Software Integrity

Search Results for 'security architecture'

 

Caching security architecture knowledge with design patterns

We have always done architecture work. In the past clients replaced their legacy systems with ‘new-fangled’ JavaEE. As they explored platform features, an ecosystem of web frameworks, and related commercial products (Netegrity’s SiteMinder). Realizing they needed help, they looked to us for: Standards/Policy JEE Platform Security Guide JEE Security Specification (Requirements) Technology-specific standards Reference Architecture Security […]

Continue Reading...

Posted in Software Architecture and Design | Comments Off on Caching security architecture knowledge with design patterns

 

3 security risks that architecture analysis can resolve

Verizon performs an annual assessment of a large sample of breaches and attacks that take place all over the world and analyzes the most common problems and key areas which lead to major attacks. In this article, we discuss three specific security incident patterns from Verizon’s report and how architecture analysis assessments can help organizations […]

Continue Reading...

Posted in Software Architecture and Design, Web Application Security | Comments Off on 3 security risks that architecture analysis can resolve

 

Aspect-oriented service architecture: ‘Built in’ or ‘bolted on’ security?

I’ve been looking at how people have been implementing input validation and entitlement evaluation within service-oriented architectures (SOA). One of the nice properties of an SOA is service composition, so transformation and validation can be implemented as an independent utility service and then composed with other services. But service composition has the drawback that one […]

Continue Reading...

Posted in General | Comments Off on Aspect-oriented service architecture: ‘Built in’ or ‘bolted on’ security?

 

2019 software security predictions

Our experts share their 2019 software security predictions about AI/machine learning, design and standards, cloud adoption, and IoT, routers, and data in transit.

Continue Reading...

Posted in General | Comments Off on 2019 software security predictions

 

Both consumers and retailers need to up their cyber security to make holidays happy

We’ve got some Black Friday advice for retailers and shoppers who want to keep everyone’s data safe and secure, for a truly happy holiday season.

Continue Reading...

Posted in General | Comments Off on Both consumers and retailers need to up their cyber security to make holidays happy

 

Project Zero director exhorts Black Hat audience to do security better

Google’s famous “Don’t be evil” motto got a corollary this week at Black Hat from Parisa Tabriz, director of engineering for the company’s Project Zero: “Do things better.” “We have a responsibility to do things better. Computer security is becoming the security of the world,” she said during her Wednesday morning keynote in Mandalay Bay’s […]

Continue Reading...

Posted in Webinars | Comments Off on Project Zero director exhorts Black Hat audience to do security better

 

What’s being done about the growing software security talent gap?

As we continue to face a staffing shortage in security, many companies are scratching their heads as to why new graduates are simply not starting careers in cyber security. According to TechRepublic’s Alison DeNisco Rayome, only 9% of millennials are interested in pursuing careers in cyber security, perhaps because it’s a relatively new field. Similarly, […]

Continue Reading...

Posted in General | Comments Off on What’s being done about the growing software security talent gap?

 

Establishing technology trust at Infosecurity Europe 2018

Infosecurity Europe is one of the leading information security events in Europe. The annual event, taking place this year from 5-7 June, brings together over 19,500 information security professionals, over 400 exhibitors showcasing the most cutting edge information security solutions, and thought leaders from around the globe. This year, Synopsys technical evangelist, Tim Mackey (@TiminTech), […]

Continue Reading...

Posted in Container Security, Webinars | Comments Off on Establishing technology trust at Infosecurity Europe 2018

 

Announcing OpsSight Container Security 2.0 GA

Containers have restructured the way we think about our infrastructure, bringing development and operations teams closer together than ever before, and placing applications center stage in the infrastructure environment. Teams are massively scaling containerized deployments with Kubernetes and Kubernetes-based solutions, like Red Hat’s enterprise-grade container orchestration platform, OpenShift Container Platform. But in containerized deployments, because […]

Continue Reading...

Posted in Container Security, Open Source Security | Comments Off on Announcing OpsSight Container Security 2.0 GA

 

Securing IoT, Atlanta ransomware, Congress on cybersecurity

The Black Duck blog and Open Source Insight become part of the Synopsys Software Integrity blog in early April.  You’ll still get the latest open source security and license compliance news, insights, and opinions you’ve come to expect, plus the latest software security trends, news, tips, best practices, and thought leadership every week.  Don’t delay, […]

Continue Reading...

Posted in Automotive Security, Internet of Things | Comments Off on Securing IoT, Atlanta ransomware, Congress on cybersecurity