Software Integrity

Archive for 2017

 

How can SMBs maximize AppSec returns on an SMB budget?

Small and medium-size businesses (SMBs) are nonsubsidiary, independent firms that employ fewer than a given number of employees. This number varies from country to country: Gartner defines an SMB as having fewer than 1,000 employees, but the European Union defines an SMB as having fewer than 250 employees. Managing an SMB budget Many factors affect […]

Continue Reading...

Posted in Application Security, Cloud Security, Data Breach, Software Security Program Development, Static Analysis (SAST) | Comments Off on How can SMBs maximize AppSec returns on an SMB budget?

 

Open source vulnerabilities: Are you prepared to run the race?

Originally posted on SecurityWeek.  After going through 24 seasons of cross-country, winter track, and spring track with my boys, I fully understand that if you put your toe on the line, you had better be prepared to race, or bad things happen. As the use of open source continues to rise, many organizations are putting […]

Continue Reading...

Posted in Data Breach, Open Source Security, Software Composition Analysis | Comments Off on Open source vulnerabilities: Are you prepared to run the race?

 

7 things to consider when transitioning your applications to the Cloud

Written in coordination with Ugochukwu Enyioha Organizations are moving their applications to the Cloud (or using the Cloud as a starting point for application development) at an astonishing rate. According to Forbes, 73% of companies are planning to move to a fully software-defined data center within 2 years. The shift is motivated by three primary […]

Continue Reading...

Posted in Agile Methodology, Cloud Security, DevOps | Comments Off on 7 things to consider when transitioning your applications to the Cloud

 

Top security breaches of 2017 (+2018 cyber security predictions)

The year 2017 broke records for the number of reported security vulnerabilities in software. We also saw one of the worst data breaches ever in terms of impact. Let’s look back at some of the security news from 2017. Record number of vulnerabilities The number of publicly disclosed vulnerabilities in 2017 far exceeds the number […]

Continue Reading...

Posted in Application Security, Data Breach | Comments Off on Top security breaches of 2017 (+2018 cyber security predictions)

 

Infographic: Set the course for developers to navigate software security

Synopsys recently conducted a survey of 274 respondents to identify the role that security plays within organizational development teams. Participants represented a variety of job functions, including software developers, software engineers, quality assurance, software security, and audit/compliance team members. Responses are equally represented for companies under 1,000 employees and companies with 1,000+ employees. Here are […]

Continue Reading...

Posted in Application Security, Infographic, Secure Coding Guidelines | Comments Off on Infographic: Set the course for developers to navigate software security

 

Synopsys named a leader in static application security testing

We’re proud to announce that Synopsys has been positioned as a leader in The Forrester Wave™: Static Application Security Testing, Q4 2017. The in-depth report evaluates the 10 most significant vendors in static application security testing (SAST), assessing their strengths and weaknesses across 29 criteria in three categories. Synopsys Static Analysis (Coverity) is the highest-ranked […]

Continue Reading...

Posted in Application Security, Static Analysis (SAST) | Comments Off on Synopsys named a leader in static application security testing

 

Synopsys strengthens Software Integrity Platform with Black Duck acquisition

Today, Synopsys completed the acquisition of Black Duck Software, a well-respected, established leader in Software Composition Analysis (SCA), which helps organizations identify open source components in their software and check those components for known security vulnerabilities. The two companies are strategically aligned, with a shared vision of building security and quality into the software development […]

Continue Reading...

Posted in Application Security, Open Source Security | Comments Off on Synopsys strengthens Software Integrity Platform with Black Duck acquisition

 

Checklist: Do the software testing tools you employ empower your developers?

Finding and resolving security issues early in the development process saves your organization both time and money. It’s an inefficient strategy to implement solutions further into the software development life cycle (SDLC). However, addressing issues early in the process is easier said than done. Choosing the software testing tools that best align with your firm’s […]

Continue Reading...

Posted in Software Security Testing, Software Testing Optimization | Comments Off on Checklist: Do the software testing tools you employ empower your developers?

 

PayPal uncovers TIO Networks data breach affecting 1.6 million users

In July 2017, PayPal completed its acquisition of TIO Networks for $238 million. TIO Networks, a multichannel payment processor, serves over 16 million consumer bill pay accounts and offers solutions for payment services to financially underserved consumers and consumer services. Fast-forward to Nov. 10, 2017, when PayPal announced the suspension of TIO Networks’ operations due […]

Continue Reading...

Posted in Application Security, Data Breach, Vendor Risk Management | Comments Off on PayPal uncovers TIO Networks data breach affecting 1.6 million users

 

Apps security the top challenge for customer-facing mobile and web applications research shows

A new Synopsys survey reveals that customer-facing web and mobile applications are the top security challenge for IT professionals in Asia. From Sept. 19 to 21, 2017, Synopsys conducted a survey at Singapore International Cyber Week (SICW), the region’s most established cyber security event. We spoke to 244 C-level IT professionals, managers, and executives in […]

Continue Reading...

Posted in Application Security, Mobile Application Security, Web Application Security | Comments Off on Apps security the top challenge for customer-facing mobile and web applications research shows