Software Integrity Blog

[Webinars] OpenChain and open source supply chain security

Learn what OpenChain is, how it works, and how companies around the world are using it to secure their software supply chains and reduce open source risk.

Continue Reading...

New DevSecOps study highlights need to address AppSec throughout the SDLC

The findings reaffirm the importance of shifting security left in the development process, enabling development teams with ongoing training as well as tooling solutions that complement their current processes so they can code securely without negatively impacting their velocity.

Continue Reading...

How DevSecOps done right makes application security easier

How do you integrate application security into DevOps? By enabling your developers to address security issues with automation, integration, and training.

Continue Reading...

Apache Struts research at scale, Part 3: Exploitation

During our CVE-2018-11776 research, we created our own proofs-of-concept so they’d work in a variety of configurations at scale (115 versions of Struts).

Continue Reading...

[Webinars] Open source, threat modeling, Node.js security

Hear about the state of open source in our Red Hat partner webinar, discover our approach to threat modeling, and learn how to secure Node.js applications.

Continue Reading...

Security bugs and flaws: Both bad, but in different ways

Security flaws are different from bugs, but they endanger the security of applications and systems just the same. Here’s how to find and fix design flaws.

Continue Reading...

Secure SDLC 101

Learn about the phases of a software development life cycle, plus how to build security in or take an existing SDLC to the next level: the secure SDLC.

Continue Reading...

[Webinars] Developing track and trace apps, integrating SAST into DevSecOps

Learn about the security considerations for COVID-19 track and trace mobile apps and how to integrate static analysis into your DevSecOps pipeline.

Continue Reading...

Are you making software security a requirement?

Robust software security requirements help you lock down what your software does so that it can be used only as intended. Learn how to build your own.

Continue Reading...

How to overcome 4 software security training challenges

If you face any of these four software security training challenges, we have some tips to help you overcome them and get your team the training they need.

Continue Reading...