Software Integrity Blog

Author Archive

Patrick Carey

patrick-carey

Patrick is Director of Product Marketing for Synopsys Software Integrity Group where he is laser focused on bringing solutions to market that help development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity.


Posts by Patrick Carey:

 

Did lack of visibility into Apache Struts lead to the Equifax breach?

As most of you are aware, last Friday news broke of a major data breach at Equifax. As one of the major credit reporting agencies, Equifax maintains a vast amount of sensitive personal and financial information for residents of the United States and the United Kingdom, and this breach is reported to have compromised the […]

Continue Reading...

Posted in Data Breach, Open Source Security | Comments Off on Did lack of visibility into Apache Struts lead to the Equifax breach?

 

Introducing Black Duck CoPilot

Today we’re happy to announce the release of Black Duck CoPilot by Synopsys (https://copilot.blackducksoftware.com/), a new cloud service that helps open source project teams catalog and report on their project’s dependencies and vulnerabilities. What is CoPilot and what does it do? Black Duck CoPilot is FREE for open source developers who use GitHub.com (the #1 […]

Continue Reading...

Posted in Agile, CI/CD & DevOps, Cloud Security | Comments Off on Introducing Black Duck CoPilot

 

Is software composition analysis compatible with Agile DevOps?

  You can integrate SCA with your DevOps environment if you choose your tools wisely. Last month Forrester Research published their first-ever Wave for Software Composition Analysis (SCA). Wave’s provide enterprise IT and development teams with Forrester’s assessment of the state of the vendor landscape, grading vendors on their strategy, solution, and market presence. Vendors are […]

Continue Reading...

Posted in Agile, CI/CD & DevOps, Software Composition Analysis | Comments Off on Is software composition analysis compatible with Agile DevOps?

 

Do you have the right tools in your application security toolkit?

RSA Conference 2017 is just a few weeks away and all you need to do to get a sense of the mind-boggling array of security solutions on the market is to take a walk through one of the two massive expo halls. Even if your search is focused on application security solutions, the wide variety […]

Continue Reading...

Posted in Static Analysis (SAST), Web Application Security | Comments Off on Do you have the right tools in your application security toolkit?