• Silicon Design & Verification Products
  • Solutions
  • Resources
  • Services
  • Community
  • Training
  • Silicon IP Products
  • Solutions
  • Resources
  • Services
  • Community
Contact Us
Contact Us
Contact Us
  • Software Integrity
  • Tools & Services
  • Training & Education
  • Solutions
  • Resources
  • Support
  • Partners
Contact Sales
Contact Sales
Contact Sales
Contact Sales
Contact Sales
  • About Us
Discover
+ Silicon Design & Verification + Silicon IP + Software Integrity + About Us
Support
SolvNet Software Integrity
Global SItes
日本サイ ト 中文网站 中文網站 Сайт Россия

Software Integrity Blog

Author Archive

Ashutosh Agrawal

aagrawal

Ashutosh Agrawal is an associate managing consultant at Synopsys. Over the last nine years, he has performed and led a wide variety of application security assessments including penetration tests, secure code reviews, and threat modeling projects. He has deployed static analysis tools, developed SSDLC policies and standards, and has delivered several instructor-led training courses. Ashutosh possesses extensive project management experience as a key member of Synopsys' strategic Software Security In-a-Box and BSIMM initiatives. Ashutosh has a Master's in Computer Science from the University of Southern California and is currently based in Washington DC. In his spare time, he loves to teach Hindi to students via Google Hangout.

Posts by Ashutosh Agrawal:

 

3 ways that AppSec training benefits your long-term security strategy

Security training is an investment that yields critical returns to both the organization and the organization’s most valuable asset—its people. Training can directly impact key metrics like bug density ratios and time to remediation if it is implemented effectively. Today, I’ll highlight three ways that application security training can effectively benefit your long-term security strategy and mature […]

Continue Reading...

Posted in Security Training, Software Security Initiative (SSI) | Comments Off on 3 ways that AppSec training benefits your long-term security strategy

 

3 common mistakes companies make when starting a software security initiative

Organizations typically make three common mistakes when establishing a software security initiative (SSI). The ability to reflect on these mistakes can help firms determine whether or not their program is moving in the right direction. Let’s explore some of the most common software security initiative mistakes and alternate approaches to get firms on the right track. Ad-hoc […]

Continue Reading...

Posted in Software Security Initiative (SSI) | Comments Off on 3 common mistakes companies make when starting a software security initiative

 

2015 cyber security breaches that will live in infamy

The old proverb, “you don’t know where you’re going until you know where you’ve been,” is a very apt description for the field of application security. The application security industry is still relatively new, and we are still learning from our mistakes as we create a baseline from which are able to move forward.  In […]

Continue Reading...

Posted in Data Breach, Maturity Model (BSIMM) | Comments Off on 2015 cyber security breaches that will live in infamy

 

Understanding Python pickling and how to use it securely

Post written by Ashutosh Agrawal, Senior Consultant and Arvind Balaji, Associate Consultant Pickle in python is primarily used in serializing and de-serializing a python object structure. In other words it’s the process of converting a python object into a byte stream in order to store it in a file/database, maintain program state across sessions, or […]

Continue Reading...

Posted in Uncategorized | Comments Off on Understanding Python pickling and how to use it securely

 
Subscribe via Email

Get the latest Software Integrity news, thought leadership, and more.