Software Integrity

Synopsys eLearning goes beyond your typical training solution. Our course offerings provide developers with targeted training that centers specifically on the security frameworks and platforms they’re using. In fact, I was recently talking to one of our course authors who is in the process of writing new course material. We were talking about password hashing […]

Continue Reading...

RSA happened last week, and a ton of news—some gloomy, some encouraging—has come from the world’s largest cyber security conference. The Israeli government follows Great Britain, the U.S., and France and moves to open source. TaskRabbit pledges “more security” after a data breach, and nine things you can expect to have an impact on cyber […]

Continue Reading...

It was mostly sunny outside RSA Conference 2018 in San Francisco during the opening keynotes on Tuesday. Inside? Well, there were some sunny breaks, but plenty of clouds as well. It started sunny, when RSA president Rohit Ghai acknowledged the clouds but chose to focus on “Three Silver Linings.” “I’m not in denial,” he said. […]

Continue Reading...

Google started releasing monthly security updates for Android back in August 2015. Modern Android devices show you the latest monthly patch level that has been applied. The responsibility for deploying the patches ultimately falls on original equipment manufacturers (OEMs) and carriers, who need to test the security updates on their devices to ensure that they […]

Continue Reading...

It’s nearly an all-Tim Mackey issue of Software Integrity Insight as our technical evangelist weighs in on data breaches, container adoption, GitHub, and open source serverless applications. Other stories in this week’s software integrity news include the SirenJack vulnerability, a security vulnerability potentially putting warning sirens across the city of San Francisco at risk, and […]

Continue Reading...

As firms consistently strive to become more agile, cloud and containers can help them build software faster and deliver continuously. At the same time, many firms fear that adding security to DevOps practices can severely slow down processes. With GitHub and Black Duck by Synopsys, firms can automate secure development workflows, shift security left, and […]

Continue Reading...

It’s been quite an interesting few weeks in the land of data breach disclosures. We started with Under Armour disclosing a breach in their MyFitnessPal application that impacted 150 million users. A few days later, Lord & Taylor and Saks Fifth Avenue disclosed a breach impacting millions of their in-store shoppers. Later the same day, […]

Continue Reading...

Any tradesperson, specialist, expert, aficionado, or technologist will tell you that the key to a quality outcome is a set of tools specific to the project and oriented to the goal. The realm of software security and secure DevOps is no exception to this truth, and in Black Duck Hub’s version 4.5 release, we further […]

Continue Reading...

As application development teams are pressured to deliver software faster than ever, containers offer clear advantages. Docker debuted to the public in 2013, and since then there have been over 29 billion Docker container downloads. Benefits of containerization 66% of organizations adopting containers experienced accelerated developer efficiency 75% of companies achieved an increase in application […]

Continue Reading...

Open Source Insight makes the transition to the Synopsys Software Integrity (SIG) blog this week, and you can find us here, as well as the latest posts from SIG technology evangelist Tim Mackey. This week’s edition looks at security for container images, cyber security in healthcare, how most data breaches occur, and a host of […]

Continue Reading...