Software Integrity Blog

Author Archive

Jim Ivers

jivers

Jim Ivers is the senior director of marketing within Synopsys' Software Integrity Group where he leads all aspects of SIG's global marketing strategies, branding initiatives, and programs, as well as product management and product marketing. Jim is a 30-year technology veteran who has spent the last ten years in IT security. Prior to Synopsys, Jim was the CMO at companies such as Cigital, Covata, Triumfant, Vovici, and Cybertrust, a $200M security solutions provider that was sold to Verizon Business. Jim also served as VP of Marketing for webMethods and VP of Product Management for Information Builders.


Posts by Jim Ivers:

 

The latest must-have car accessory: Security

Originally posted on SecurityWeek Fall is a great time of year. The kids go back to school. The weather begins to cool and the leaves change. Lord Football returns to his autumnal throne. Television shows return for a new season. Fall is also the traditional time when the automakers release their model year vehicles. Amid […]

Continue Reading...

Posted in Internet of Things | Comments Off on The latest must-have car accessory: Security

 

Embracing the security benefits of the cloud infrastructure

Originally posted on SecurityWeek Less than ten minutes driving west from my home, you encounter a vast expanse of large, windowless buildings. Situated near them are impressive physical plants dedicated to cooling these buildings and providing back-up power in the case of a power failure. Whenever I drive past these complexes I always point them […]

Continue Reading...

Posted in Cloud Security | Comments Off on Embracing the security benefits of the cloud infrastructure

 

How connected cars are driving greater security concerns

Originally posted on SecurityWeek Early in 2001, before I was even in the IT Security business, I saw a glimpse of the future. While at a CIO conference dinner, I started talking to a gentleman who was responsible for the IT infrastructure behind an emerging new service called OnStar. The conversation soon turned to the […]

Continue Reading...

Posted in Internet of Things | Comments Off on How connected cars are driving greater security concerns

 

The IoT sky is falling: How being connected makes us insecure

Originally posted on SecurityWeek The first chunk of actual sky recently slammed into the ground with a resounding thud. The security community has been actively telling the world that the Internet of Things (IoT) is ripe for compromise and exploitation. Unfortunately, the public has shoved aside these “Chicken Little” warnings in hopes of getting all […]

Continue Reading...

Posted in Cloud Security, Internet of Things | Comments Off on The IoT sky is falling: How being connected makes us insecure

 

Are your applications really protected? It’s all about the pivot

Originally posted on SecurityWeek Hackers are human. Hopefully that doesn’t surprise you too much. Being human means that they are subject to human tendencies, like taking the path of least resistance. To a hacker, this means avoiding the most protected way to an asset. They know that no one can simply walk into the room […]

Continue Reading...

Posted in Agile, CI/CD & DevOps | Comments Off on Are your applications really protected? It’s all about the pivot

 

Security: A true crown jewel of software

Originally posted on SecurityWeek A journalist asked me an interesting question this week: “Why doesn’t the Agile Manifesto address security?” After some thought, I think I have a good answer. It does. Recently, I’ve been carefully reviewing “The Manifesto for Agile Software Development,” the seminal document for agile development principles. The document, better known as […]

Continue Reading...

Posted in Agile, CI/CD & DevOps | Comments Off on Security: A true crown jewel of software

 

Mythbusting: How good security practices complement developer productivity

Originally posted on SecurityWeek I coded my first program in the late 70’s on tape and wrote a macro-assembler on punch cards with extra credit for completing the task with a single box of cards. Since those bygone days, development has gone through an endless series of massive, convulsive change. But one thing has remained […]

Continue Reading...

Posted in Agile, CI/CD & DevOps, Static Analysis (SAST) | Comments Off on Mythbusting: How good security practices complement developer productivity

 

ATMs to IoT: The generational divide of digital trust

Originally posted on SecurityWeek The former CISO of a large intelligence community agency once told me, “The number one challenge in IT Security is the carbon-based life form.” Needless to say, that comment has stuck with me as I read articles daily about hacks with their genesis found in credentials lifted from phishing schemes. Given […]

Continue Reading...

Posted in Data Breach, Financial Services Security, Internet of Things, Maturity Model (BSIMM) | Comments Off on ATMs to IoT: The generational divide of digital trust

 

SAST and DAST: Part of a balanced software security initiative

Originally posted on SecurityWeek “…is part of this balanced breakfast…” This is the claim of many sugary cereals aimed directly at children. It is also the claim of many vendors in the software security market. Selling cereal targeting children is an interesting proposition. To make the adults that ultimately have to buy the cereal feel […]

Continue Reading...

Posted in Software Security Initiative (SSI), Static Analysis (SAST), Web Application Security | Comments Off on SAST and DAST: Part of a balanced software security initiative

 

Building security into IoT software development

IoT will create a surge in software development that will be unprecedented in scope and reach. Why? It’s simple.

Continue Reading...

Posted in Internet of Things | Comments Off on Building security into IoT software development