Nov 27, 2023/4 min read Consolidate insight to enhance risk management By Shandra Gemmiti Tags: Software Integrity, Build Secure Software, Manage Security Risks
Nov 21, 2023/5 min read Audited vs. automated: What your automated open source tool isn't seeing By Susan Miller, Don Mulrenan, Rich Kosinski Tags: SCA, M&A, Software Integrity, Build Secure Software, OSS License Compliance
Nov 20, 2023/1 min read Building Security in Podcast: Cloud, AI, and quantum computing By Synopsys Editorial Team Tags: Software Integrity, DevSecOps, Cloud Security
Nov 14, 2023/3 min read Software Vulnerability Snapshot Report Findings By Fred Bals Tags: DAST, Software Integrity, Security News & Research, Pen Testing, Web AppSec
Nov 14, 2023/4 min read Why cross-site scripting still matters By Charlotte Freeman Tags: Software Integrity, Program Strategy & Planning, Build Secure Software, AppSec Best Practices, Web AppSec, Manage Security Risks
Nov 07, 2023/7 min read Critical aspects of a secure software supply chain By Mike McGuire Tags: Software Integrity, Software Supply Chain
Oct 30, 2023/6 min read Secure cloud-native apps and APIs at the speed your business demands By Kimm Yeo Tags: Software Integrity, Build Secure Software, IAST, Cloud Security, Manage Security Risks
Oct 27, 2023/3 min read SBOMs and SPDX: Now and in the future By Gary O’Neall Tags: M&A, Software Integrity, Software Supply Chain, OSS License Compliance
Oct 23, 2023/7 min read Bridging the gap between pentesting and automated scanners with business logic assessments By Vishrut Iyengar Tags: Software Integrity, Manage Security Risks
Oct 18, 2023/2 min read DevSecOps Report: ASPM and its impact on software security By Fred Bals Tags: Software Integrity, Security News & Research, DevSecOps
Oct 13, 2023/3 min read The hidden business risks of technical debt in mergers and acquisitions By Synopsys Editorial Team Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance
Oct 12, 2023/1 min read Building Security In Podcast: Future State Challenges By Synopsys Editorial Team Tags: Software Integrity, DevSecOps
Oct 11, 2023/4 min read How to respond to the curl and libcurl vulnerabilities By Matthew Hogg Tags: Software Integrity, Security News & Research, CyRC, Manage Security Risks
Oct 10, 2023/2 min read Deep Dive: 2023 Global State of DevSecOps Report By Fred Bals Tags: Software Integrity, Security News & Research, DevSecOps
Oct 09, 2023/2 min read Preparing for critical libcurl and curl vulnerabilities (CVE-2023-38545) By Mike McGuire Tags: Software Integrity, Security News & Research, Manage Security Risks
Oct 04, 2023/8 min read CyRC Vulnerability Analysis: XML external entity injection vulnerability in OpenNMS By Moshe Apelbaum Tags: Software Integrity, CyRC, Manage Security Risks
Sep 26, 2023/4 min read Integrations to elevate your DevSecOps program By Charlotte Freeman Tags: Software Integrity, DevSecOps, Manage Security Risks
Sep 22, 2023/3 min read From diligence to integration: How software audits inform post-close M&A strategies By Synopsys Editorial Team Tags: M&A, Software Integrity, OSS License Compliance
Sep 21, 2023/1 min read Defensics extends fuzzing capabilities for IoT markets By Synopsys Editorial Team Tags: Software Integrity, Fuzzing, Security News & Research
Sep 19, 2023/3 min read Forrester recognizes Synopsys as a Leader in static application security testing By Corey Hamilton Tags: Software Integrity, Security News & Research, SAST
Sep 19, 2023/4 min read Automate security: DevOps integrations for risk detection and remediation By Charlotte Freeman Tags: Software Integrity, Build Secure Software, DevSecOps
Sep 18, 2023/5 min read National Coding Week: Closing the skills gap with secure code training By Taylor Armerding Tags: Software Integrity, Build Secure Software, Training, DevSecOps
Sep 08, 2023/2 min read Black Duck audits reporting update: Streamlined view of risks and remediation steps By Synopsys Editorial Team Tags: M&A, Software Integrity, Compliance
Sep 07, 2023/5 min read How to safeguard your AI ecosystem: The imperative of AI/ML security assessments By John Waller Tags: Software Integrity, Build Secure Software, DevSecOps
Sep 05, 2023/2 min read CyRC Vulnerability Advisory: CVE-2023-2453 Local File Inclusion in Forum Infusion and CVE-2023-4480 Arbitrary File Read in Fusion File Manager By Matthew Hogg Tags: Software Integrity, CyRC
Aug 31, 2023/5 min read What capabilities are critical to the success of your AppSec program? By Patrick Carey Tags: Software Integrity, Security News & Research, Build Secure Software, Software Supply Chain, Manage Security Risks
Aug 31, 2023/3 min read The SANS report: The dynamics of DevSecOps By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, DevSecOps
Aug 25, 2023/4 min read The parallels of AI and open source in software development By Phil Odence Tags: M&A, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance
Aug 24, 2023/7 min read How to make the future IoT more secure By Taylor Armerding Tags: Software Integrity, Build Secure Software, Pen Testing, Training, Internet of Things
Aug 22, 2023/1 min read Building Security In Podcast: New strategies for managing risk By Synopsys Editorial Team Tags: Software Integrity, DevSecOps
Aug 16, 2023/6 min read Solving cross-platform DevSecOps challenges with Synopsys By Synopsys Editorial Team Tags: Software Integrity, DevSecOps
Aug 16, 2023/2 min read Eliminate false positives with WhiteHat Dynamic By Charlotte Freeman Tags: DAST, Software Integrity, Manage Security Risks
Aug 15, 2023/1 min read CyRC Vulnerability Advisory: CVE-2023-0871 Vulnerability in OpenNMS Horizon By Synopsys Editorial Team Tags: Software Integrity, CyRC
Aug 11, 2023/1 min read The rise of AI in software development By Phil Odence Tags: M&A, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance
Aug 10, 2023/5 min read Introducing Synopsys AI code analysis API By Synopsys Editorial Team Tags: SCA, Software Integrity, Manage Security Risks, OSS License Compliance
Aug 08, 2023/2 min read Synopsys and NowSecure join forces By Vishrut Iyengar Tags: Software Integrity, Mobile
Aug 08, 2023/3 min read Developer-first security to prevent downstream risks By Steven Zimmerman Tags: Software Integrity
Aug 01, 2023/3 min read Simplify AppSec program management with Software Risk Manager By Natasha Gupta Tags: Software Integrity, DevSecOps, Orchestration & Correlation
Jul 28, 2023/3 min read Software due diligence for PE & VC investors By Zvi Levitas Tags: M&A, Software Integrity, Compliance, OSS License Compliance
Jul 25, 2023/1 min read Compliance? WhiteHat™ Dynamic has you covered By Charlotte Freeman Tags: DAST, Software Integrity, Manage Security Risks
Jul 24, 2023/3 min read Avoiding pitfalls when integrating AppSec for DevOps By Charlotte Freeman Tags: Software Integrity, DevSecOps
Jul 17, 2023/2 min read The Polaris platform is redefining secure development By Charlotte Freeman Tags: Software Integrity, DevSecOps, Cloud Security, Manage Security Risks
Jul 16, 2023/1 min read Building Security In Podcast: Machine Learning + AI By Synopsys Editorial Team Tags: Software Integrity, DevSecOps
Jul 14, 2023/2 min read Why nontechnical organizations need due diligence By Don Mulrenan Tags: M&A, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance
Jul 11, 2023/3 min read AppSec integrations enable a more secure SDLC By Charlotte Freeman Tags: Software Integrity, DevSecOps
Jul 10, 2023/5 min read Consolidation: The wave of the (AST) future By Jim Ivers Tags: Software Integrity, Program Strategy & Planning, DevSecOps, Manage Security Risks
Jul 07, 2023/2 min read CyRC Vulnerability of the Month: curl By Black Duck Security Advisory Team Tags: Software Integrity, Security News & Research, CyRC
Jul 05, 2023/6 min read Challenges of interoperability in fuzz testing By Kari Hulkko Tags: Software Integrity, Fuzzing
Jun 30, 2023/2 min read Defending against malicious packages in the npm ecosystem and beyond By Fred Bals Tags: SCA, Software Integrity, Manage Security Risks
Jun 27, 2023/8 min read Creating a well-rounded Microsoft 365 security program By John Waller Tags: Software Integrity, Build Secure Software, Cloud Security
Jun 26, 2023/6 min read 2023 OSSRA deep dive: High-risk vulnerabilities By Fred Bals Tags: Software Integrity, Manage Security Risks, OSS License Compliance
Jun 25, 2023/1 min read Podcast: The current state of DevOps By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Program Strategy & Planning, AppSec Best Practices, DevSecOps
Jun 23, 2023/1 min read FDA: SBOMs requirement for connected medical devices By Julie Courtnay Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance
Jun 15, 2023/3 min read Continuous scanning in your production environment is more important than ever By Vishrut Iyengar Tags: DAST, Software Integrity, DevSecOps
Jun 11, 2023/3 min read Forrester recognizes Synopsys as a Leader in software composition analysis By Mike McGuire Tags: SCA, Software Integrity, Security News & Research
Jun 08, 2023/1 min read AppSec Decoded: Ease of use with Polaris By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, DevSecOps
Jun 08, 2023/4 min read Software quality: Diligence prep for sellers By Chris Boyd Tags: M&A, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance
Jun 05, 2023/4 min read Enhancing cloud security posture with an effective cloud governance framework By Synopsys Editorial Team Tags: Software Integrity, Cloud Security, Manage Security Risks
Jun 01, 2023/1 min read CyRC Vulnerability Advisory: CVE-2023-32353, Apple iTunes local privilege escalation on Windows By Zeeshan Shaikh Tags: Software Integrity, Security News & Research, CyRC
Jun 01, 2023/3 min read Fuzz Testing and Medical Devices By John McShane Tags: Software Integrity, Fuzzing, Medical Devices
May 31, 2023/1 min read Synopsys named in 2023 Fortress Cyber Security Awards By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
May 26, 2023/2 min read Connecting the dots: Development + business risk + due diligence By Phil Odence Tags: M&A, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance
May 24, 2023/1 min read AppSec Decoded: Easy to scale with Polaris By Synopsys Editorial Staff Tags: Software Integrity, Build Secure Software, DevSecOps
May 22, 2023/3 min read Synopsys named a Leader in the 2023 Gartner® Magic Quadrant™ for Application Security Testing for the seventh year By Jason Schmitt Tags: Software Integrity, Security News & Research, Build Secure Software, Software Supply Chain, Manage Security Risks
May 17, 2023/4 min read Detection strategies to unmask the source of malicious code By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software
May 17, 2023/2 min read Eliminate malicious code in your software supply chain By Synopsys Editorial Team Tags: Software Integrity, Software Supply Chain
May 17, 2023/8 min read Top open source licenses and legal risk for developers By Synopsys Editorial Team Tags: SCA, Software Integrity, OSS License Compliance
May 11, 2023/2 min read The importance of software due diligence for private equity firms By Umer Palla Tags: M&A, Software Integrity, OSS License Compliance
May 10, 2023/4 min read 2023 OSSRA deep dive: jQuery and open source security By Fred Bals Tags: SCA, Software Integrity, Software Supply Chain, OSS License Compliance
May 08, 2023/1 min read CRN’s 2023 Women of the Channel Awards list By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
May 07, 2023/6 min read A deep-dive on Pluck CMS vulnerability CVE-2023-25828 By Matthew Hogg Tags: Software Integrity, Security News & Research, CyRC
May 01, 2023/2 min read CyRC Vulnerability Advisory: CVE-2023-25826 and CVE-2023-25827 in OpenTSDB By Jamie Harris Tags: Software Integrity, Security News & Research, CyRC
Apr 27, 2023/4 min read Fuzz testing for connected and autonomous vehicles By Dr. Dennis Kengo Oka Tags: Software Integrity, Fuzzing, Manage Security Risks, Automotive
Apr 27, 2023/3 min read Software due diligence in M&A: Key considerations and risks By Kevin Collins Tags: M&A, Software Integrity, OSS License Compliance
Apr 25, 2023/1 min read AppSec Decoded: Evaluating threats with threat modeling risk analysis By Synopsys Editorial Team Tags: Software Integrity, Threat Modeling, Manage Security Risks
Apr 25, 2023/6 min read Cloud detection and response, a key asset for cloud security By John Waller Tags: Software Integrity, Cloud Security, Manage Security Risks
Apr 25, 2023/3 min read Fast application security testing with the Polaris platform By Charlotte Freeman Tags: Agile, CI/CD, Software Integrity, DevSecOps, Manage Security Risks
Apr 25, 2023/3 min read We’re one step closer to knowing how to comply with EO 14028 By Tim Mackey Tags: Software Integrity, Security News & Research, Software Supply Chain, AppSec Best Practices, DevSecOps
Apr 24, 2023/6 min read Improving software supply chain security for cloud applications and workloads By Synopsys Editorial Team Tags: SCA, Software Integrity, Software Supply Chain, Cloud Security
Apr 20, 2023/5 min read Friend or foe: AI chatbots in software development By Taylor Armerding Tags: Software Integrity, Security News & Research, Program Strategy & Planning
Apr 20, 2023/1 min read AppSec Decoded: Creating an attack model in threat modeling By Synopsys Editorial Team Tags: Software Integrity, Threat Modeling, Manage Security Risks
Apr 18, 2023/3 min read Polaris integrations: Secure development at the speed of business By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, DevSecOps, Manage Security Risks
Apr 13, 2023/2 min read Black Duck SCA vs. Black Duck Audit Services By Steven Power Tags: M&A, Software Integrity, OSS License Compliance
Apr 13, 2023/1 min read AppSec Decoded: Creating a system model in threat modeling By Synopsys Editorial Team Tags: Software Integrity, Threat Modeling, Manage Security Risks
Apr 12, 2023/5 min read Improving cloud security posture with infrastructure-as-code By Monika Chakraborty Tags: Software Integrity, Build Secure Software, IAST, Cloud Security
Apr 11, 2023/5 min read What pen testing can tell you about the health of your SDLC By Charlotte Freeman Tags: Software Integrity, Build Secure Software, Pen Testing
Apr 10, 2023/2 min read Container security essentials By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, Cloud Security, Container Security
Apr 03, 2023/1 min read AppSec Decoded: Scoping + data gathering in threat modeling By Synopsys Editorial Team Tags: Software Integrity, Threat Modeling, Manage Security Risks
Apr 03, 2023/4 min read Polaris: Your no-compromise SaaS AST solution By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, DevSecOps, Manage Security Risks
Apr 01, 2023/1 min read OWASP Top 10: Security misconfiguration By Synopsys Cybersecurity Research Center Tags: Software Integrity, Security News & Research, CyRC
Mar 26, 2023/2 min read Synopsys Global Partner Program Receives CRN® 5-Star Rating for Second Consecutive Year By Fred Bals Tags: Software Integrity, Security News & Research
Mar 23, 2023/5 min read Assessing design quality for better software due diligence By Ashwin Ala Tags: M&A, Software Integrity, Manage Security Risks
Mar 23, 2023/1 min read CyRC Vulnerability Advisory: CVE-2023-25828 Authenticated Remote Code Execution in Pluck CMS By Matthew Hogg Tags: Software Integrity, Security News & Research, CyRC
Mar 22, 2023/5 min read Production-safe DAST: Your secret weapon against threat actors By Vishrut Iyengar Tags: DAST, Software Integrity, Build Secure Software
Mar 19, 2023/6 min read Automate your DevSecOps to take the pressure off triage By Steven Zimmerman Tags: Software Integrity, Build Secure Software, DevSecOps
Mar 15, 2023/7 min read AppSec Decoded: Continuous AppSec testing in DevSecOps with Seeker IAST By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, IAST, DevSecOps
Mar 14, 2023/1 min read OWASP Top 10: Insecure design By Synopsys Cybersecurity Research Center Tags: Software Integrity, Security News & Research
Mar 11, 2023/5 min read DevSecOps uses policy to take the pressure off testing By Charlotte Freeman Tags: Software Integrity, Security News & Research, DevSecOps, Orchestration & Correlation
Mar 10, 2023/3 min read Static analysis + penetration testing = More than the sum of their parts By Phil Odence Tags: M&A, Software Integrity, Security News & Research
Mar 07, 2023/2 min read Secure software development for modern vehicles By Dr. Dennis Kengo Oka Tags: Software Integrity, Security News & Research, Compliance, Automotive
Mar 01, 2023/1 min read AppSec Decoded: Managing your open source risks By Synopsys Editorial Team Tags: SCA, Software Integrity, Security News & Research, Software Supply Chain
Mar 01, 2023/1 min read OWASP Top 10: Injection By Synopsys Cybersecurity Research Center Tags: Software Integrity, Security News & Research, CyRC
Feb 27, 2023/5 min read Instantly scalable dynamic application security testing By Vishrut Iyengar Tags: DAST, Software Integrity, Manage Security Risks
Feb 26, 2023/1 min read AppSec Decoded: Takeaways from the 2022 “Software Vulnerability Snapshot” report By Synopsys Editorial Team Tags: DAST, Software Integrity, Security News & Research, Pen Testing, Manage Security Risks
Feb 26, 2023/4 min read Take the pressure off coding for your developers By Steven Zimmerman Tags: Software Integrity, Security News & Research, DevSecOps
Feb 24, 2023/1 min read The M&A Open Source Risk Number By Phil Odence Tags: M&A, Software Integrity, OSS License Compliance
Feb 22, 2023/1 min read AppSec Decoded: Open source trends uncovered in the 2023 OSSRA report By Synopsys Editorial Team Tags: SCA, Software Integrity, Software Supply Chain
Feb 20, 2023/4 min read 2023 OSSRA: A deep dive into open source trends By Synopsys Editorial Team Tags: SCA, Software Integrity, Software Supply Chain
Feb 14, 2023/4 min read The step-by-step guide to threat modeling By Charlotte Freeman Tags: Software Integrity, Threat Modeling, Manage Security Risks
Feb 13, 2023/1 min read OWASP Top 10: Cryptographic failures By Synopsys Cybersecurity Research Center Tags: Software Integrity, Build Secure Software, CyRC, Web AppSec
Feb 09, 2023/3 min read Navigating software due diligence with a Black Duck Audit By Steven Power Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance
Feb 08, 2023/3 min read Spotlight on CRED: Benchmarking security with a BSIMM assessment By Synopsys Editorial Team Tags: Software Integrity, Program Strategy & Planning, Threat & Risk Assessment, Manage Security Risks
Feb 06, 2023/1 min read Tom Herrmann of the Synopsys Software Integrity Group recognized as 2023 CRN Channel Chief By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Feb 06, 2023/11 min read CyRC special report: Secure apps? Don’t bet on it By Jonathan Knudsen Tags: SCA, Software Integrity, Security News & Research, Mobile, CyRC
Feb 02, 2023/4 min read CyRC Special Report: How companies fared in the aftermath of Log4Shell By Jonathan Knudsen Tags: SCA, Software Integrity, CyRC
Jan 30, 2023/1 min read CyRC Vulnerability Advisory: CVE-2023-23846 Denial-of-Service Vulnerability in Open5GS GTP Library By Synopsys Editorial Team Tags: Software Integrity, Fuzzing, Security News & Research, CyRC
Jan 29, 2023/4 min read Open source software: A pillar of modern software development By Mike McGuire Tags: SCA, Software Integrity, Software Supply Chain
Jan 26, 2023/5 min read Black Duck’s New Year’s Resolution By Mike McGuire Tags: SCA, Software Integrity, Software Supply Chain
Jan 25, 2023/1 min read Software risks and technical debt: The role of process in determining good software By Phil Odence Tags: M&A, Software Integrity, OSS License Compliance
Jan 22, 2023/6 min read 2023 cybersecurity predictions that should be on your radar By Taylor Armerding Tags: Software Integrity, Security News & Research
Jan 20, 2023/3 min read Prioritizing open source vulnerabilities in software due diligence By Mike McGuire Tags: M&A, Software Integrity, OSS License Compliance
Jan 19, 2023/1 min read OWASP Top 10: Broken access control By Synopsys Cybersecurity Research Center Tags: Software Integrity, Build Secure Software, CyRC
Jan 17, 2023/8 min read Finding hard-coded secrets before you suffer a breach By Ksenia Peguero Tags: SCA, Software Integrity, Build Secure Software, IAST, SAST
Jan 10, 2023/1 min read AppSec Decoded: The research behind the 2022 “Software Vulnerability Snapshot” By Synopsys Editorial Team Tags: DAST, Software Integrity, Security News & Research, Pen Testing
Jan 05, 2023/8 min read How to choose React Native libraries for secure mobile application development By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, Mobile, SAST
Jan 01, 2023/1 min read Cybersecurity Research Center Developer Series: The OWASP Top 10 By Synopsys Cybersecurity Research Center Tags: Software Integrity, Build Secure Software, CyRC, Training
Dec 21, 2022/8 min read The top cyber security stories of 2022 By Taylor Armerding Tags: Software Integrity, Security News & Research, Internet of Things
Dec 14, 2022/4 min read Automating web security testing within your DevOps pipelines By Charlotte Freeman Tags: Software Integrity, Build Secure Software, IAST, DevSecOps
Dec 08, 2022/3 min read SBOM: What’s in your software ingredients list? By Synopsys Editorial Team Tags: M&A, Software Integrity, Software Supply Chain, OSS License Compliance
Dec 06, 2022/5 min read What is the cost of poor software quality in the U.S.? By Mike McGuire Tags: SCA, Software Integrity, Security News & Research, Build Secure Software
Nov 29, 2022/2 min read CyRC Vulnerability Advisory: Remote code execution vulnerabilities in mouse and keyboard apps By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, CyRC
Nov 27, 2022/1 min read AppSec Decoded: Get actionable solutions with DAST By Synopsys Editorial Team Tags: DAST, Software Integrity, Manage Security Risks
Nov 24, 2022/5 min read Custom and variant licenses: What’s in the fine print? By Phil Odence Tags: M&A, Software Integrity, OSS License Compliance
Nov 22, 2022/5 min read Beyond NVD data: Using Black Duck Security Advisories for version accuracy By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, CyRC
Nov 11, 2022/3 min read The top three differences between an open source audit and an open source scan By Umer Palla Tags: M&A, Software Integrity, OSS License Compliance
Nov 09, 2022/11 min read JavaScript security best practices for securing your applications By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, AppSec Best Practices, Training
Nov 08, 2022/5 min read Scalable SAST and SCA in a single solution with Polaris fAST services By Patrick Carey Tags: SCA, Software Integrity, Build Secure Software, DevSecOps, SAST, Manage Security Risks
Nov 04, 2022/3 min read Defensics adds gRPC support for distributed web and mobile application security testing By Synopsys Editorial Team Tags: Software Integrity, Fuzzing, Build Secure Software, Mobile, Web AppSec
Nov 02, 2022/1 min read CyRC Vulnerability Advisory: CVE-2022-43945 buffer overflow vulnerabilities in NFSD By Kari Hulkko Tags: Software Integrity, Security News & Research, CyRC
Oct 31, 2022/4 min read Synopsys Action introduces GitHub Actions integration for developers By Steven Zimmerman Tags: Software Integrity, Build Secure Software, DevSecOps
Oct 28, 2022/4 min read Avoid anaphylactic shock by auditing dependencies in software due diligence By Synopsys Editorial Team Tags: M&A, Software Integrity, OSS License Compliance
Oct 27, 2022/2 min read Experts warn of critical security vulnerability discovered in OpenSSL By Tim Mackey Tags: SCA, Software Integrity, Security News & Research
Oct 25, 2022/6 min read New government directives and persistent threats reinforce urgency of securing software By Synopsys Editorial Team Tags: Software Integrity, Compliance, Public Sector
Oct 16, 2022/2 min read Real-time OWASP vulnerabilities as you code with Code Sight and Rapid Scan Static By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, SAST
Oct 13, 2022/3 min read I have my Black Duck Audit reports; What’s next? By Synopsys Editorial Team Tags: M&A, Software Integrity, OSS License Compliance
Oct 11, 2022/1 min read CyRC Vulnerability Advisory: CVE-2022-39064 IKEA TRÅDFRI smart lighting By Tuomo Untinen, Kari Hulkko Tags: Software Integrity, Fuzzing, Security News & Research, CyRC, Internet of Things
Oct 11, 2022/5 min read Open source dependency best practices for developers By Charlotte Freeman Tags: SCA, Software Integrity, Software Supply Chain, AppSec Best Practices
Oct 10, 2022/1 min read CyRC Vulnerability Advisory: CVE-2022-39065 IKEA TRÅDFRI smart lighting gateway By Tuomo Untinen, Kari Hulkko Tags: Software Integrity, Fuzzing, Security News & Research, CyRC, Internet of Things
Oct 03, 2022/4 min read IDE-based application security for developers in IntelliJ By Steven Zimmerman Tags: SCA, Software Integrity, Build Secure Software, DevSecOps, SAST
Sep 23, 2022/3 min read Commercial software licenses in software due diligence By Synopsys Editorial Team Tags: M&A, Software Integrity, OSS License Compliance
Sep 20, 2022/7 min read BSIMM13: Trends and recommendations to help improve your software security program By Taylor Armerding Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks
Sep 13, 2022/2 min read CyRC Vulnerability Advisory: Denial-of-service vulnerabilities (CVE-2022-39063) in Open5GS By Synopsys Editorial Team Tags: Software Integrity, Fuzzing, Security News & Research, CyRC
Sep 08, 2022/8 min read Smart home under fuzzing By Kari Hulkko Tags: Software Integrity, Fuzzing, Manage Security Risks, Internet of Things
Sep 07, 2022/4 min read Understanding the hows and whys of open source audits By Steven Zimmerman Tags: M&A, Software Integrity, OSS License Compliance
Aug 29, 2022/1 min read AppSec Decoded: Addressing NIST guidelines begins with understanding your risk profile By Synopsys Editorial Team Tags: Software Integrity, Public Sector
Aug 29, 2022/4 min read Establishing trust in your software supply chain with an SBOM By Mike McGuire Tags: SCA, Software Integrity, Software Supply Chain
Aug 28, 2022/4 min read Synopsys and the new Automated Source Code Data Protection Measure have you covered By Charlotte Freeman Tags: Software Integrity, Security News & Research, Compliance
Aug 26, 2022/4 min read What I wish I knew about security when I started programming By Allon Mureinik Tags: Software Integrity, Build Secure Software, Training
Aug 23, 2022/7 min read API authentication and authorization best practices By Charlotte Freeman Tags: Software Integrity, Build Secure Software, Software Supply Chain, AppSec Best Practices, Manage Security Risks
Aug 23, 2022/1 min read AppSec Decoded: The NIST guidance on supply chain risk management By Synopsys Editorial Team Tags: Software Integrity, Software Supply Chain, Public Sector
Aug 18, 2022/3 min read The four most important aspects of software due diligence audits By Phil Odence Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance
Aug 17, 2022/11 min read CyRC Case Study: Exploitable memory corruption using CVE-2020-25669 and Linux Kernel By Synopsys Cybersecurity Research Center Tags: Software Integrity, Security News & Research, CyRC
Aug 10, 2022/1 min read AppSec Decoded: An introduction to the Synopsys Cybersecurity Research Center By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, CyRC
Aug 09, 2022/5 min read Synopsys and ESG report points to prevalence of software supply chain risks By Synopsys Editorial Team Tags: SCA, Software Integrity, Security News & Research, Software Supply Chain, Cloud Security
Aug 08, 2022/4 min read Secure SDLC 101 By Charlotte Freeman Tags: Agile, CI/CD, Software Integrity, Program Strategy & Planning, Manage Security Risks
Aug 03, 2022/4 min read Building a software Bill of Materials with Black Duck By Mike McGuire Tags: SCA, Software Integrity, Software Supply Chain, Compliance
Aug 03, 2022/1 min read CyRC Vulnerability Advisory: Local privilege escalation in Kaspersky VPN By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, CyRC
Aug 01, 2022/6 min read CyRC Vulnerability Analysis: Repo jacking in the software supply chain By Synopsys Editorial Team Tags: Software Integrity, CyRC
Jul 29, 2022/2 min read Introducing IaC Security from Black Duck By Synopsys Editorial Team Tags: SCA, Software Integrity, Build Secure Software
Jul 26, 2022/4 min read Five types of software licenses you need to understand By Phil Odence Tags: Software Integrity, OSS License Compliance
Jul 24, 2022/7 min read Bridging the security gap in continuous testing and the CI/CD pipeline By Kimm Yeo Tags: Software Integrity, IAST, DevSecOps, Manage Security Risks, Orchestration & Correlation
Jul 19, 2022/4 min read Interview-based due diligence or software audits? By Zvi Levitas Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance
Jul 18, 2022/1 min read AppSec Decoded: Application security orchestration and correlation By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, DevSecOps, Manage Security Risks, Orchestration & Correlation
Jul 13, 2022/1 min read AppSec Decoded: Get the most out of your open source software By Synopsys Editorial Team Tags: M&A, Software Integrity, Software Supply Chain
Jul 10, 2022/4 min read Build a holistic AppSec program By Boris Cipot Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks
Jul 05, 2022/5 min read OWASP API Security Top 10: Security risks that should be on your radar By Charlotte Freeman Tags: Software Integrity, Build Secure Software, Manage Security Risks
Jun 30, 2022/2 min read CyRC Vulnerability of the Month: Spring Framework By Black Duck Security Advisory Team Tags: Software Integrity, Security News & Research, CyRC
Jun 26, 2022/6 min read Celebrating one year of Rapid Scan Static By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, SAST, Web AppSec, Manage Security Risks
Jun 22, 2022/2 min read M&A, trust in software, and a good night’s sleep By Phil Odence Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance
Jun 22, 2022/3 min read WhiteHat brings new dimension to DAST capabilities at Synopsys By Jason Schmitt Tags: DAST, Software Integrity, Security News & Research
Jun 15, 2022/3 min read Enterprise applications run your business, so how can you secure them? By Mike McGuire Tags: SCA, Software Integrity, SAST, Manage Security Risks
Jun 13, 2022/6 min read Why supply chain risk management is a top priority By Taylor Armerding Tags: Software Integrity, Software Supply Chain, Public Sector
Jun 09, 2022/1 min read AppSec Decoded: Security at the speed of DevOps By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, Manage Security Risks, Orchestration & Correlation
Jun 02, 2022/3 min read Celebrating Pride 2022: Out in open source By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
May 23, 2022/8 min read CyRC Case Study: Securing BIND 9 By Jonathan Knudsen Tags: Software Integrity, Fuzzing, Build Secure Software, CyRC, SAST
May 22, 2022/1 min read AppSec Decoded: Managing software supply chain risks By Synopsys Editorial Team Tags: SCA, Software Integrity, Software Supply Chain
May 19, 2022/2 min read CyRC Vulnerability Advisory: Sensitive data exposure in JSON enables account compromise in Strapi By David Johansson Tags: Software Integrity, Security News & Research, CyRC
May 18, 2022/5 min read Tech tales: Achieving PCI compliance with application security testing By Chai Bhat Tags: Software Integrity, Financial Services, Compliance, Pen Testing, Manage Security Risks
May 17, 2022/2 min read Building security into existing source code management workflows By James Rabon Tags: Software Integrity, Build Secure Software, DevSecOps, Orchestration & Correlation
May 12, 2022/3 min read Two-factor authentication misconfiguration bypass By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, Web AppSec, Internet of Things
May 10, 2022/3 min read Black Duck Open Source Audits: Working through licensing issues like a pro By Phil Odence Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance
May 08, 2022/1 min read Product Security Advisory: Reflected cross-site scripting in Black Duck Hub By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Apr 27, 2022/1 min read Synopsys to expand portfolio, SaaS offerings with WhiteHat Security acquisition By Jason Schmitt Tags: DAST, Software Integrity, Security News & Research
Apr 19, 2022/1 min read CyRC Vulnerability Analysis: CVE-2022-1271 in gzip, but it’s not as bad as it sounds By Jonathan Knudsen Tags: SCA, Software Integrity, Security News & Research, CyRC
Apr 11, 2022/1 min read CyRC Vulnerability Advisory: Stored XSS in Directus By David Johansson Tags: Software Integrity, Security News & Research, CyRC
Apr 06, 2022/4 min read What is the maturity level of your AppSec program? By Taylor Armerding Tags: Software Integrity, Program Strategy & Planning, Threat & Risk Assessment, Manage Security Risks
Apr 05, 2022/1 min read AppSec Decoded: Is an SBOM a silver bullet for software supply chain security? By Synopsys Editorial Team Tags: SCA, Software Integrity, Software Supply Chain, Compliance
Mar 31, 2022/4 min read BYOD in the workforce: MDM and MAM with Microsoft Intune By Synopsys Editorial Team Tags: Software Integrity, Mobile, Manage Security Risks, Internet of Things
Mar 29, 2022/1 min read CyRC Vulnerability Analysis: Two distinct Spring vulnerabilities discovered – Spring4Shell and CVE-2022-22963 By Jonathan Knudsen Tags: SCA, Software Integrity, Security News & Research, CyRC
Mar 20, 2022/3 min read How to cybersecurity: Software supply chain security is much bigger than you think By Jonathan Knudsen Tags: SCA, Software Integrity, Software Supply Chain
Mar 15, 2022/4 min read What is a software bill of materials? By Fred Bals Tags: SCA, Software Integrity, Software Supply Chain
Mar 14, 2022/7 min read NIST provides recommended criteria for cybersecurity labeling for consumer software and IoT products By Taylor Armerding Tags: Software Integrity, Security News & Research, Compliance, Internet of Things
Mar 10, 2022/5 min read Synopsys contributes to the Linux Foundation Census II of the most widely used open source application libraries By Synopsys Editorial Team Tags: SCA, Software Integrity
Mar 07, 2022/1 min read #BreakTheBias: A conversation about tackling gender equality in the workforce By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Feb 20, 2022/10 min read Navigating the road ahead for automotive cybersecurity By Synopsys Editorial Team Tags: Software Integrity, Pen Testing, Threat Modeling, Manage Security Risks, Automotive
Feb 14, 2022/3 min read Black History Month: Uplifting voices at Synopsys By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Feb 14, 2022/3 min read What the cybersecurity executive order means for the private sector By Mike McGuire Tags: Software Integrity, Compliance, Public Sector
Feb 09, 2022/4 min read Code Sight Standard Edition: Application security optimized for the needs of developers By Raj Kesarapalli Tags: SCA, Software Integrity, Security News & Research, Build Secure Software, DevSecOps, SAST
Feb 09, 2022/4 min read How to cybersecurity: Gravity is a harsh mistress By Jonathan Knudsen Tags: Software Integrity, Build Secure Software, DevSecOps, Manage Security Risks
Jan 31, 2022/1 min read AppSec Decoded: Building security into DevSecOps By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, DevSecOps
Jan 26, 2022/2 min read CyRC Vulnerability Analysis: Local privilege escalation vulnerability discovered By Synopsys Cybersecurity Research Center Tags: SCA, Software Integrity, CyRC
Jan 23, 2022/3 min read Scale and mature your AppSec program with a managed services partner By Synopsys Editorial Team Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks
Jan 19, 2022/3 min read Bob Saget and open source license compliance By Phil Odence Tags: SCA, M&A, Software Integrity, Security News & Research, Software Supply Chain, OSS License Compliance
Jan 18, 2022/6 min read Five Cryptography best practices for developers By Charlotte Freeman Tags: Software Integrity, Build Secure Software, AppSec Best Practices, Training
Jan 01, 2022/2 min read Software due diligence: The home inspection of tech M&A By Phil Odence Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance
Dec 20, 2021/1 min read AppSec Decoded: A proactive approach to building trust in your software supply chain By Synopsys Editorial Team Tags: Software Integrity, Software Supply Chain, Compliance, Public Sector
Dec 15, 2021/8 min read Detecting Log4j (Log4Shell): Mitigating the impact on your organization By Michael White Tags: SCA, Software Integrity, Compliance, SAST
Dec 14, 2021/5 min read How to cyber security: Software supply chain risk management By Jonathan Knudsen Tags: SCA, Software Integrity, Software Supply Chain, SAST
Dec 10, 2021/5 min read CyRC Vulnerability Analysis: Remote code execution zero-day exploit in Java logging library (log4j2) By Synopsys Editorial Team Tags: SCA, Software Integrity, CyRC
Dec 08, 2021/5 min read Safety Detectives interview with Tim Mackey By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Build Secure Software, Software Supply Chain, Manage Security Risks
Dec 07, 2021/2 min read CyRC Vulnerability Advisory: Multiple vulnerabilities discovered in GOautodial By Scott Tolley Tags: Software Integrity, Security News & Research, IAST, CyRC
Nov 28, 2021/7 min read Six Python security best practices for developers By Boris Cipot Tags: Software Integrity, Build Secure Software, AppSec Best Practices, Training
Nov 21, 2021/6 min read Effective software security activities for managing supply chain risks By Chai Bhat Tags: Software Integrity, Program Strategy & Planning, Software Supply Chain, Cloud Security, Container Security
Nov 16, 2021/2 min read Don’t let Trojan Source sneak into your code By Synopsys Editorial Team Tags: Software Integrity, SAST
Nov 09, 2021/3 min read A stitch in BIND saves nine By Jonathan Knudsen Tags: Software Integrity, Fuzzing, Security News & Research, CyRC
Nov 01, 2021/3 min read Top seven logging and monitoring best practices By Ashutosh Rana Tags: Software Integrity, Build Secure Software, AppSec Best Practices, Training
Oct 28, 2021/1 min read AppSec Decoded: Why Biden’s executive order should be on your radar By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Public Sector
Oct 24, 2021/8 min read How to cybersecurity: Heartbleed deep dive By Jonathan Knudsen Tags: Software Integrity, Compliance
Oct 16, 2021/7 min read Top 10 Spring Security best practices for Java developers By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, AppSec Best Practices, Web AppSec
Oct 12, 2021/2 min read CyRC Vulnerability Advisory: SQL injection, path traversal leading to arbitrary file deletion and XSS in Nagios XI By Scott Tolley Tags: Software Integrity, Security News & Research, IAST, CyRC
Oct 06, 2021/5 min read BSIMM: Top five software security activities that create a better software security initiative By Taylor Armerding Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks
Sep 26, 2021/1 min read AppSec Decoded: Cyber security measures for technology buyers and suppliers By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Software Supply Chain, Public Sector
Sep 14, 2021/1 min read A new approach to AppSec By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, Manage Security Risks, Orchestration & Correlation
Sep 10, 2021/4 min read Strengthen your cloud security posture with Azure Sentinel By Synopsys Editorial Team Tags: Software Integrity, Cloud Security, Manage Security Risks
Sep 08, 2021/5 min read ASOC series part 2: How to scale AppSec with application security automation By Synopsys Editorial Team Tags: Software Integrity, DevSecOps, Manage Security Risks, Orchestration & Correlation
Sep 02, 2021/7 min read ASOC series part 1: How application security orchestration and correlation can improve DevSecOps efficiency By Synopsys Editorial Team Tags: Software Integrity, DevSecOps, Manage Security Risks, Orchestration & Correlation
Sep 01, 2021/6 min read New banking paradigm requires better security paradigm By Taylor Armerding Tags: Software Integrity, Financial Services, Manage Security Risks
Aug 26, 2021/4 min read Managing license compliance with Black Duck SCA By Mike McGuire Tags: Software Integrity, Manage Security Risks
Aug 19, 2021/6 min read Reflections on trusting plugins: Backdooring Jenkins builds By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software
Aug 09, 2021/2 min read Why penetration testing needs to be part of your IoT security By Debrup Ghosh Tags: Software Integrity, Build Secure Software, Pen Testing
Aug 08, 2021/5 min read Keep infrastructure as code secure with Synopsys By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, SAST
Aug 03, 2021/5 min read How to run your CodeXM checker By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, Training, SAST
Jul 28, 2021/1 min read AppSec Decoded: New executive order changes dynamic of software security standards By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Build Secure Software, Software Supply Chain, Compliance, Manage Security Risks, Public Sector
Jul 27, 2021/2 min read Build developer trust with faster, accurate AppSec testing from Rapid Scan By Scott Johnson Tags: SCA, Agile, CI/CD, Software Integrity, Build Secure Software, SAST
Jul 21, 2021/2 min read Shift even further left with blazing-fast Rapid Scan SAST By Anna Chiang Tags: Software Integrity, Build Secure Software, SAST
Jul 19, 2021/4 min read Practical solutions for a secure automotive software development process following ISO/SAE 21434 By Dr. Dennis Kengo Oka Tags: Software Integrity, Build Secure Software, Compliance, Automotive
Jul 11, 2021/6 min read Reduce open source software risks in your supply chain By Synopsys Editorial Team Tags: Software Integrity, Software Supply Chain
Jul 08, 2021/3 min read Getting started with writing checkers using CodeXM By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, SAST
Jun 29, 2021/2 min read Optimizing software composition analysis for developer workflows with Black Duck Rapid Scan By Mike McGuire Tags: SCA, Software Integrity, Build Secure Software
Jun 28, 2021/3 min read How to cyber security: Embedding security into every phase of the SDLC By Jonathan Knudsen Tags: Agile, CI/CD, Software Integrity, Build Secure Software
Jun 24, 2021/4 min read How an open source software audit works By Phil Odence Tags: M&A, Software Integrity, OSS License Compliance
Jun 21, 2021/8 min read CyRC Vulnerability Advisory: Denial-of-service vulnerabilities in Zephyr Bluetooth LE stack By Matias Karhumaa Tags: Software Integrity, Fuzzing, Security News & Research, CyRC
Jun 17, 2021/1 min read Reduce open source risk in M&A with software due diligence By Synopsys Editorial Team Tags: SCA, M&A, Software Integrity, OSS License Compliance
Jun 15, 2021/5 min read Ransomware prevention begins with securing your applications By Taylor Armerding Tags: Software Integrity, Public Sector
Jun 14, 2021/4 min read Data privacy laws drive urgency to create a data security strategy By Anna Chiang Tags: Software Integrity, Compliance, Manage Security Risks
Jun 10, 2021/6 min read How to achieve MISRA and AUTOSAR coding compliance By Dr. Dennis Kengo Oka Tags: Software Integrity, Build Secure Software, Compliance, Automotive
Jun 07, 2021/1 min read CyRC Vulnerability Advisory: Denial of service vulnerabilities in RabbitMQ, EMQ X, and VerneMQ By Jonathan Knudsen Tags: Software Integrity, Fuzzing, Security News & Research, Compliance, CyRC
Jun 06, 2021/3 min read Code Dx brings game-changing capabilities to Synopsys By Jim Ivers Tags: Software Integrity, Security News & Research, Orchestration & Correlation
Jun 05, 2021/3 min read Web application security testing at scale with Coverity SAST By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, SAST, Web AppSec, Manage Security Risks
May 31, 2021/3 min read Addressing 5G security with threat modeling By Chai Bhat Tags: Software Integrity, Threat Modeling, Manage Security Risks, Internet of Things
May 25, 2021/4 min read A CISO’s guide to sensitive data protection By Anna Chiang Tags: Software Integrity, Compliance, Manage Security Risks
May 24, 2021/2 min read How to protect your Wi-Fi devices from new FragAttacks vulnerabilities By Tuomo Untinen Tags: Software Integrity, Fuzzing, Manage Security Risks
May 12, 2021/4 min read Cybersecurity Executive Order requires new software security standards By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Compliance, Public Sector
May 10, 2021/5 min read Open source license compliance and dependencies: Peeling back the licensing layers By Matt Jacobs Tags: M&A, Software Integrity, OSS License Compliance
May 06, 2021/8 min read Top 10 DevSecOps best practices for building secure software By Sneha Kokil Tags: Agile, CI/CD, Software Integrity, Build Secure Software, AppSec Best Practices, DevSecOps
May 02, 2021/6 min read Biden on cyber security after 100 days: A good start, but now comes the hard part By Taylor Armerding Tags: Software Integrity, Security News & Research, Manage Security Risks, Public Sector
Apr 23, 2021/4 min read How to cyber security: 5G is not magic By Jonathan Knudsen Tags: Software Integrity, Build Secure Software, Internet of Things
Apr 15, 2021/3 min read Securing the IoT tsunami By Chai Bhat Tags: Software Integrity, Manage Security Risks, Internet of Things
Apr 14, 2021/3 min read The 411 on Stack Overflow and open source license compliance By Phil Odence Tags: M&A, Software Integrity, OSS License Compliance
Apr 09, 2021/3 min read Penetration testing: A yearly physical for your applications By Debrup Ghosh Tags: Software Integrity, Build Secure Software, Pen Testing, Web AppSec
Apr 08, 2021/12 min read Integrating fuzzing into DevSecOps By Synopsys Editorial Team Tags: Software Integrity, Fuzzing, Build Secure Software, DevSecOps
Apr 06, 2021/4 min read Don’t be the weak link in your customers’ supply chain security By Taylor Armerding Tags: Software Integrity, Program Strategy & Planning, Software Supply Chain, Public Sector
Mar 28, 2021/2 min read Synopsys CyRC named a CVE Numbering Authority By Taylor Armerding Tags: Software Integrity, Security News & Research, Program Strategy & Planning, Compliance, CyRC
Mar 24, 2021/3 min read Hacking medical devices: Five ways to inoculate yourself from attacks By Chandu Ketkar Tags: Software Integrity, Security News & Research, Medical Devices
Mar 20, 2021/5 min read Closing the gender gap in today’s tech industry By Sneha Kokil Tags: Software Integrity, Security News & Research
Mar 17, 2021/11 min read WLAN under fuzzing with Defensics By Tuomo Untinen, Kari Hulkko Tags: Software Integrity, Fuzzing, Build Secure Software
Mar 14, 2021/4 min read Why should DevOps teams choose IAST? By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, IAST
Mar 11, 2021/6 min read Don’t let supply chain security risks poison your organization By Taylor Armerding Tags: Software Integrity, Program Strategy & Planning, Software Supply Chain, Public Sector
Mar 10, 2021/4 min read Get earlier, actionable vulnerability insights from Black Duck Security Advisories By Mike McGuire Tags: SCA, Software Integrity, Software Supply Chain, Manage Security Risks
Mar 01, 2021/2 min read CyRC Vulnerability Advisory: Denial of service vulnerability in Jetty web server By Synopsys Cybersecurity Research Center Tags: Software Integrity, Security News & Research, Program Strategy & Planning, CyRC
Feb 23, 2021/5 min read How to cyber security: Containerizing fuzzing targets By Jonathan Knudsen Tags: Software Integrity, Fuzzing, Build Secure Software
Feb 23, 2021/5 min read Analysis of an attack on automotive keyless entry systems By Dr. Dennis Kengo Oka Tags: Software Integrity, Build Secure Software, Automotive
Feb 08, 2021/3 min read 8 must-have features in an IAST solution By Synopsys Editorial Staff Tags: Software Integrity, IAST, Manage Security Risks
Feb 03, 2021/4 min read How to integrate automated AST tools in your CI/CD pipeline By Meera Rao Tags: Agile, CI/CD, Software Integrity, Build Secure Software
Jan 31, 2021/1 min read AppSec Decoded: Manufacturing more-secure IoT devices By Synopsys Editorial Team Tags: Software Integrity, Manage Security Risks, Internet of Things
Jan 26, 2021/4 min read Discovery capabilities: A core differentiator for Black Duck SCA By Mike McGuire Tags: SCA, Software Integrity, Build Secure Software, OSS License Compliance
Jan 26, 2021/7 min read Securing your code: GDPR best practices for application security By Taylor Armerding Tags: Software Integrity, Program Strategy & Planning, Compliance, AppSec Best Practices, Manage Security Risks
Jan 23, 2021/3 min read How to manage open source risks using Black Duck SCA By Shandra Gemmiti Tags: SCA, Software Integrity
Jan 21, 2021/6 min read How to evaluate the ROI of your software security program By Taylor Armerding Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks
Jan 20, 2021/7 min read How to cyber security: Faceplanting in 10 lines of code By Jonathan Knudsen Tags: Agile, CI/CD, Software Integrity, Build Secure Software
Jan 03, 2021/6 min read Don’t get overwhelmed with trivial defects. Manage them! By Taylor Armerding Tags: Software Integrity, Build Secure Software, AppSec Best Practices, DevSecOps
Dec 27, 2020/8 min read DevSecOps: The good, the bad, and the ugly By Nivedita Murthy Tags: Agile, CI/CD, Software Integrity, Build Secure Software
Dec 21, 2020/5 min read Things to consider when choosing a software composition analysis tool By Shandra Gemmiti Tags: SCA, Software Integrity, Build Secure Software
Dec 16, 2020/2 min read CyRC analysis: Authentication bypass vulnerability in Bouncy Castle By Synopsys Cybersecurity Research Center Tags: Software Integrity, Security News & Research, Compliance, CyRC
Dec 16, 2020/4 min read How to cyber security: Software security is everyone’s responsibility By Jonathan Knudsen Tags: Agile, CI/CD, Software Integrity, Manage Security Risks
Dec 14, 2020/10 min read How to build a serial port fuzzer with Defensics SDK By Kari Hulkko Tags: Software Integrity, Fuzzing, Build Secure Software
Dec 10, 2020/6 min read Fuzzing Bitcoin with the Defensics SDK, part 2: Fuzz the Bitcoin protocol By Jonathan Knudsen Tags: Software Integrity, Fuzzing, Build Secure Software, Training
Dec 07, 2020/4 min read 6 Findings from DevSecOps Practices' Survey By Fred Bals Tags: Software Integrity, AppSec Best Practices, DevSecOps, Manage Security Risks
Dec 02, 2020/6 min read Configure security tools for effective DevSecOps By Taylor Armerding Tags: Agile, CI/CD, Software Integrity, Build Secure Software, DevSecOps
Dec 01, 2020/5 min read Fuzzing Bitcoin with the Defensics SDK, part 1: Create your network By Jonathan Knudsen Tags: Software Integrity, Fuzzing, Build Secure Software
Nov 19, 2020/4 min read Four requirements for open source vulnerability management in a DevOps environment By Shandra Gemmiti Tags: SCA, Software Integrity, Software Supply Chain
Nov 17, 2020/3 min read Automotive threat analysis and risk assessment method By Jacob Wilson Tags: Software Integrity, Compliance, Manage Security Risks, Automotive
Nov 16, 2020/7 min read Can your security keep pace in a DevOps environment? By Taylor Armerding Tags: Agile, CI/CD, Software Integrity, Manage Security Risks
Nov 12, 2020/5 min read How to cyber security: Gotta go fast … but why? By Jonathan Knudsen Tags: Agile, CI/CD, Software Integrity, Build Secure Software, DevSecOps
Nov 09, 2020/6 min read The roles and responsibilities that lead to better software security initiatives By Taylor Armerding Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks
Nov 09, 2020/3 min read Three DevSecOps challenges and how to mitigate them By Patrick Carey Tags: Agile, CI/CD, Software Integrity, Build Secure Software, Training, DevSecOps
Nov 04, 2020/4 min read Cyber security assurance levels in the automotive supply chain By Jacob Wilson Tags: Software Integrity, Compliance, Manage Security Risks, Automotive
Oct 28, 2020/5 min read CyRC analysis: Circumventing WPA authentication in wireless routers with Defensics fuzz testing By Tuomo Untinen, Kari Hulkko Tags: Software Integrity, Fuzzing, Security News & Research, Compliance
Oct 20, 2020/1 min read AppSec Decoded: The security dilemma of IoT devices By Synopsys Editorial Team Tags: Software Integrity, Manage Security Risks, Internet of Things
Oct 18, 2020/6 min read Get effective DevSecOps with version control By Taylor Armerding Tags: Agile, CI/CD, Software Integrity, Build Secure Software, DevSecOps
Oct 11, 2020/3 min read Are you ready for ISO SAE 21434 Cybersecurity of Road Vehicles? By Jacob Wilson Tags: Software Integrity, Compliance, Manage Security Risks, Automotive
Sep 29, 2020/3 min read Making SCA part of your AST Strategy By Fred Bals Tags: SCA, Software Integrity, Security News & Research, Software Supply Chain
Sep 27, 2020/2 min read CyRC Vulnerability Advisory: Authentication bypass vulnerabilities in multiple wireless router chipsets (CVE-2019-18989, CVE-2019-18990, and CVE-2019-18991) By Synopsys Cybersecurity Research Center Tags: Software Integrity, Fuzzing, Security News & Research, CyRC
Sep 23, 2020/6 min read Open source licenses: No license, no problem? Or … not? By Matt Jacobs Tags: SCA, M&A, Software Integrity, OSS License Compliance
Sep 17, 2020/5 min read MITRE releases 2020 CWE Top 25 most dangerous software weaknesses By Taylor Armerding Tags: Software Integrity, Security News & Research, Compliance, AppSec Best Practices
Sep 10, 2020/4 min read TANSTAAFL! The tragedy of the commons meets open source software By Fred Bals Tags: Software Integrity, Manage Security Risks
Aug 26, 2020/3 min read Black Duck continues to expand vulnerability prioritization methods By Mike McGuire Tags: SCA, Software Integrity, Security News & Research
Aug 25, 2020/4 min read Developing a COVID-19 track and trace app — through the lens of Synopsys By Synopsys Editorial Team Tags: DAST, Software Integrity, Build Secure Software, Threat & Risk Assessment, Mobile, IAST, SAST, Public Sector
Aug 02, 2020/12 min read Apache Struts research at scale, Part 3: Exploitation By Christopher Fearon Tags: Software Integrity, Security News & Research, Compliance, CyRC
Jul 27, 2020/7 min read Security bugs and flaws: Both bad, but in different ways By Taylor Armerding Tags: SCA, Software Integrity, Build Secure Software, Threat & Risk Assessment, Threat Modeling, Manage Security Risks
Jul 21, 2020/7 min read Are you making software security a requirement? By Jamie Boote Tags: Software Integrity, Program Strategy & Planning, Threat & Risk Assessment, Manage Security Risks
Jul 12, 2020/7 min read How to Cyber Security: Fuzz a tank By Jonathan Knudsen Tags: Software Integrity, Fuzzing, Build Secure Software
Jul 04, 2020/5 min read Open source audits: The secret ingredient for successful M&A By Shandra Gemmiti Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance
Jul 01, 2020/8 min read Find more bugs by detecting failure better: An introduction to SanitizerProcessMonitorAgent By Jonathan Knudsen Tags: Software Integrity, Fuzzing, Build Secure Software
Jun 28, 2020/4 min read Are you following the top 10 software security best practices? By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, AppSec Best Practices, Manage Security Risks
Jun 17, 2020/3 min read An introduction to installing Black Duck By Synopsys Editorial Team Tags: SCA, Software Integrity, Build Secure Software
Jun 11, 2020/11 min read Authentication Token Obtain and Replace (ATOR) Burp plugin to handle complex login sequences By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software
Jun 03, 2020/2 min read How to overcome the top 6 application security challenges By Synopsys Editorial Team Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks
Jun 01, 2020/3 min read Why developers need a supplemental source to NVD vulnerability data By Fred Bals Tags: SCA, Software Integrity, Build Secure Software
May 19, 2020/5 min read Are you ready for API security? By Synopsys Cybersecurity Research Center Tags: Software Integrity, Threat Modeling, Manage Security Risks
May 13, 2020/3 min read Critical gap in developer security training puts applications at risk By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, AppSec Best Practices, Training
May 11, 2020/8 min read How to Cyber Security: Fuzzing does not mean random By Jonathan Knudsen Tags: Software Integrity, Fuzzing, Build Secure Software
May 05, 2020/4 min read 3 ways to boost your security with role-based security compliance training By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, Compliance, AppSec Best Practices, Training
May 03, 2020/2 min read 3 long-term benefits of an application security training strategy By Synopsys Editorial Staff Tags: Software Integrity, Build Secure Software, Training
Apr 27, 2020/15 min read CyRC analysis: CVE-2020-7958 biometric data extraction in Android devices By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Compliance, CyRC
Apr 21, 2020/3 min read The Complete Application Security Checklist By Synopsys Editorial Team Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks
Apr 15, 2020/7 min read What the open source community can teach the suddenly remote workforce By Taylor Armerding Tags: Software Integrity, Security News & Research, Training
Apr 13, 2020/1 min read CyRC Vulnerability Advisory: CVE-2020-7958 biometric data disclosure vulnerability in OnePlus 7 Pro Android phone By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Mobile, CyRC
Apr 13, 2020/5 min read How to Cyber Security: Application security is critical for data security By Jonathan Knudsen Tags: Software Integrity, Threat & Risk Assessment, Threat Modeling, Manage Security Risks
Apr 07, 2020/3 min read How 5G and IoT devices open up the attack surface on enterprises By Synopsys Editorial Staff Tags: Software Integrity, Fuzzing, Manage Security Risks, Internet of Things
Mar 31, 2020/3 min read What is the Ghostcat vulnerability (CVE-2020-1938)? By Tanay Sethi Tags: SCA, Software Integrity, Security News & Research, Compliance
Mar 29, 2020/3 min read 3 ways to improve your software development skills By Synopsys Editorial Staff Tags: Software Integrity, Security News & Research, Training
Mar 21, 2020/5 min read How to deal with legacy vulnerabilities By Taylor Armerding Tags: SCA, Software Integrity, Manage Security Risks
Mar 15, 2020/6 min read What is security debt, and how do I get out of it? By Taylor Armerding Tags: SCA, Software Integrity, Program Strategy & Planning, Build Secure Software, Manage Security Risks
Mar 11, 2020/4 min read How do you effectively remediate the increasing sea of vulnerabilities? By Shandra Gemmiti Tags: SCA, Software Integrity, Software Supply Chain
Mar 10, 2020/7 min read Apache Struts research at scale, Part 2: Execution environments By Christopher Fearon Tags: Software Integrity, Security News & Research, Compliance, CyRC
Mar 10, 2020/3 min read How does IAST fit into DevSecOps? By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, Build Secure Software, IAST, DevSecOps
Mar 03, 2020/5 min read 5G: Vast potential, but better security needed By Synopsys Editorial Staff Tags: Software Integrity, Fuzzing, Mobile, Manage Security Risks, Internet of Things
Mar 02, 2020/3 min read Thoreau’s ‘simplify’ exhortation hovers over RSA By Taylor Armerding Tags: Software Integrity, Manage Security Risks
Feb 19, 2020/6 min read Want to comply with privacy laws? Start with security By Taylor Armerding Tags: Software Integrity, Program Strategy & Planning, Compliance, Manage Security Risks, Public Sector
Feb 18, 2020/5 min read There’s no such thing as TMI when it comes to open source software By Fred Bals Tags: SCA, Software Integrity, Security News & Research
Feb 12, 2020/3 min read Find and fix open source and proprietary code security defects in the IDE with Polaris and Code Sight By Patrick Carey Tags: SCA, Software Integrity, Security News & Research, Build Secure Software, DevSecOps, SAST
Feb 12, 2020/11 min read Top 10 FOSS legal developments in 2019 By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, OSS License Compliance
Feb 03, 2020/3 min read Extending Black Duck’s capability with Red Hat OpenShift to scan Red Hat Quay images By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Container Security
Feb 03, 2020/4 min read Mobile security app-titude best practices for secure app design and data privacy By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, AppSec Best Practices, Mobile
Feb 02, 2020/5 min read Ask the Experts: What’s most rewarding about your career in cyber security? By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Build Secure Software, Manage Security Risks
Jan 22, 2020/5 min read Coverity & Black Duck together. Better. Faster. Stronger. By Fred Bals Tags: SCA, Software Integrity, Build Secure Software, SAST
Jan 18, 2020/4 min read Synopsys adds GitHub Action for SAST and SCA By Synopsys Editorial Team Tags: SCA, Agile, CI/CD, Software Integrity, Build Secure Software, SAST
Jan 08, 2020/1 min read Synopsys acquires Tinfoil Security, DAST and API testing solutions provider By Synopsys Editorial Team Tags: DAST, Software Integrity, Security News & Research
Jan 06, 2020/7 min read The journey to better medical device security: Still slow, still bumpy By Taylor Armerding Tags: Software Integrity, Build Secure Software, AppSec Best Practices, Medical Devices, Healthcare
Dec 17, 2019/5 min read Mackey: Security isn’t ‘front of mind’ in the IoT By Taylor Armerding Tags: Software Integrity, Security News & Research, Internet of Things
Dec 10, 2019/7 min read Cost of data breaches in 2019: The 4 worst hits on the corporate wallet By Taylor Armerding Tags: Software Integrity, Security News & Research, Compliance, Public Sector
Dec 08, 2019/3 min read How to Cyber Security: Software is critical infrastructure By Jonathan Knudsen Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks, Public Sector
Nov 24, 2019/6 min read The blockchain train: Get on board—with caution By Taylor Armerding Tags: Software Integrity, Security News & Research, Container Security
Nov 19, 2019/4 min read SAST vs. SCA: What’s the difference? Do I need both? By Synopsys Editorial Team Tags: SCA, Software Integrity, Build Secure Software, SAST
Nov 18, 2019/3 min read Integrating Coverity Scan with GitLab CI By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, Build Secure Software, SAST
Nov 12, 2019/3 min read Blue Yonder: Extending their SDLC to remediate open source issues By Fred Bals Tags: SCA, Software Integrity
Nov 10, 2019/3 min read How to Cyber Security: Unicorns and donkeys By Jonathan Knudsen Tags: Software Integrity, Program Strategy & Planning, Training, Manage Security Risks
Oct 29, 2019/7 min read It’s past time to put passwords out of our misery By Taylor Armerding Tags: Software Integrity, Security News & Research, Threat & Risk Assessment
Oct 28, 2019/7 min read The due diligence of a deal By Phil Odence Tags: M&A, Software Integrity, OSS License Compliance
Oct 24, 2019/11 min read Apache Struts research at scale, Part 1: Building 115 versions of Struts By Christopher Fearon Tags: Software Integrity, Security News & Research, Compliance, CyRC
Oct 22, 2019/6 min read Don’t let your supply chain undermine your security By Taylor Armerding Tags: Software Integrity, Program Strategy & Planning, Software Supply Chain
Oct 09, 2019/2 min read CloudBees and Synopsys: Putting “Sec” into DevSecOps By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, Build Secure Software
Oct 09, 2019/8 min read Best practices for secure application development By Taylor Armerding Tags: Software Integrity, Security News & Research, Compliance, AppSec Best Practices
Oct 01, 2019/5 min read Seeker FAQ: Interactive application security testing and CI/CD By Kimm Yeo Tags: Agile, CI/CD, Software Integrity, Security News & Research, IAST
Sep 29, 2019/4 min read Wormwood – An Explicit Way to Test Absinthe GraphQL APIs By Synopsys Editorial Team Tags: DAST, Software Integrity, Build Secure Software
Sep 26, 2019/2 min read Coverity release ties in well to the latest MITRE CWE Top 25 By Synopsys Editorial Team Tags: SCA, Software Integrity, Security News & Research, Compliance, SAST
Sep 23, 2019/7 min read Hackers needed to defeat hackers By Taylor Armerding Tags: Software Integrity, Security News & Research, Training
Sep 19, 2019/4 min read Q&A: Fuzz testing, agent instrumentation, and Defensics By Synopsys Editorial Team Tags: Software Integrity, Fuzzing, Build Secure Software
Sep 11, 2019/2 min read Let’s Talk Licenses: Beware the Beerware License By Phil Odence Tags: M&A, Software Integrity, OSS License Compliance
Sep 10, 2019/7 min read Awash in regulations, companies struggle with compliance By Taylor Armerding Tags: Software Integrity, Security News & Research, Compliance, Public Sector
Aug 26, 2019/3 min read What are the different types of security vulnerabilities? By Synopsys Editorial Team Tags: Software Integrity, Web AppSec, Manage Security Risks
Aug 14, 2019/2 min read Review of Apache Struts vulnerabilities yields 24 updated advisories By Tim Mackey Tags: Software Integrity, Security News & Research, CyRC
Aug 13, 2019/2 min read [Infographic] Financial cybersecurity by the numbers By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Financial Services
Aug 11, 2019/6 min read The license and security risks of using Node.js By Synopsys Editorial Team Tags: Software Integrity, Web AppSec, Manage Security Risks
Aug 04, 2019/5 min read Ask the Experts: How can we prevent ransomware attacks? By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Program Strategy & Planning, Training
Jul 30, 2019/7 min read Apollo 11 software lessons still relevant today By Taylor Armerding Tags: Software Integrity, Compliance, Manage Security Risks, Public Sector
Jul 29, 2019/3 min read 3 use cases where source code scanning doesn’t cut it By Shandra Gemmiti Tags: SCA, Software Integrity
Jul 16, 2019/5 min read Securing software development: NIST joins the parade By Taylor Armerding Tags: Software Integrity, Program Strategy & Planning, Compliance, Manage Security Risks
Jul 15, 2019/2 min read Top 3 cloud security trends for 2019 By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Cloud Security, Manage Security Risks
Jul 14, 2019/4 min read Why hackers are targeting your web apps (and how to stop them) By Taylor Armerding Tags: Software Integrity, Web AppSec, Manage Security Risks
Jul 09, 2019/1 min read Join Synopsys at codenomi-con and Black Hat USA 2019 By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Jul 01, 2019/6 min read Patch now or pay later: Report By Taylor Armerding Tags: Software Integrity, Security News & Research
Jun 25, 2019/3 min read Top 3 operational open source risk factors By Phil Odence Tags: M&A, Software Integrity, OSS License Compliance
Jun 23, 2019/7 min read More medical mega-breaches thanks to third-party insecurity By Taylor Armerding Tags: Software Integrity, Security News & Research, Program Strategy & Planning, Healthcare
Jun 18, 2019/7 min read Web AppSec interview questions every company should ask By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Web AppSec, Manage Security Risks
Jun 17, 2019/6 min read Q&A: Interactive application security testing (IAST) and Seeker By Asma Zubair Tags: Software Integrity, IAST, Manage Security Risks
Jun 12, 2019/5 min read You’re using open source software, and you need to keep track of it By Taylor Armerding Tags: SCA, Software Integrity, OSS License Compliance
Jun 11, 2019/4 min read The Verizon DBIR and the art of the breach By Asma Zubair Tags: Software Integrity, Security News & Research, Threat & Risk Assessment
Jun 10, 2019/8 min read Ask the Experts: Should the US have a data privacy law similar to GDPR? By Synopsys Editorial Team Tags: Software Integrity, Compliance, Manage Security Risks, Public Sector
Jun 04, 2019/6 min read It’s not just autonomous cars of the future that need security By Taylor Armerding Tags: Software Integrity, Build Secure Software, Manage Security Risks, Automotive
May 24, 2019/3 min read How are code quality and code security related? By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, SAST, Web AppSec, Internet of Things
May 15, 2019/4 min read Don’t let insider threats rain on your cloud deployment By Taylor Armerding Tags: Software Integrity, Security News & Research, Manage Security Risks
May 08, 2019/1 min read Announcing Code Sight 2019.4 By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Build Secure Software, SAST
May 06, 2019/4 min read Synopsys and Red Hat OpenShift 4: One smooth Operator! By Synopsys Editorial Team Tags: Software Integrity, Container Security
May 01, 2019/5 min read Feds seek to up their cybersecurity game By Taylor Armerding Tags: Software Integrity, Security News & Research, Internet of Things, Public Sector
Apr 18, 2019/2 min read Are you making these software standards compliance mistakes? By Synopsys Editorial Team Tags: Software Integrity, Compliance, Manage Security Risks
Apr 16, 2019/3 min read The Synopsys Cybersecurity Research Center (CyRC): Advancing the state of software security By Tim Mackey Tags: Software Integrity, Security News & Research, CyRC
Apr 09, 2019/4 min read Complex but helpful: Negotiating FDA guidance to build a cybersecurity program By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Healthcare
Mar 27, 2019/5 min read The cyber-physical convergence is accelerating—and so are the risks By Taylor Armerding Tags: Software Integrity, Security News & Research, Internet of Things
Mar 20, 2019/4 min read Want to secure your apps? Build security in with the right toolchain By Taylor Armerding Tags: Agile, CI/CD, Software Integrity, Build Secure Software, Threat & Risk Assessment, Manage Security Risks
Mar 13, 2019/5 min read Bug bounties: A good tool, but don’t make them the only tool in security By Taylor Armerding Tags: Software Integrity, Security News & Research, Web AppSec
Mar 12, 2019/4 min read The days (and nights) of an ‘always on’ sales engineer By Taylor Armerding Tags: Software Integrity, Security News & Research
Feb 27, 2019/5 min read Connected cars need better connection to cybersecurity By Taylor Armerding Tags: Software Integrity, Security News & Research, Automotive
Feb 20, 2019/5 min read Advances in healthcare security since the Anthem data breach By Taylor Armerding Tags: Software Integrity, Security News & Research, Manage Security Risks, Healthcare
Feb 10, 2019/2 min read 3 takeaways from “Managing the Business Risks of Open Source” webinar By Fred Bals Tags: SCA, Software Integrity, Security News & Research, Manage Security Risks, OSS License Compliance
Feb 05, 2019/5 min read Study shows security challenges in the auto industry By Taylor Armerding Tags: Software Integrity, Security News & Research, Automotive
Feb 05, 2019/2 min read Container scanning for security with Black Duck OpsSight 2.2 By Synopsys Editorial Team Tags: Software Integrity, Container Security
Jan 30, 2019/2 min read How to “shift left” with application security tools, and how not to By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, Build Secure Software
Jan 29, 2019/7 min read Why dependencies matter for SAST By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, Training, SAST
Jan 29, 2019/3 min read Server-side GraphQL Querying with Elixir Absinthe By Synopsys Editorial Team Tags: DAST, Software Integrity, Security News & Research
Jan 24, 2019/5 min read The future of open source software: More of everything By Taylor Armerding Tags: SCA, Software Integrity, OSS License Compliance
Jan 15, 2019/4 min read Top 10 software vulnerability list for 2019 By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Mobile, Web AppSec
Jan 15, 2019/3 min read Throwback Thursday: Whatever happened to Stuxnet? By Taylor Armerding Tags: Software Integrity, Manage Security Risks
Jan 09, 2019/5 min read GAO report confirms major gaps in government cybersecurity By Taylor Armerding Tags: Software Integrity, Security News & Research, Automotive, Internet of Things, Public Sector
Dec 18, 2018/3 min read Next-generation audit reports: Enhanced visibility into open source risks in M&A transactions By Phil Odence Tags: M&A, Software Integrity, OSS License Compliance
Dec 03, 2018/6 min read President’s ‘cybersecurity moonshot’: Transformational or pie in the sky? By Taylor Armerding Tags: Software Integrity, Security News & Research, Public Sector
Nov 30, 2018/4 min read NPM dependencies, supply chain attacks, and Bitcoin wallets By Ksenia Peguero Tags: SCA, Software Integrity, Software Supply Chain
Nov 28, 2018/5 min read Hard questions raised when a software ‘glitch’ takes down an airliner By Taylor Armerding Tags: Software Integrity, Security News & Research, Compliance, Public Sector
Nov 28, 2018/4 min read Air gaps in ICS going, going … and so is security By Taylor Armerding Tags: Software Integrity, Security News & Research
Nov 19, 2018/2 min read Should I include CSRF protection on a login form? By Synopsys Editorial Team Tags: DAST, Software Integrity, Build Secure Software
Nov 15, 2018/6 min read WPA2 encryption bypass: Using Defensics to uncover behavioral vulnerabilities By Tuomo Untinen Tags: Software Integrity, Fuzzing, Build Secure Software, Compliance
Nov 14, 2018/1 min read CyRC Vulnerability Advisory: CVE-2018-18907 authentication bypass vulnerability in D-Link DIR-850L wireless router By Synopsys Cybersecurity Research Center Tags: Software Integrity, Fuzzing, Security News & Research, Compliance
Nov 14, 2018/5 min read Don’t expect jailed CEOs, but Wyden at least puts consumer privacy on the table By Taylor Armerding Tags: Software Integrity, Security News & Research, Compliance, Public Sector
Nov 13, 2018/1 min read Today I Learned: Using SCSS in your Vue Components By Synopsys Editorial Team Tags: DAST, Software Integrity, Build Secure Software
Nov 11, 2018/3 min read GPLv2 and the right to cure By Matt Jacobs Tags: Software Integrity, OSS License Compliance
Nov 08, 2018/6 min read Threats obvious, but electronic voting systems remain insecure By Taylor Armerding Tags: Software Integrity, Security News & Research, Public Sector
Nov 06, 2018/2 min read Shared responsibility model: Who owns cloud security? By Synopsys Editorial Team Tags: Software Integrity, Cloud Security, Manage Security Risks
Oct 23, 2018/5 min read Lance Spitzner: How to secure the human operating system | NCSAM at Synopsys By Taylor Armerding Tags: Software Integrity, Security News & Research, Training
Oct 11, 2018/2 min read Automation: One of the keys to DevSecOps By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, Program Strategy & Planning, DevSecOps, Manage Security Risks
Oct 09, 2018/2 min read Why you need to perform open source due diligence in an M&A transaction By Fred Bals Tags: M&A, Software Integrity, OSS License Compliance
Oct 05, 2018/4 min read Shield your home from spies | NCSAM at Synopsys By Amit Sethi Tags: Software Integrity, Security News & Research, Training
Sep 30, 2018/3 min read CVE-2018-11776 and why you need Black Duck Security Advisories By Fred Bals Tags: SCA, Software Integrity, Security News & Research
Sep 26, 2018/3 min read How and why business is migrating to the cloud By Taylor Armerding Tags: Software Integrity, Cloud Security, Manage Security Risks
Sep 22, 2018/4 min read Tineola: Taking a bite out of enterprise blockchain By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Sep 14, 2018/6 min read Let’s write more CodeXM checkers (second-stage ignition) By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, SAST
Sep 12, 2018/3 min read The IoT within us: Network-connected medical devices By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Medical Devices, Internet of Things, Healthcare
Sep 11, 2018/1 min read What’s so special about zero-day vulnerabilities? By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Sep 05, 2018/2 min read A Quick Guide to the Complex: Ecto.Multi By Synopsys Editorial Team Tags: DAST, Software Integrity, Build Secure Software
Sep 04, 2018/4 min read These hacks brought to you by ‘leaky’ APIs By Taylor Armerding Tags: Software Integrity, Security News & Research, Web AppSec, Manage Security Risks
Aug 28, 2018/2 min read CVE-2018-11776: The latest Apache Struts vulnerability By Fred Bals Tags: SCA, Software Integrity, Security News & Research, CyRC
Aug 28, 2018/3 min read The intersection between IAST and SCA and why you need both in your security toolkit By Tim Mackey Tags: SCA, Agile, CI/CD, Software Integrity, Build Secure Software, IAST, Manage Security Risks
Aug 26, 2018/3 min read Securing applications with Coverity’s static analysis results By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, Security News & Research, SAST
Aug 19, 2018/2 min read Integrating Coverity static analysis into development workflows By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, Build Secure Software, SAST
Aug 14, 2018/3 min read The Apache Software Foundation can take a joke, but not when it comes to licensing By Phil Odence Tags: Software Integrity, Manage Security Risks, OSS License Compliance
Aug 14, 2018/2 min read The AppSec alphabet soup: A guide to SAST, IAST, DAST, and RASP By Fred Bals Tags: Software Integrity, IAST, SAST, Web AppSec, Manage Security Risks
Aug 10, 2018/5 min read How to help your medical devices meet the UL (and FDA) standard By Taylor Armerding Tags: Software Integrity, Security News & Research, Medical Devices, Healthcare
Aug 01, 2018/3 min read Slim Docker Images for Rails By Synopsys Editorial Team Tags: DAST, Software Integrity, Build Secure Software
Jul 31, 2018/2 min read LifeLock lesson—Third party security is your security By Tim Mackey Tags: Software Integrity, Security News & Research, Software Supply Chain, Compliance
Jul 27, 2018/4 min read SingHealth hit with ‘unprecedented’ cyber attack By Taylor Armerding Tags: Software Integrity, Security News & Research, Healthcare
Jul 23, 2018/5 min read FDA adopts UL 2900-2-1, improves cyber security of connected medical devices By Taylor Armerding Tags: Software Integrity, Security News & Research, Medical Devices, Healthcare
Jul 20, 2018/4 min read Remediating XSS: Does a single fix work? By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Build Secure Software, Web AppSec, Manage Security Risks
Jul 14, 2018/2 min read How RASP complements application security testing to minimize risk By Synopsys Editorial Team Tags: Software Integrity, IAST, Web AppSec, Manage Security Risks
Jul 10, 2018/9 min read Common security challenges in CI/CD workflows By Meera Rao Tags: Agile, CI/CD, Software Integrity, SAST, Manage Security Risks
Jul 01, 2018/4 min read Vulnerable routers are still out there—and hackers are noticing By Taylor Armerding Tags: Software Integrity, Security News & Research, SAST, Internet of Things
Jun 14, 2018/3 min read The what, why, and who of runtime application self-protection (RASP) By Synopsys Editorial Team Tags: Software Integrity, Web AppSec, Manage Security Risks
Jun 06, 2018/2 min read 5 DevSecOps essentials and how to achieve them By Synopsys Editorial Staff Tags: Agile, CI/CD, Software Integrity, Security News & Research, DevSecOps
May 25, 2018/3 min read How does the TeenSafe data leak present a classic false sense of security? By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Cloud Security
May 07, 2018/9 min read How to integrate SAST into the DevSecOps pipeline in 5 simple steps By Meera Rao Tags: Agile, CI/CD, Software Integrity, Build Secure Software, DevSecOps, SAST
Apr 30, 2018/4 min read 8 takeaways from NIST’s Application Container Security Guide By Tim Mackey Tags: Agile, CI/CD, Software Integrity, Security News & Research, Container Security
Apr 12, 2018/2 min read Data breaches and more data breaches—oh my! By Tim Mackey Tags: Software Integrity, Security News & Research, Compliance
Apr 03, 2018/7 min read How to break car kits with Bluetooth fuzz testing By Pekka Oikarainen Tags: Software Integrity, Fuzzing, Manage Security Risks, Automotive
Apr 03, 2018/5 min read IMF wants to pierce the blockchain anonymity veil By Taylor Armerding Tags: Software Integrity, Security News & Research, Financial Services
Apr 02, 2018/5 min read Using containers? What’s hidden in your container images? By Tim Mackey Tags: Software Integrity, Manage Security Risks, Container Security
Mar 26, 2018/56 min read Cracking XenForo corpuses: An unsupported sha256(sha256($pass).$salt) hash type By Travis Biehn Tags: Software Integrity, Build Secure Software, Training
Mar 21, 2018/8 min read Detecting Spectre vulnerability exploits with static analysis By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, SAST
Mar 21, 2018/6 min read Weighing the pros and cons of open sourcing election software By Tim Mackey Tags: Software Integrity, Public Sector
Mar 18, 2018/3 min read What’s the difference between agile, CI/CD, and DevOps? By John Steven Tags: Agile, CI/CD, Software Integrity, Build Secure Software
Mar 16, 2018/6 min read Still just recommendations, not regulation, for IoT security By Taylor Armerding Tags: Software Integrity, Security News & Research, Compliance, Internet of Things, Public Sector
Mar 04, 2018/4 min read Closing the CVE gap still a work in progress By Taylor Armerding Tags: Software Integrity, Security News & Research
Mar 01, 2018/3 min read The GitHub Memcached DDoS: It shouldn't have happened | Synopsys By Taylor Armerding Tags: Software Integrity, Security News & Research
Feb 26, 2018/ Subscribe to stay on top of the latest in software security By Synopsys Editorial Team Tags: Software Integrity
Feb 19, 2018/4 min read Can Coverity automatically ignore issues in third-party or noncritical code? By Kris Diefenderfer Tags: Software Integrity, Build Secure Software, SAST
Feb 14, 2018/3 min read Small crypto mining attack points to big browser problem By Taylor Armerding Tags: Software Integrity, Security News & Research
Feb 12, 2018/3 min read In an IoT-filled world, be alert in the wake of ‘Hide and Seek’ By Taylor Armerding Tags: Software Integrity, Security News & Research, Internet of Things
Jan 30, 2018/5 min read Migrating to Docker on Black Duck By Synopsys Editorial Team Tags: SCA, Software Integrity, Build Secure Software, Container Security
Jan 23, 2018/2 min read When software is the company, tech due diligence is critical By Fred Bals Tags: SCA, M&A, Software Integrity, OSS License Compliance
Jan 19, 2018/1 min read Is shadow engineering developing your applications? By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, Security News & Research
Jan 18, 2018/6 min read The Data Protection Directive versus the GDPR: Understanding key changes By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Compliance
Jan 09, 2018/1 min read Manage security risk in GitHub open source projects with CoPilot By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, Security News & Research
Jan 08, 2018/4 min read What does GDPR enforcement mean for your business? By Stephen Gardner Tags: Software Integrity, Security News & Research, Compliance
Jan 02, 2018/3 min read Is breach of the GPL license breach of contract? By Synopsys Editorial Team Tags: Software Integrity, OSS License Compliance
Dec 06, 2017/1 min read PayPal uncovers TIO Networks data breach affecting 1.6 million users By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Nov 29, 2017/7 min read Attacks on TLS vulnerabilities: Heartbleed and beyond By Mantej Singh Rajpal Tags: Software Integrity, Manage Security Risks
Nov 29, 2017/4 min read Navigating responsible vulnerability disclosure best practices By Synopsys Editorial Team Tags: Software Integrity, Fuzzing, AppSec Best Practices, Manage Security Risks
Nov 15, 2017/2 min read It’s time to enlist Security Champions to fuel Agile development By Brendan Sheairs Tags: Agile, CI/CD, Software Integrity, Security News & Research
Nov 13, 2017/2 min read Streamlining development with a DevSecOps life cycle By Apoorva Phadke Tags: Agile, CI/CD, Software Integrity, Build Secure Software, DevSecOps, Manage Security Risks
Nov 01, 2017/4 min read How to proactively protect IoT devices from DDoS attacks By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Oct 17, 2017/2 min read KRACK: Examining the WPA2 protocol flaw and what it means for your business By Mantej Singh Rajpal Tags: Software Integrity, Security News & Research
Oct 17, 2017/5 min read ROCA: Cryptographic flaws in BitLocker, Secure Boot, and millions of smartcards By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Oct 14, 2017/3 min read What is cloud-native container security? By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, Security News & Research, Cloud Security
Oct 12, 2017/1 min read Black Duck and Google Grafeas: Improving container visibility and security By Synopsys Editorial Team Tags: SCA, Agile, CI/CD, Software Integrity, Container Security
Oct 03, 2017/4 min read Examining Apache Struts remote code execution vulnerabilities By Christopher Fearon Tags: Software Integrity, Security News & Research
Sep 29, 2017/5 min read How to implement security measures without negatively affecting software quality By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Sep 21, 2017/3 min read Why do companies need a software security program? By Synopsys Editorial Team Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks
Sep 15, 2017/3 min read Equifax, Apache Struts, and CVE-2017-5638 vulnerability By Fred Bals Tags: Software Integrity, Security News & Research, Software Supply Chain, Manage Security Risks
Sep 14, 2017/5 min read Pandora’s box: Exploits show package manager blind spots By Damon Weinstein Tags: Software Integrity, Manage Security Risks
Sep 13, 2017/3 min read So Apache broke up with Facebook. How does that affect you? By Synopsys Editorial Team Tags: M&A, Software Integrity, Security News & Research, OSS License Compliance
Sep 13, 2017/3 min read CVE-2017-5638: The Apache Struts vulnerability explained By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Sep 12, 2017/3 min read What you need to know about BlueBorne Bluetooth flaws By Synopsys Editorial Team Tags: Software Integrity, Fuzzing, Security News & Research, SAST, Internet of Things
Sep 10, 2017/3 min read Synopsys finds 3 Linux kernel vulnerabilities By Synopsys Editorial Team Tags: Software Integrity, Fuzzing, Security News & Research
Sep 10, 2017/6 min read Did lack of visibility into Apache Struts lead to the Equifax breach? By Patrick Carey Tags: Software Integrity, Security News & Research, Software Supply Chain, Manage Security Risks
Sep 08, 2017/3 min read What can your firm learn from the unfolding Equifax hack? By Amit Sethi Tags: Software Integrity, Security News & Research
Sep 05, 2017/2 min read “Easy” to hack Apache Struts vulnerability CVE-2017-9805 By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Sep 05, 2017/6 min read A journey through the secure software development life cycle phases By Synopsys Editorial Team Tags: Software Integrity, Program Strategy & Planning, Threat & Risk Assessment, Threat Modeling, Manage Security Risks
Aug 28, 2017/4 min read DEF CON 25 exposes voting system vulnerabilities By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Public Sector
Aug 22, 2017/1 min read Hub Detect: Comprehensive open source scanning By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Aug 15, 2017/3 min read Scan nirvana: Hub Detect for all native build and CI tools By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software
Aug 14, 2017/2 min read The quietly accelerating adoption of the AGPL By Phil Odence Tags: Software Integrity, OSS License Compliance
Jul 17, 2017/4 min read Insecure example code leads to insecure production code By Mike Lyman Tags: Software Integrity, Security News & Research, Training
Jul 07, 2017/3 min read Is threat modeling compatible with Agile and DevSecOps? By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, Threat Modeling, Manage Security Risks
Jul 06, 2017/8 min read Building your DevSecOps pipeline: 5 essential activities By Meera Rao Tags: Agile, CI/CD, Software Integrity, Build Secure Software
Jun 21, 2017/2 min read 3 permissive licenses and why they deserve a little respect By Synopsys Editorial Team Tags: M&A, Software Integrity, OSS License Compliance
Jun 20, 2017/4 min read A primer on protecting keys and secrets in Microsoft Azure By Sakthi Mohan Tags: Software Integrity, Build Secure Software, Manage Security Risks
Jun 12, 2017/3 min read Introducing Black Duck CoPilot By Patrick Carey Tags: Agile, CI/CD, Software Integrity, Security News & Research, Cloud Security
Jun 06, 2017/4 min read Security topics every software developer should know By Apoorva Patankar Tags: Software Integrity, Build Secure Software, Training
Jun 05, 2017/2 min read Encryption technology in your code impacts export requirements By Phil Odence Tags: Software Integrity, Security News & Research
May 30, 2017/3 min read Why should every eCommerce website have an SSL certificate? By Jamie Boote Tags: Software Integrity, Web AppSec, Manage Security Risks
May 29, 2017/2 min read 4 key differences moving from Java to .NET Core By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
May 24, 2017/2 min read When should threat modeling take place in the SDLC? By Synopsys Editorial Team Tags: Software Integrity, Threat Modeling, Manage Security Risks
May 16, 2017/2 min read Node.js: Preventing common vulnerabilities in the MEAN stack By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, Web AppSec, Manage Security Risks
May 08, 2017/5 min read AngularJS: Preventing common vulnerabilities in the MEAN stack By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, Web AppSec
May 07, 2017/3 min read DoublePulsar continues to expose older Windows boxes: What you need to know By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
May 07, 2017/2 min read .NET component vulnerability analysis in production By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, Security News & Research
May 01, 2017/3 min read Heartbleed: OpenSSL vulnerability lives on By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Apr 27, 2017/3 min read What are the signs your web application has been hacked? By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Apr 20, 2017/2 min read ExpressJS: Preventing common vulnerabilities in the MEAN stack (Part 1) By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, Web AppSec, Manage Security Risks
Apr 18, 2017/4 min read How to mitigate third-party security risks By Synopsys Editorial Team Tags: Software Integrity, Program Strategy & Planning, Threat & Risk Assessment, Manage Security Risks
Apr 13, 2017/5 min read MongoDB: Preventing common vulnerabilities in the MEAN stack By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, Web AppSec
Apr 11, 2017/5 min read Top 10 free pen tester tools By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Pen Testing, Web AppSec, Manage Security Risks
Apr 04, 2017/7 min read Attributes of secure web application architecture By Synopsys Editorial Team Tags: Software Integrity, Program Strategy & Planning, Build Secure Software, Web AppSec, Manage Security Risks
Apr 04, 2017/3 min read Cloudera IPO: Risk for cyber attacks, lawsuits, and loss of IP? By Fred Bals Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance
Mar 27, 2017/4 min read Top 4 software development methodologies By Synopsys Editorial Team Tags: Agile, CI/CD, Software Integrity, Build Secure Software
Mar 27, 2017/4 min read Vulnerability remediation: You only have 4 options By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, Training
Mar 26, 2017/4 min read Does software quality equal software security? It depends By Synopsys Editorial Team Tags: SCA, Software Integrity, Fuzzing, Compliance, Manage Security Risks
Mar 22, 2017/4 min read Forging a SHA-1 MAC using a length-extension attack in Python By Mantej Singh Rajpal Tags: Software Integrity, Build Secure Software, Web AppSec
Mar 22, 2017/6 min read Swift: Close to greatness in programming language design, Part 2 By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, SAST
Mar 21, 2017/3 min read Vulnerability management and triage in 3 steps By Synopsys Editorial Team Tags: Software Integrity, AppSec Best Practices, Manage Security Risks
Mar 18, 2017/2 min read CVE-2017-2636 strikes Linux kernel with double free vulnerability By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Mar 09, 2017/3 min read New Apache Struts 2 zero-day vulnerability: What you need to know By Meera Rao Tags: SCA, Software Integrity, Security News & Research
Mar 01, 2017/2 min read Howard Schmidt, the United States’ first Cybersecurity Czar, has died By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Public Sector
Feb 27, 2017/4 min read Responsible disclosure on a timetable By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Healthcare
Feb 23, 2017/11 min read AngularJS security series part 1: Angular $http service By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, Training, Web AppSec
Feb 23, 2017/6 min read What is dual licensing? 3 software licensing models to consider By Matt Jacobs Tags: M&A, Software Integrity, OSS License Compliance
Feb 22, 2017/3 min read Cloudbleed, like Heartbleed, may affect millions By Synopsys Editorial Team Tags: Software Integrity, Fuzzing, Security News & Research, Cloud Security, Manage Security Risks
Feb 17, 2017/3 min read Moving beyond ‘moving left’: The case for developer enablement By Jim Ivers Tags: Software Integrity, Training, Manage Security Risks
Feb 16, 2017/2 min read Examining vulnerability criticality when risk ranking vulnerabilities By Synopsys Editorial Team Tags: Software Integrity, Manage Security Risks
Feb 07, 2017/8 min read How to detect, prevent, and mitigate buffer overflow attacks By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, SAST
Jan 31, 2017/3 min read An overview of open standards for IoT communication protocols By Synopsys Editorial Team Tags: Software Integrity, Compliance, Internet of Things
Jan 23, 2017/2 min read 3 things to consider when risk ranking your applications By Synopsys Editorial Team Tags: Software Integrity, Threat & Risk Assessment, Threat Modeling, Manage Security Risks
Jan 11, 2017/3 min read How much do bugs cost to fix during each phase of the SDLC? By Arvinder Saini Tags: Software Integrity, Build Secure Software, Threat & Risk Assessment, Pen Testing, IAST, Manage Security Risks
Dec 27, 2016/8 min read AngularJS 1.6: Life outside the sandbox By David Johansson Tags: Software Integrity, Security News & Research
Dec 14, 2016/2 min read How to prevent SQL injection attacks: A cheat sheet By Jamie Boote Tags: Software Integrity, Build Secure Software, SAST, Manage Security Risks
Dec 08, 2016/3 min read The fly in the ointment of the JSON license By Synopsys Editorial Team Tags: Software Integrity, OSS License Compliance
Nov 28, 2016/4 min read 5 reasons to use third-party authentication instead of creating your own By Synopsys Editorial Staff Tags: Software Integrity, Build Secure Software, Compliance, SAST
Nov 28, 2016/3 min read Here are the top 10 best practices for securing Android apps By Synopsys Editorial Team Tags: Software Integrity, AppSec Best Practices, Mobile, Training, Manage Security Risks
Nov 21, 2016/4 min read Hearts and minds: Culture management vs. human resources By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Nov 19, 2016/5 min read Sweet32: Time to retire 3DES? By Amit Sethi Tags: Software Integrity, Build Secure Software
Nov 14, 2016/1 min read Set up a software security group in 5 steps By Synopsys Editorial Team Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks
Nov 12, 2016/7 min read How to respond to application security incidents By Synopsys Editorial Team Tags: Software Integrity, Manage Security Risks
Nov 08, 2016/5 min read Abuse cases: How to think like a hacker By Synopsys Editorial Staff Tags: Software Integrity, Build Secure Software
Nov 07, 2016/5 min read How to choose between closed source and open source software By Jamie Boote Tags: Software Integrity, Build Secure Software, SAST
Nov 06, 2016/5 min read OSS warranties and indemnities in technology transactions By Synopsys Editorial Team Tags: M&A, Software Integrity, OSS License Compliance
Nov 05, 2016/4 min read How to create an open source management policy By Matt Jacobs Tags: Software Integrity, OSS License Compliance
Nov 05, 2016/2 min read Synopsys expands security signoff solution with Cigital and Codiscope acquisition By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Manage Security Risks
Oct 24, 2016/3 min read Dyn DDoS attack: IoT vulnerabilities By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Internet of Things
Oct 21, 2016/2 min read The pursuit of Hapi-ness: 5 must-have Hapi security plugins By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Oct 19, 2016/4 min read Brace yourselves: Application transport security is coming By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Mobile
Oct 19, 2016/3 min read Vulnerability management: Designing severity risk ranking systems By Synopsys Editorial Team Tags: Software Integrity, Fuzzing, Security News & Research
Oct 14, 2016/3 min read Open source security management: A question of when, not whether By Synopsys Editorial Team Tags: DAST, Software Integrity, Security News & Research, SAST
Oct 12, 2016/5 min read Why isn’t cyber security taught in schools? By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Training
Oct 05, 2016/4 min read Guide to open source licenses By Synopsys Editorial Team Tags: M&A, Software Integrity, OSS License Compliance
Sep 26, 2016/2 min read Identifying and resolving software vulnerabilities: A balancing act By Synopsys Editorial Team Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks
Sep 24, 2016/1 min read AAMI TIR57 recognized by the FDA as a foundational cybersecurity standard for medical devices By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Compliance, Medical Devices
Sep 21, 2016/2 min read Why there are at least 6,000 vulnerabilities without CVE-IDs By Synopsys Editorial Team Tags: Software Integrity, Security News & Research
Sep 19, 2016/6 min read AGPL: Out of the shadows By Synopsys Editorial Team Tags: M&A, Software Integrity, Security News & Research, OSS License Compliance
Sep 15, 2016/1 min read Software testing included in final ISA / IEC 62443-4-1 By Synopsys Editorial Team Tags: Software Integrity, Security News & Research, Compliance
Sep 14, 2016/3 min read The greatest security vulnerability: Humans By Sakthi Mohan Tags: Software Integrity, Security News & Research
Sep 07, 2016/2 min read The Complete Security Vulnerability Assessment Checklist By Synopsys Editorial Team Tags: Software Integrity, Threat & Risk Assessment, Web AppSec, Manage Security Risks
Sep 05, 2016/2 min read Heartbleed bug: How it works and how to avoid similar bugs By Anil Gajawada Tags: Software Integrity, Web AppSec, Manage Security Risks
Sep 01, 2016/3 min read Recognizing Another Type of Threat: Non-targeted Attacks By Synopsys Editorial Team Tags: Software Integrity, Manage Security Risks
Aug 24, 2016/3 min read 4 ineffective security controls that leave you with a false sense of security By Synopsys Editorial Team Tags: Software Integrity, Build Secure Software, Training