Software Integrity Blog

Author Archive

Jim Ivers

jivers

Jim Ivers is the senior director of marketing within Synopsys' Software Integrity Group where he leads all aspects of SIG's global marketing strategies, branding initiatives, and programs, as well as product management and product marketing. Jim is a 30-year technology veteran who has spent the last ten years in IT security. Prior to Synopsys, Jim was the CMO at companies such as Cigital, Covata, Triumfant, Vovici, and Cybertrust, a $200M security solutions provider that was sold to Verizon Business. Jim also served as VP of Marketing for webMethods and VP of Product Management for Information Builders.


Posts by Jim Ivers:

 

Synopsys named a leader in the 2019 Gartner MQ for Application Security Testing—3 years running

In the 2019 Gartner Magic Quadrant for Application Security Testing, Synopsys leads the field for our ability to execute and our completeness of vision.

Continue Reading...

Posted in News & Announcements | Comments Off on Synopsys named a leader in the 2019 Gartner MQ for Application Security Testing—3 years running

 

Open source vulnerabilities: Are you prepared to run the race?

As the use of open source continues to rise, many organizations are unprepared to defend their systems from attacks against open source vulnerabilities.

Continue Reading...

Posted in Data Breach Security, Open Source Security, Software Composition Analysis (SCA) | Comments Off on Open source vulnerabilities: Are you prepared to run the race?

 

IoT security: Where there is smoke, there is fire

There has been a lot of smoke lately, so it is likely there is an interesting IoT security fire burning. Let’s examine the problem and how to fix it.

Continue Reading...

Posted in IoT Security | Comments Off on IoT security: Where there is smoke, there is fire

 

How to reduce risk while saving on the cost of resolving security defects

Can you really reduce the cost per defect by implementing application security best practices? Let’s explore the “so what?” that proves their real worth.

Continue Reading...

Posted in Developer Enablement | Comments Off on How to reduce risk while saving on the cost of resolving security defects

 

Sobering thoughts when a connected medical device is connected to you

I was recently confronted with a subject I’d considered professionally but never had to face personally: the security of connected medical devices.

Continue Reading...

Posted in Healthcare Security & Privacy, Medical Device Security | Comments Off on Sobering thoughts when a connected medical device is connected to you

 

The connected toy conundrum is beginning to boil

Connected toy security is a growing concern. The term “connected device” should make us ask, “Connected to what and why?” and “With what data protections?”

Continue Reading...

Posted in IoT Security | Comments Off on The connected toy conundrum is beginning to boil

 

Moving beyond ‘moving left’: The case for developer enablement

We’re currently seeing a recalibration of the developer’s role in software security. We are about to see a new wave of what I call developer enablement.

Continue Reading...

Posted in Developer Enablement | Comments Off on Moving beyond ‘moving left’: The case for developer enablement

 

Make a new year’s resolution to get serious about software security

Resolutions are nice, but if want to get serious about software security, you can follow some basic steps on to turn your resolution into reality.

Continue Reading...

Posted in Application Security | Comments Off on Make a new year’s resolution to get serious about software security

 

If you’re only as strong as your allies, should you trust third-party code?

The original version of this post was published on SecurityWeek.

Continue Reading...

Posted in Open Source Security | Comments Off on If you’re only as strong as your allies, should you trust third-party code?

 

A spell check equivalent for building security in

The original version of this post was published on SecurityWeek.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Security Training & Awareness, Static Analysis (SAST) | Comments Off on A spell check equivalent for building security in