Software Integrity Blog

Author Archive

Jim Ivers

jivers

Jim Ivers is the senior director of marketing within Synopsys' Software Integrity Group where he leads all aspects of SIG's global marketing strategies, branding initiatives, and programs, as well as product management and product marketing. Jim is a 30-year technology veteran who has spent the last ten years in IT security. Prior to Synopsys, Jim was the CMO at companies such as Cigital, Covata, Triumfant, Vovici, and Cybertrust, a $200M security solutions provider that was sold to Verizon Business. Jim also served as VP of Marketing for webMethods and VP of Product Management for Information Builders.


Posts by Jim Ivers:

 

Hide and seek: The game of security breach detection and disclosure

Since the launch of the popular Verizon Breach Investigations Report (VBIR) and its subsequent imitators, I have been asking what I believe to be a simple and fundamental question: Do the reported breaches actually just represent attacks that are less well-conceived and/or constructed? The basic assumption is that these reports include these breaches because they […]

Continue Reading...

Posted in Data Breach, Maturity Model (BSIMM) | Comments Off on Hide and seek: The game of security breach detection and disclosure

 

The VTech toy hack: What you need to know

News recently broke that toy manufacturer VTech was breached, exposing over 6M records of customer data, some related to children. The news is generating concerns about the Internet of Things (IoT) and consumer privacy. Putting personal information into a website is not new. People rarely walk into a bank, and online shopping is at an all-time […]

Continue Reading...

Posted in Data Breach, Internet of Things | Comments Off on The VTech toy hack: What you need to know

 

Can you afford not to implement security training?

Given enough time, it’s easy to talk yourself out of making the investment in training for your staff. Organizations that take the long view recognize that software security training is an investment that yields critical returns to both the organization and to the staff. Training directly impacts key metrics like bug density ratios and time […]

Continue Reading...

Posted in Maturity Model (BSIMM), Security Training | Comments Off on Can you afford not to implement security training?

 

5 ways to pay your technical debt back

Benjamin Franklin once said there were only two things certain in life: death and taxes—unless you’re responsible for information security, of course. In that case, you can add a third, technical debt. However, instead of discussing the general concept of technical debt, let’s talk about: The three areas you incur debt The five ways you […]

Continue Reading...

Posted in General | Comments Off on 5 ways to pay your technical debt back

 

Why managed application security services?

Firms often debate on whether it’s better to do dynamic testing in-house or to outsource the work. Only you can decide what’s best for your organization, but we’ve listed four benefits to working with a managed services partner like Synopsys before you consider before making your decision. On-demand testing. The Synopsys portal empowers on-demand testing […]

Continue Reading...

Posted in General | Comments Off on Why managed application security services?

 

Samsung SwiftKey: The latest AppSec vulnerability highlights

The Samsung smartphone SwiftKey security slip-up grabbed headlines in mid-June when it was discovered that 600 million Samsung smartphones were vulnerable to remote code execution (RCE) attacks. Synopsys security experts were all over the issue, providing analysis of the problem and guidance to help organizations avoid the same common software design flaws. Jim DelGrosso explained […]

Continue Reading...

Posted in Mobile Application Security, Software Architecture and Design | Comments Off on Samsung SwiftKey: The latest AppSec vulnerability highlights

 

Breach in healthcare data: One step too far

I am a victim. One of every nine of you is also a victim. I am an Anthem customer, and according to CSO: “one in nine Americans have medical coverage through one of Anthem’s affiliated plans” (CSO, “Anthem: How does a breach like this happen?”, Steve Ragan). It is not just the scope of the […]

Continue Reading...

Posted in Data Breach, Healthcare Security | Comments Off on Breach in healthcare data: One step too far