Software Integrity Blog

Search Results for 'infographic'


Application security survey at RSA: The good, the bad, and the ugly

Our RSA 2019 survey on the state of application security collected dozens of responses and highlighted some notable trends. Take a look at what we found out.

Continue Reading...

Posted in Featured, General


9 highlights from the 2018 Software Integrity Blog

From vulnerability detection to API security, these nine topics hit the highlights from our coverage of software security and quality this year.

Continue Reading...

Posted in General


Hacking Security Episode 3: OSSRA report findings

Hacking Security is a monthly podcast on emerging trends in application security. Episode 3 explores key findings from the 2018 OSSRA report.

Continue Reading...

Posted in General, Open Source Security, Software Composition Analysis


Security lessons from the House Oversight and Government Reform Committee

The U.S. House Committee on Oversight and Government Reform has more than a few things to say about responsible enterprise application security.

Continue Reading...

Posted in Data Breach, Open Source Security


Hard questions raised when a software ‘glitch’ takes down an airliner

The parts and systems on an airplane don’t have to fail in a big way to have big consequences. A flaw in airline software could be a matter of life or death.

Continue Reading...

Posted in General


10 critical cloud security threats in 2018 and beyond

Explore 10 critical cloud security threats: data breaches, human error, data loss, insider threats, DDoS attacks, insecure APIs, exploits, account hijacking, APTs, and CPU flaws.

Continue Reading...

Posted in Cloud Security, General


Retail joins the BSIMM—finally

The BSIMM—Building Security In Maturity Model—is now into its 10th year of being a self-described “measuring stick for software security” for multiple industries. But there are still newcomers—this year it’s retail. Ten retail firms participated in BSIMM9, which tracks the development of SSIs (software security initiatives) by organization based on 116 possible activities, grouped into […]

Continue Reading...

Posted in Maturity Model (BSIMM)


Webinar: BSIMM9: Here’s what’s new!

In our on-demand webinar with Mike Ware (Synopsys), you’ll learn what makes our latest observations of real-life software security initiatives in BSIMM9 so exciting.

Continue Reading...

Posted in General, Maturity Model (BSIMM), Webinars


Webinar: Effective policies for managing and releasing open source software

In our on-demand webinar with Mark Radcliffe (DLA Piper and OSI) and Tony Decicco (GTC), you’ll learn about using and releasing open source safely, and what it means for tech due diligence.

Continue Reading...

Posted in General, Open Source Security, Webinars


BSIMM9 by the numbers

Over the past ten years, we’ve studied dozens of security activities performed by real-life firms to measure the software security practices used in organizations of different sizes, in different verticals, and at different levels of maturity. Quantifying these practices in the Building Security In Maturity Model (BSIMM) allows us to describe the common areas shared […]

Continue Reading...

Posted in General, Maturity Model (BSIMM)