Software Integrity Blog
BSIMM10: A decade of research on software security activities
September 18, 2019
Ask the experts: What’s the top cloud migration security risk?
September 9, 2019
What are the different types of security vulnerabilities?
August 28, 2019
To support the launch of Binary Authorization, we’re releasing Black Duck for Google Cloud Build to help ensure your images are free of policy violations.
We recently saw the first settlement by a company charged under the False Claims Act for failing to meet cyber security standards. Is there more to come?
![[Webinar] M&A tech due diligence from the seller’s perspective](http://www.synopsys.com/blogs/software-security/wp-content/uploads/2019/09/ma-webinar.jpg)
In technology M&A transactions, what do buyers need, and what can sellers do to prepare? We discuss how to prepare for the M&A tech due diligence process.
Many companies are relaxed about reusing software under the Beerware License and similar open source licenses. But not all such licenses are created equal.
![[Infographic] BSIMM10 by the numbers](http://www.synopsys.com/blogs/software-security/wp-content/uploads/2019/09/bsimm-by-the-numbers-header.jpg)
How many BSIMM participants have a software security group? How many think it’s key to their success? How many people are in the average SSG? Get the facts.
The list of regulatory compliance challenges facing companies grows longer every time a new regulation is introduced. But do security regulations even work?
![[Webinar] Bring container security into OpenShift with Synopsys Operator](http://www.synopsys.com/blogs/software-security/wp-content/uploads/2018/10/secure-containers-github-synopsys.jpg)
Modern applications contain over 50% open source components. Do you have an open source vulnerability management solution for your container environment?
If you want to enjoy your Sunday kickoffs, our software security program checklist of five activities will help you kick off your program successfully.
Chain Heist, our blockchain capture-the-flag at DEF CON 2019, showed that vulnerability detection tooling for blockchain security still has a way to go.
Safety-critical software powers everything from airplanes to power plants, defib machines, and seatbelts. And quality issues can lead to injury and death.