Posts by Synopsys Editorial Team:
What is IAST? Interactive application security testing is an emerging technology that is transforming the way organizations secure their web apps at the speed of DevOps. IAST automatically and continuously scans apps during QA testing to detect security vulnerabilities earlier in the SDLC than traditional DAST or pen testing solutions—when it’s easier, faster, and cheaper […]
Continue Reading...
Posted in Interactive Application Security Testing (IAST) | Comments Off on Webinar: The future of application security: Enable DevSecOps with IAST
Synopsys is well-known for our software integrity portfolio: integrated testing tools, managed services, professional services, and developer education. But products, services, and training aren’t all we offer. We also perform hundreds of Black Duck On-Demand open source audits every year. And all that audit data fuels the open source security research and vulnerability analysis we […]
Continue Reading...
Posted in Synopsys Culture | Comments Off on Open Source Security Research Group gets a new office
You may have heard about the zero-day vulnerability in the Tor Browser that was disclosed yesterday. It’s a big deal, and not just because of the ethics of buying and selling undisclosed vulnerabilities. Many people who use Tor Browser do so because of the privacy and security protections it offers—protections that the vulnerability had threatened […]
Continue Reading...
Posted in Application Security, Software Security Testing | Comments Off on What’s so special about zero-day vulnerabilities?
The latest release of Coverity by Synopsys features seamless integration with our completely rebuilt eLearning platform, an on-demand developer training solution focusing on secure coding best practices and security guidance. On-demand developer training enables development teams Synopsys eLearning is an outcome-driven, learner-centric training solution that makes learning about security easy, relevant, and accessible. With eLearning, learners […]
Continue Reading...
Posted in Application Security, eLearning, Static Analysis (SAST) | Comments Off on Coverity now features integrated on-demand developer training
Infosecurity Europe is one of the leading information security events in Europe. The annual event, taking place this year from 5-7 June, brings together over 19,500 information security professionals, over 400 exhibitors showcasing the most cutting edge information security solutions, and thought leaders from around the globe. This year, Synopsys technical evangelist, Tim Mackey (@TiminTech), […]
Continue Reading...
Posted in Containers, Security Conference or Event | Comments Off on Establishing technology trust at Infosecurity Europe 2018
Download Infographic
Continue Reading...
Posted in Open Source Security | Comments Off on Infographic: Highlights from the 2018 Open Source Security and Risk Analysis Report
2017 was a tumultuous year in the world of open source software. A massive data breach at Equifax exposed millions of U.S., U.K., and Canadian residents’ sensitive personal and financial information and gained widespread media attention. As open source software becomes embedded in our everyday lives, not only through our phones and computers but through […]
Continue Reading...
Posted in Open Source Licenses, Open Source Security | Comments Off on Open source report exposes management gaps after turbulent 2017
Containers have restructured the way we think about our infrastructure, bringing development and operations teams closer together than ever before, and placing applications center stage in the infrastructure environment. Teams are massively scaling containerized deployments with Kubernetes and Kubernetes-based solutions, like Red Hat’s enterprise-grade container orchestration platform, OpenShift Container Platform. But in containerized deployments, because […]
Continue Reading...
Posted in Black Duck by Synopsys, Containers | Comments Off on Announcing OpsSight Container Security 2.0 GA
Download infographic
Continue Reading...
Posted in Application Security, CI/CD, DevOps | Comments Off on Infographic: What’s with the security / DevOps disconnect?
According to a new study conducted by 451 Research and Synopsys, security in DevOps processes is lagging despite advantages and opportunities. While many organizations are still in the early days of replacing organizational silos with DevOps teams implementing continuous integration and continuous delivery (CI/CD) workflows, the benefits of streamlined, collaborative development approaches are clear: They […]
Continue Reading...
Posted in DevOps | Comments Off on A new study finds that security in DevOps processes is lagging
