A 2015 Gartner report estimated that 25% of Global 2000 organizations would be using DevOps and Agile development practices as part of their mainstream strategies by the close of 2016. Our experience with Synopsys customers confirms this prediction has come true.
Posted in Agile, CI/CD & DevOps | Comments Off on It’s time to enlist Security Champions to fuel Agile development
What are Security Champions?
Security Champions are developers who have a direct impact on the resiliency and security of their firm’s software. They are enthusiastic volunteers willing to participate in advanced software security training to perform an important role. They are also a part of a greater community of Champions exchanging ideas and techniques.
Posted in General | Comments Off on How do Security Champions enable an AppSec culture?
As people become more reliant on their smartphones, mobile applications become an important focus for many organizations. There are many articles about adapting your software security group (SSG) to handle the new risks posed by new technology. But, are you confident that you are tracking your organization’s progress and performance effectively? What story do your mobile metrics tell? Are you confident that you are able to show the impact your SSG has when addressing mobile security?
A useful security metric tells a story around the impact and value the SSG adds to the organization at large. Rather than reporting how many mobile applications your organization has enrolled in dynamic scanning, there is more value in reporting how many high severity findings your dynamic scanning discovered and/or how many findings were remediated due to the scanning efforts. This shows the impact of dynamic scanning on the quality of the code.
Posted in General, Mobile Application Security, Webinars | Comments Off on What story do your mobile metrics tell?