audit reports

Learn how our CloudBees partnership helps users optimize CI/CD and automate AppSec Testing, and steps to take after you get an open source audit report.

It’s past time to put passwords out of our misery

No password is secure. With so many password alternatives now available, such as FIDO and passwordless authentication, we can get rid of passwords for good.

Synopsys Software Integrity Group Security Week 2019

During Cybersecurity Awareness Month, the Software Integrity Group hosted Security Week 2019, with presentations, guest speakers, and a capture-the-flag.

The due diligence of a deal

Technology due diligence may turn up surprises, but it’s better to find them sooner rather than later. Third-party audits can help you assess your risk.

Next Entries »

Be the first to know

Don’t miss the latest AppSec news and trends every Friday.

Subscribe to the blog

Software Integrity Blog

Ask the Experts: How has software security improved in the last few years?

Synopsys CSO: Cybersecurity Awareness Month lessons need to be applied all year

Top open source licenses and legal risk for developers

Report: Security and development teams need to ‘embrace’ new roles in DevSecOps

JDA Software: Extending their SDLC to remediate open source issues

How to Cyber Security: Unicorns and donkeys

[Infographic] 7 truths to improve your software security program

Open source for lawyers: Costs of open source use

Multiple bills seek to secure elections: Will they do it?

[Webinars] CI/CD optimization and automated testing, open source audit reports

It’s past time to put passwords out of our misery

Synopsys Software Integrity Group Security Week 2019

The due diligence of a deal

Legal

Follow