- All Products
- Software Integrity
- Semiconductor IP
- Verification
- Design
- Silicon Engineering
- Application Security Services
- Dynamic Analysis (DAST)
- Mobile Application Security
- Penetration Testing
- Managed Static Analysis
- All Services
- Software Security
- Silicon Design
- Community
- About Us
< All Products
< All Products
< All Products
< All Products
< All Products
< All Products
< overview
All Products
+ Software Integrity + Semiconductor IP + Verification + Design + Silicon Engineering + Optical Solutions< Software Integrity
< Software Integrity
Application Security Services
Dynamic Analysis (DAST) Mobile Application Security Penetration Testing Managed Static Analysis< Software Integrity
< Software Integrity
< Software Integrity
Blog
< Software Integrity
Support
< overview
Software Integrity
+ Application Security Products + Application Security Services + Resources + Training & Education Blog Support< Semiconductor IP
< Semiconductor IP
Memories & Libraries
Logic Libraries Memory Compliers Duet Packages HPC Design Kit Embedded Test & Repair Non-Volatile Memory< Semiconductor IP
< Semiconductor IP
Processor Solutions
ARC Processors Embedded Vision Processors Development Tools Operating Systems Ecosystems ASIP Tools< Semiconductor IP
< Semiconductor IP
< Semiconductor IP
< Semiconductor IP
< Semiconductor IP
< overview
< Verification
< Verification
< Verification
< Design
< Design
< Design
< overview
< Silicon Engineering
< overview
< main menu
< Solutions
< Solutions
Industry Solutions
Automotive Cloud Computing Financial Services Industrial Controls Systems Healthcare< Solutions
< overview
< All Services
< All Services
< All Services
< overview
< Software Security
< Software Security
Managed Services
< Software Security
Program Development & Design
Maturity Model (BSIMM) Maturity Action Plan (MAP) Policies & Standards Security Metrics Software Security-in-a-Box< Software Security
< Software Security
Support
< overview
Software Security
+ Software Security Services Managed Services + Program Development & Design + Training Support< Silicon Design
< Silicon Design
< Silicon Design
< Silicon Design
< main menu
< Community
< Community
< Community
< Community
Interoperability
ARC Access HAPS Connect HSPICE Integrator In-Sync System-Level Catalyst TAP-in VC Apps Access< Community
< Community
< Community
< overview
Community
+ Community + SNUG + Partners + Interoperability + Academic Programs + Company Blogs + BSIMM< About Us
< About Us
< About Us
< About Us
< About Us
Software Integrity
What are the different types of software testing?
October 9, 2017
4 simple steps to encourage online safety at your company
October 4, 2017
How secure is iPhone X Face ID facial recognition?
September 27, 2017
WPA2? The weekend of Friday the 13th took a frightening turn—even for those of us who aren’t superstitious—when detrimental weaknesses were discovered in Wi-Fi Protected Access II (WPA2), the protocol responsible for securing Wi-Fi networks. WPA2 was first made available back in 2004 and has been required on all Wi-Fi branded devices since March 2006. […]
What happened and what can we learn? There’s been some very big news in the cryptographic world this week. So far, several technology news sites have highlighted the impact of a new vulnerability on Estonian and Slovakian smartcards, but the reach of this vulnerability is far wider than that. Five security researchers have just announced […]
What are Security Champions? Security Champions are developers who have a direct impact on the resiliency and security of their firm’s software. They are enthusiastic volunteers willing to participate in advanced software security training to perform an important role. They are also a part of a greater community of Champions exchanging ideas and techniques. Since […]
As you’re probably well aware, application security is a major issue among software developers and users. After all, a breach caused by an overlooked issue, as was the case for Equifax’s recent attack, can impact millions around the globe. The rise of high-profile ransomware and DDoS attacks is causing more and more developers to realize […]
Over the past year, Synopsys’ Gary McGraw has hosted 12 women making an impact on the security industry in his monthly Silver Bullet Security Podcast. The podcast features in-depth conversations with security gurus. Past guests include technologists, academics, business leaders, and government officials. A year ago, McGraw set out to focus his efforts on finding […]
Several frameworks have been proposed to evaluate the security of biometric systems. Popular ones include the simpler Ratha’s framework [1] and the enhanced Bartlow and Cukic framework [2]. To employ these frameworks to evaluate iPhone X’s biometric security, we need a lot of data points that we don’t have yet. We won’t speculate on the […]
A list of critical web application security vulnerabilities is a necessary risk management tool. Equally true is that each organization has a different set of vulnerabilities plaguing their applications. To complete a trifecta of fundamental truths, crowdsourced lists such as the OWASP Top 10 rarely reflect an individual organization’s priorities. Given all that, many organizations […]
Over the past decade, most organizations have established a well-oiled process for software development and maintenance. We refer to this as the software development life cycle (SDLC). However, advancing security threats relating to insecure software have brought the focus to security implementation within the SDLC without hampering quality. Let’s examine a few strategies to implement security […]
I am often posed the question, how do you manage to staff security professionals in such a competitive market? Our team has even been asked to help top-tier clients fill their own internal vacancies. So what makes us effective? Secure executive support It is very common for recruiting departments to be treated as administrative support […]
Fault Injection is a podcast from Synopsys that digs deep into software quality and security issues. This week, hosts Robert Vamosi, CISSP and security strategist at Synopsys, and Chris Clark, principal security engineer at Synopsys, interview Sammy Migues, principal scientist here at Synopsys, about the new Building Security In Maturity Model (BSIMM) 8 report. You […]
Categories
- Agile Methodology (19)
- Application Security (214)
- Automotive Security (42)
- CI/CD (3)
- Cloud Security (15)
- Code Review (21)
- Cryptography (3)
- Data Breach (51)
- DevOps (7)
- Dynamic Analysis (DAST) (12)
- Embedded Software Testing (20)
- Ethical Hacking (6)
- Featured (3)
- Financial Services Security (16)
- Fuzz Testing (15)
- Government Security (15)
- Healthcare Security (24)
- Industrial Control System Security (8)
- Infographic (9)
- Insurance Provider Security (3)
- Interactive Application Security Testing (IAST) (2)
- Internet of Things (56)
- JavaScript Security (4)
- Maturity Model (BSIMM) (44)
- Medical Device Security (30)
- Mobile Application Security (47)
- Network Security (26)
- Open Source Security (36)
- OWASP (6)
- Penetration Testing (15)
- Red Teaming (12)
- Secure Coding Guidelines (8)
- Security Architecture (9)
- Security Conference or Event (42)
- Security Metrics (11)
- Security Risk Assessment (36)
- Security Standards and Compliance (29)
- Security Training (42)
- Smart Grid Security (3)
- Software Architecture and Design (14)
- Software Composition Analysis (8)
- Software Development Life Cycle (SDLC) (48)
- Software Quality (13)
- Software Security Program Development (42)
- Software Security Testing (207)
- Static Analysis (SAST) (43)
- Threat Intelligence (5)
- Threat Modeling (25)
- Vendor Risk Management (11)
- Vulnerability Assessment (115)
- Web Application Security (53)
Archives