During Cybersecurity Awareness Month, the Software Integrity Group hosted Security Week 2019, with presentations, guest speakers, and a capture-the-flag.
Posted in News & Announcements, Security Training & Awareness | Comments Off on Synopsys Software Integrity Group Security Week 2019
Learn about five ways to approach risk ranking in vulnerability management, and hear key insights into real-life software security programs from BSIMM10.
Posted in Open Source Security, Software Security Program, Webinars | Comments Off on [Webinars] How to risk rank vulnerabilities, insights from BSIMM10
Learn about the top open source licenses used by developers, including the 20 most popular open source licenses, and their legal risk categories.
Posted in Open Source Security, Software Composition Analysis (SCA) | Comments Off on Top open source licenses and legal risk for developers
Learn how to improve software security using evidence-based standards, and why you should inspect design and code quality during technical due diligence.
Posted in Mergers & Acquisitions, Software Compliance, Quality & Standards, Webinars | Comments Off on [Webinars] Evidence-based security, design and code quality in tech M&A
We’ve gathered some expert opinions about how software engineers can contribute to, improve, and even lead their organization’s software security program.
Posted in Software Security Program | Comments Off on Ask the Experts: How can software engineers support security efforts?
Learn about a better, faster alternative to NVD vulnerability data feeds and how to measure software security effectiveness and use metrics to drive change.
Posted in Open Source Security, Software Security Program, Webinars | Comments Off on [Webinars] NVD data feed alternatives and software security metrics
Developers need software testing tools that are accurate and easy to integrate. Evaluate your tools with this 7-step Software Testing Tools Checklist.
Posted in Developer Enablement | Comments Off on Software Testing Tools Checklist: Do your tools empower your developers?
Learn how agent instrumentation improves fuzz testing of automotive IVI and telematics systems, and about financial services application security.
Posted in Financial Cyber Security, Fuzz Testing, Webinars | Comments Off on [Webinars] Automotive fuzz testing and financial services AppSec
Learn about software due diligence and how to answer your clients’ open source questions in our Black Duck Legal Certification Course.
Posted in Mergers & Acquisitions, Open Source Security, Webinars | Comments Off on [Webinar] Black Duck Legal Certification Course
MITRE’s 2019 CWE Top 25 list contains many code quality issues that can result in security vulnerabilities. Static analysis can help you mitigate them.
Posted in Software Compliance, Quality & Standards, Static Analysis (SAST) | Comments Off on Coverity release ties in well to the latest MITRE CWE Top 25
