Software Integrity Blog

Author Archive

Meera Rao

msubbarao

Meera Rao (Subbarao) is a senior principal consultant and the director of the secure development practice. She has over 20 years of experience in software development organizations in a variety of roles including Architect, Lead Developer, Project Manager, and Security Architect. Meera has overseen and performed secure code reviews, static analysis implementations, architectural risk analyses, secure design reviews, and threat modeling of systems built from a few thousand lines of code to systems containing tens of millions of lines of code. She has developed multiple Synopsys training courses and is a certified instructor in architectural risk analysis, threat modeling, and more.


Posts by Meera Rao:

 

Intelligent Orchestration and Code Dx: Security superheroes

Building security into DevOps has its challenges. Address them with a modern approach to AppSec using Intelligent Orchestration and Code Dx.

Continue Reading...

Posted in Building secure software

 

How to remove friction in DevOps with Intelligent Orchestration partner integrations

Explore the Intelligent Orchestration partner integrations for CloudBees Jenkins, GitHub Actions, SonarQube, and Atlassian.

Continue Reading...

Posted in Agile, CI/CD, & DevOps, Building secure software, News & Announcements

 

DevSecOps at scale and speed with Intelligent Orchestration

AppSec shouldn’t compromise velocity. Learn how Intelligent Orchestration optimizes AppSec testing while removing complexity from DevOps toolchains.

Continue Reading...

Posted in Agile, CI/CD, & DevOps, Featured, News & Announcements, Security news and research

 

Take the #ChooseToChallenge pledge for International Women’s Day

In celebration of this year’s International Women’s Day, we look at ways to challenge today’s workforce to build a more gender-equal world.

Continue Reading...

Posted in Application Security, Security news and research

 

How to integrate automated AST tools in your CI/CD pipeline

Selecting AST tools for your CI/CD pipeline requires an understanding of where to integrate and how to configure your tools to get the most out of your investments.

Continue Reading...

Posted in Agile, CI/CD, & DevOps, Building secure software

 

Common security challenges in CI/CD workflows

What are the most common security challenges in CI/CD workflows? Organizations report CI/CD security challenges related to tools, approach, speed, false positives, developer resistance, and compliance.

Continue Reading...

Posted in Agile, CI/CD, & DevOps, Managing security risks, Static Analysis (SAST)

 

How to integrate SAST into the DevSecOps pipeline in 5 simple steps

To build a sustainable program, integrate SAST tools into your DevSecOps pipeline, and automate them for efficiency, consistency, and early detection.

Continue Reading...

Posted in Agile, CI/CD, & DevOps, Building secure software, Static Analysis (SAST)

 

In support of the #MentorHer movement

Last month, while I was in Bengaluru, India, for work, our HR manager for Asia asked me to address Synopsys women on women’s empowerment. I prepared a simple 10-slide presentation that outlined the key challenges I faced as a woman, how I had overcome them, and how the mentorship program at Cigital, now Synopsys, had a huge impact on my success.

Continue Reading...

Posted in Agile, CI/CD, & DevOps

 

Building your DevSecOps pipeline: 5 essential activities

This checklist describes the purpose, benefits, key enablers, and use cases of the top five key elements of the DevSecOps pipeline. Get started now.

Continue Reading...

Posted in Agile, CI/CD, & DevOps, Building secure software

 

How to build security into the DevOps life cycle

As a kid, I often traveled by train in India. I always wondered what would happen if I pulled the chain under the sign that read, “To Stop Train, Pull Chain.” My parents warned me that it would cost them a fortune to pay the fine and that I’d be taken away by the police. Even though it scared me as a child, I was still tempted by the thrill of pulling that chain.

Continue Reading...

Posted in Agile, CI/CD, & DevOps