Learn how to improve software security using evidence-based standards, and why you should inspect design and code quality during technical due diligence.
Posted in Mergers & Acquisitions, Security Standards and Compliance, Webinars | Comments Off on [Webinars] Evidence-based security, design and code quality in tech M&A
We’ve gathered some expert opinions about how software engineers can contribute to, improve, and even lead their organization’s software security program.
Posted in Featured, Maturity Model (BSIMM) | Comments Off on Ask the Experts: How can software engineers support security efforts?
Learn about a better, faster alternative to NVD vulnerability data feeds and how to measure software security effectiveness and use metrics to drive change.
Posted in Maturity Model (BSIMM), Open Source Security, Webinars | Comments Off on [Webinars] NVD data feed alternatives and software security metrics
Developers need software testing tools that are accurate and easy to integrate. Evaluate your tools with this 7-step Software Testing Tools Checklist.
Posted in Developer Enablement | Comments Off on Software Testing Tools Checklist: Do your tools empower your developers?
Learn how agent instrumentation improves fuzz testing of automotive IVI and telematics systems, and about financial services application security.
Posted in Financial Services Security, Fuzz Testing, Webinars | Comments Off on [Webinars] Automotive fuzz testing and financial services AppSec
Learn about software due diligence and how to answer your clients’ open source questions in our Black Duck Legal Certification Course.
Posted in Mergers & Acquisitions, Open Source Security, Webinars | Comments Off on [Webinar] Black Duck Legal Certification Course
MITRE’s 2019 CWE Top 25 list contains many code quality issues that can result in security vulnerabilities. Static analysis can help you mitigate them.
Posted in Quality & Compliance, Security Standards and Compliance, Static Analysis (SAST) | Comments Off on Coverity release ties in well to the latest MITRE CWE Top 25
We’re thrilled that Andrew van der Stock, senior principal consultant at Synopsys, has won an SC Media Reboot Leadership Award for Outstanding Educators.
Posted in News & Announcements | Comments Off on Synopsys consultant wins a leadership award from SC Media
Do you have questions about fuzz testing? We’ve got answers, explanations, and recommendations from our last webinar on fuzzing using agent instrumentation.
Posted in Automotive Security, Fuzz Testing, Webinars | Comments Off on Q&A: Fuzz testing, agent instrumentation, and Defensics
BSIMM10 compiles a decade of research on software security activities in real-life firms into a guide for maturing your software security initiative.
Posted in Featured, Maturity Model (BSIMM), News & Announcements | Comments Off on BSIMM10: A decade of research on software security activities