Sorry, not available in this language yet

Software Integrity

Tags for Software Integrity Resource center

717

Stories

Writers

Top Writers

Synopsys Editorial Team

Taylor Armerding

Fred Bals

Last Published

Apr 20, 2024/5 min read

Building a software Bill of Materials with Black Duck

By Mike McGuire

Tags: SCA, Software Integrity, Secure the Software Supply Chain, Compliance

Apr 11, 2024/5 min read

Top 10 free pen tester tools

By Natalie Lightner

Tags: Software Integrity, Security News & Trends, Pen Testing, Web AppSec, Manage Security Risks

Apr 09, 2024/4 min read

Securing the software supply chain with Black Duck Supply Chain Edition

By Mike McGuire

Tags: SCA, Software Integrity, Secure the Software Supply Chain

Apr 08, 2024/2 min read

Managing risk at scale

By Charlotte Freeman

Tags: Software Integrity, Manage Security Risks

Apr 08, 2024/5 min read

What is the Xz Utils Backdoor : Everything you need to know about the supply chain attack

By Fred Bals

Tags: Software Integrity, Secure the Software Supply Chain

Apr 03, 2024/2 min read

SANS report: Securing the shifting landscape of application development

By Charlotte Freeman

Tags: Software Integrity, Manage Security Risks

Apr 01, 2024/8 min read

Top open source licenses and legal risk for developers

By Fred Bals

Tags: SCA, Software Integrity, OSS License Compliance

Mar 31, 2024/8 min read

How to detect, prevent, and mitigate buffer overflow attacks

By Natalie Lightner

Tags: Software Integrity, Build Security into DevOps, SAST

Mar 29, 2024/7 min read

Guide to updating from NIST CSF 1.1 to 2.0

By John Waller

Tags: Software Integrity, Cloud Security, Manage Security Risks

Mar 24, 2024/5 min read

Top 4 software development methodologies

By Mike McGuire

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps, DevSecOps

Mar 22, 2024/1 min read

AppSec Decoded: Open source trends uncovered in the 2024 OSSRA report

By Taylor H Armerding

Tags: SCA, Software Integrity, Secure the Software Supply Chain

Mar 21, 2024/5 min read

Five types of software licenses you need to understand

By Phil Odence

Tags: Software Integrity, OSS License Compliance

Mar 21, 2024/2 min read

CyRC Vulnerability Advisory: CVE-2023-7060 Missing Security Control in Zephyr OS IP Packet Handling

By Kari Hulkko

Tags: Software Integrity, Fuzzing, CyRC

Mar 19, 2024/3 min read

Introducing fAST Dynamic: Streamlining dynamic application security testing

By Vishrut Iyengar

Tags: DAST, Software Integrity, Security News & Trends, Build Security into DevOps

Mar 19, 2024/4 min read

2024 OSSRA report: Open source license compliance remains problematic

By Fred Bals

Tags: Artificial Intelligence, Software Integrity, Manage Security Risks, OSS License Compliance

Mar 18, 2024/8 min read

Six Python security best practices for developers

By Boris Cipot

Tags: Software Integrity, Build Security into DevOps, AppSec Best Practices, Training

Mar 18, 2024/3 min read

SAST vs. DAST: What’s the best method for application security testing?

By Apoorva Phadke

Tags: DAST, Software Integrity, Build Security into DevOps, SAST, Web AppSec

Mar 18, 2024/5 min read

Considerations before moving away from native apps

By Vineeta Sangaraju

Tags: Software Integrity, Mobile, SAST

Mar 17, 2024/5 min read

What is a software bill of materials?

By Fred Bals

Tags: SCA, Software Integrity, Secure the Software Supply Chain

Mar 16, 2024/3 min read

CVE-2017-5638: The Apache Struts vulnerability explained

By Fred Bals

Tags: Software Integrity, Security News & Trends, Secure the Software Supply Chain

Mar 12, 2024/2 min read

Attesting to secure software development practices

By Tim Mackey

Tags: SCA, Software Integrity, Secure the Software Supply Chain, Manage Security Risks

Mar 06, 2024/4 min read

2024 OSSRA Report: Outdated code risk in open source components

By Fred Bals

Tags: Software Integrity, Security News & Trends, Secure the Software Supply Chain, Manage Security Risks

Mar 05, 2024/6 min read

Synopsys and GenAI

By Jim Ivers

Tags: SCA, Artificial Intelligence, Software Integrity

Mar 04, 2024/4 min read

The Synopsys integrated DevSecOps playbook: Steps for successful DevSecOps

By Steven Zimmerman

Tags: Software Integrity, Build Security into DevOps, DevSecOps

Feb 27, 2024/5 min read

2024 Open Source Security and Risk Analysis Report

By Fred Bals

Tags: SCA, Software Integrity, Security News & Trends, Secure the Software Supply Chain

Feb 21, 2024/1 min read

The cybersecurity landscape - A discussion of future state and AI with Dr. Lisa Bradley

By Sammy Migues

Tags: Artificial Intelligence, Software Integrity, Build Security into DevOps, DevSecOps

Feb 21, 2024/3 min read

Navigating complexity in AppSec

By Charlotte Freeman

Tags: Artificial Intelligence, Software Integrity, Build Security into DevOps

Feb 19, 2024/3 min read

How AI is changing software’s role in the SDLC

By Charlotte Freeman

Tags: Artificial Intelligence, Software Integrity, Manage Security Risks

Feb 13, 2024/2 min read

DevSecOps best practices

By Steven Zimmerman

Tags: Software Integrity, Build Security into DevOps, DevSecOps

Feb 09, 2024/1 min read

Test mode enhancements to Defensics fuzz testing

By Andy Pan

Tags: Software Integrity, Fuzzing, Manage Security Risks

Feb 07, 2024/3 min read

Container security essentials

By Charlotte Freeman

Tags: Software Integrity, Build Security into DevOps, Cloud Security, Container Security

Feb 07, 2024/2 min read

AppSec Decoded: How to implement security in DevOps

By Steven Zimmerman

Tags: Software Integrity, Build Security into DevOps, DevSecOps

Jan 31, 2024/2 min read

How to generate a software bill of materials

By Mike McGuire

Tags: Software Integrity, Secure the Software Supply Chain, Manage Security Risks

Jan 29, 2024/2 min read

AppSec Decoded:Tips for reaching DevSecOps maturity

By Taylor Armerding

Tags: Software Integrity, DevSecOps

Jan 23, 2024/3 min read

Mobile app security testing and development at the speed your business demands

By Corey Hamilton

Tags: Software Integrity, Mobile

Jan 16, 2024/3 min read

Mergers and acquisitions insurance

By Steven Power

Tags: M&A, Software Integrity

Jan 08, 2024/1 min read

CyRC Vulnerability Advisory: CVE-2023-51448 Blind SQL Injection in SNMP Notification Receivers

By Matthew Hogg

Tags: Software Integrity, CyRC

Jan 04, 2024/2 min read

DevSecOps practices to maintain developer velocity

By Fred Bals

Tags: Software Integrity, DevSecOps, Manage Security Risks

Dec 14, 2023/3 min read

Consolidating effort for enhanced application security

By Shandra Gemmiti

Tags: Software Integrity, DevSecOps, Manage Security Risks

Dec 13, 2023/4 min read

Making intelligent tradeoffs in software due diligence

By Phil Odence

Tags: SCA, M&A, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance

Dec 08, 2023/5 min read

Demystifying CVSS Scoring

By Mike McGuire

Tags: SCA, Software Integrity

Dec 07, 2023/2 min read

Synopsys named as a Customers’ Choice in the 2023 Gartner® Peer Insights™ Voice of the Customer for Application Security Testing

By Natalie Lightner

Tags: Software Integrity, Security News & Trends

Dec 05, 2023/4 min read

BSIMM14: Trends and recommendations to help improve your software security program

By Charlotte Freeman

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks

Dec 04, 2023/3 min read

Shifting everywhere: The importance of continuous testing in the software development life cycle

By Fred Bals

Tags: Software Integrity, DevSecOps

Nov 27, 2023/4 min read

Consolidate security tools and vendors to enhance risk management

By Shandra Gemmiti

Tags: Software Integrity, Build Security into DevOps, Manage Security Risks

Nov 21, 2023/5 min read

Audited vs. automated: What your automated open source tool isn't seeing

By Susan Miller, Don Mulrenan, Rich Kosinski

Tags: SCA, M&A, Software Integrity, Build Security into DevOps, OSS License Compliance

Nov 20, 2023/1 min read

Building Security in Podcast: Cloud, AI, and quantum computing

By Sammy Migues

Tags: Artificial Intelligence, Software Integrity, DevSecOps, Cloud Security

Nov 14, 2023/3 min read

Software Vulnerability Snapshot Report Findings

By Fred Bals

Tags: DAST, Software Integrity, Security News & Trends, Pen Testing, Web AppSec

Nov 14, 2023/4 min read

Why cross-site scripting still matters

By Charlotte Freeman

Tags: Software Integrity, Program Strategy & Planning, Build Security into DevOps, AppSec Best Practices, Web AppSec, Manage Security Risks

Nov 07, 2023/7 min read

Critical aspects of a secure software supply chain

By Mike McGuire

Tags: Software Integrity, Secure the Software Supply Chain

Oct 30, 2023/6 min read

Secure cloud-native apps and APIs at the speed your business demands

By Kimm Yeo

Tags: Software Integrity, Build Security into DevOps, IAST, Cloud Security, Manage Security Risks

Oct 27, 2023/3 min read

SBOMs and SPDX: Now and in the future

By Gary O’Neall

Tags: M&A, Software Integrity, Secure the Software Supply Chain, OSS License Compliance

Oct 23, 2023/7 min read

Bridging the gap between pentesting and automated scanners with business logic assessments

By Vishrut Iyengar

Tags: Software Integrity, Manage Security Risks

Oct 18, 2023/2 min read

DevSecOps Report: ASPM and its impact on software security

By Fred Bals

Tags: Software Integrity, Security News & Trends, DevSecOps

Oct 13, 2023/3 min read

The hidden business risks of technical debt in mergers and acquisitions

By Phil Odence

Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance

Oct 12, 2023/1 min read

Building Security In Podcast: Future State Challenges

By Sammy Migues

Tags: Software Integrity, DevSecOps

Oct 11, 2023/4 min read

How to respond to the curl and libcurl vulnerabilities

By Matthew Hogg

Tags: Software Integrity, Security News & Trends, CyRC, Manage Security Risks

Oct 10, 2023/2 min read

Deep Dive: 2023 Global State of DevSecOps Report

By Fred Bals

Tags: Software Integrity, Security News & Research, DevSecOps

Oct 09, 2023/2 min read

Preparing for critical libcurl and curl vulnerabilities (CVE-2023-38545)

By Mike McGuire

Tags: Software Integrity, Security News & Trends, Manage Security Risks

Oct 04, 2023/8 min read

CyRC Vulnerability Analysis: XML external entity injection vulnerability in OpenNMS

By Moshe Apelbaum

Tags: Software Integrity, CyRC, Manage Security Risks

Sep 26, 2023/4 min read

Integrations to elevate your DevSecOps program

By Charlotte Freeman

Tags: Software Integrity, DevSecOps, Manage Security Risks

Sep 21, 2023/3 min read

From diligence to integration: How software audits inform post-close M&A strategies

By Phil Odence

Tags: M&A, Software Integrity, OSS License Compliance

Sep 20, 2023/1 min read

Defensics extends fuzzing capabilities for IoT markets

By Andy Pan

Tags: Software Integrity, Fuzzing, Security News & Trends

Sep 19, 2023/3 min read

Forrester recognizes Synopsys as a Leader in static application security testing

By Corey Hamilton

Tags: Software Integrity, Security News & Trends, SAST

Sep 19, 2023/4 min read

Automate security: DevOps integrations for risk detection and remediation

By Charlotte Freeman

Tags: Software Integrity, Build Security into DevOps, DevSecOps

Sep 18, 2023/5 min read

National Coding Week: Closing the skills gap with secure code training

By Taylor Armerding

Tags: Software Integrity, Build Security into DevOps, Training, DevSecOps

Sep 08, 2023/2 min read

Black Duck audits reporting update: Streamlined view of risks and remediation steps

By Phil Odence

Tags: M&A, Software Integrity, Compliance

Sep 07, 2023/5 min read

How to safeguard your AI ecosystem: The imperative of AI/ML security assessments

By John Waller

Tags: Artificial Intelligence, Software Integrity, Build Security into DevOps, DevSecOps

Sep 05, 2023/2 min read

CyRC Vulnerability Advisory: CVE-2023-2453 Local File Inclusion in Forum Infusion and CVE-2023-4480 Arbitrary File Read in Fusion File Manager

By Matthew Hogg

Tags: Software Integrity, CyRC

Aug 31, 2023/5 min read

What capabilities are critical to the success of your AppSec program?

By Patrick Carey

Tags: Software Integrity, Security News & Trends, Build Security into DevOps, Secure the Software Supply Chain, Manage Security Risks

Aug 30, 2023/3 min read

The SANS report: The dynamics of DevSecOps

By Charlotte Freeman

Tags: Software Integrity, Security News & Trends, DevSecOps

Aug 25, 2023/4 min read

The parallels of AI and open source in software development

By Phil Odence

Tags: M&A, Artificial Intelligence, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance

Aug 24, 2023/7 min read

How to make the future IoT more secure

By Taylor Armerding

Tags: Software Integrity, Build Security into DevOps, Pen Testing, Training, Internet of Things

Aug 22, 2023/1 min read

Building Security In Podcast: New strategies for managing risk

By Synopsys Editorial Team

Tags: Software Integrity, DevSecOps

Aug 16, 2023/6 min read

Solving cross-platform DevSecOps challenges with Synopsys

By Synopsys Editorial Team

Tags: Software Integrity, DevSecOps

Aug 16, 2023/2 min read

Eliminate false positives with WhiteHat Dynamic

By Charlotte Freeman

Tags: DAST, Software Integrity, Manage Security Risks

Aug 15, 2023/1 min read

CyRC Vulnerability Advisory: CVE-2023-0871 Vulnerability in OpenNMS Horizon

By Synopsys Editorial Team

Tags: Software Integrity, CyRC

Aug 11, 2023/1 min read

The rise of AI in software development

By Phil Odence

Tags: M&A, Artificial Intelligence, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance

Aug 10, 2023/5 min read

Introducing Synopsys AI code analysis API

By Natalie Lightner

Tags: SCA, Artificial Intelligence, Software Integrity, Manage Security Risks, OSS License Compliance

Aug 08, 2023/2 min read

Synopsys and NowSecure join forces

By Vishrut Iyengar

Tags: Software Integrity, Mobile

Aug 08, 2023/3 min read

Developer-first security to prevent downstream risks

By Steven Zimmerman

Tags: Software Integrity

Aug 01, 2023/3 min read

Simplify AppSec program management with Software Risk Manager

By Natasha Gupta

Tags: Software Integrity, DevSecOps, Orchestration & Correlation

Jul 28, 2023/3 min read

Software due diligence for PE & VC investors

By Zvi Levitas

Tags: M&A, Software Integrity, Compliance, OSS License Compliance

Jul 25, 2023/1 min read

Compliance? WhiteHat™ Dynamic has you covered

By Charlotte Freeman

Tags: DAST, Software Integrity, Manage Security Risks

Jul 24, 2023/3 min read

Avoiding pitfalls when integrating AppSec for DevOps

By Charlotte Freeman

Tags: Software Integrity, DevSecOps

Jul 17, 2023/2 min read

The Polaris platform is redefining secure development

By Charlotte Freeman

Tags: Software Integrity, DevSecOps, Cloud Security, Manage Security Risks

Jul 16, 2023/1 min read

Building Security In Podcast: Machine Learning + AI

By Synopsys Editorial Team

Tags: Artificial Intelligence, Software Integrity, DevSecOps

Jul 14, 2023/2 min read

Why nontechnical organizations need due diligence

By Don Mulrenan

Tags: M&A, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance

Jul 11, 2023/3 min read

AppSec integrations enable a more secure SDLC

By Charlotte Freeman

Tags: Software Integrity, DevSecOps

Jul 10, 2023/5 min read

Consolidation: The wave of the (AST) future

By Jim Ivers

Tags: Software Integrity, Program Strategy & Planning, DevSecOps, Manage Security Risks

Jul 07, 2023/2 min read

CyRC Vulnerability of the Month: curl

By Black Duck Security Advisory Team

Tags: Software Integrity, Security News & Trends, CyRC

Jul 05, 2023/6 min read

Challenges of interoperability in fuzz testing

By Kari Hulkko

Tags: Software Integrity, Fuzzing

Jun 30, 2023/2 min read

Defending against malicious packages in the npm ecosystem and beyond

By Fred Bals

Tags: SCA, Software Integrity, Manage Security Risks

Jun 27, 2023/8 min read

Creating a well-rounded Microsoft 365 security program

By John Waller

Tags: Software Integrity, Build Security into DevOps, Cloud Security

Jun 26, 2023/6 min read

2023 OSSRA deep dive: High-risk vulnerabilities

By Fred Bals

Tags: Software Integrity, Manage Security Risks, OSS License Compliance

Jun 25, 2023/1 min read

Podcast: The current state of DevOps

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Program Strategy & Planning, AppSec Best Practices, DevSecOps

Jun 23, 2023/1 min read

FDA: SBOMs requirement for connected medical devices

By Julie Courtnay

Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance

Jun 15, 2023/3 min read

Continuous scanning in your production environment is more important than ever

By Vishrut Iyengar

Tags: DAST, Software Integrity, DevSecOps

Jun 11, 2023/3 min read

Forrester recognizes Synopsys as a Leader in software composition analysis

By Mike McGuire

Tags: SCA, Software Integrity, Security News & Trends

Jun 08, 2023/1 min read

AppSec Decoded: Ease of use with Polaris

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, DevSecOps

Jun 08, 2023/4 min read

Software quality: Diligence prep for sellers

By Chris Boyd

Tags: M&A, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance

Jun 05, 2023/4 min read

Enhancing cloud security posture with an effective cloud governance framework

By Natalie Lightner

Tags: Software Integrity, Cloud Security, Manage Security Risks

Jun 01, 2023/1 min read

CyRC Vulnerability Advisory: CVE-2023-32353, Apple iTunes local privilege escalation on Windows

By Zeeshan Shaikh

Tags: Software Integrity, Security News & Trends, CyRC

Jun 01, 2023/3 min read

Fuzz Testing and Medical Devices

By John McShane

Tags: Software Integrity, Fuzzing, Medical Devices

May 31, 2023/1 min read

Synopsys named in 2023 Fortress Cyber Security Awards

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

May 26, 2023/2 min read

Connecting the dots: Development + business risk + due diligence

By Phil Odence

Tags: M&A, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance

May 24, 2023/1 min read

AppSec Decoded: Easy to scale with Polaris

By Synopsys Editorial Staff

Tags: Software Integrity, Build Security into DevOps, DevSecOps

May 22, 2023/3 min read

Synopsys named a Leader in the 2023 Gartner® Magic Quadrant™ for Application Security Testing for the seventh year

By Jason Schmitt

Tags: Software Integrity, Security News & Trends, Build Security into DevOps, Secure the Software Supply Chain, Manage Security Risks

May 17, 2023/4 min read

Detection strategies to unmask the source of malicious code

By Natalie Lightner

Tags: Software Integrity, Build Security into DevOps

May 17, 2023/2 min read

Eliminate malicious code in your software supply chain

By Synopsys Editorial Team

Tags: Software Integrity, Secure the Software Supply Chain

May 11, 2023/2 min read

The importance of software due diligence for private equity firms

By Umer Palla

Tags: M&A, Software Integrity, OSS License Compliance

May 10, 2023/4 min read

2023 OSSRA deep dive: jQuery and open source security

By Fred Bals

Tags: SCA, Software Integrity, Secure the Software Supply Chain, OSS License Compliance

May 08, 2023/1 min read

CRN’s 2023 Women of the Channel Awards list

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

May 07, 2023/6 min read

A deep-dive on Pluck CMS vulnerability CVE-2023-25828

By Matthew Hogg

Tags: Software Integrity, Security News & Trends, CyRC

May 01, 2023/2 min read

CyRC Vulnerability Advisory: CVE-2023-25826 and CVE-2023-25827 in OpenTSDB

By Jamie Harris

Tags: Software Integrity, Security News & Trends, CyRC

Apr 27, 2023/4 min read

Fuzz testing for connected and autonomous vehicles

By Dr. Dennis Kengo Oka

Tags: Software Integrity, Fuzzing, Manage Security Risks, Automotive

Apr 27, 2023/3 min read

Software due diligence in M&A: Key considerations and risks

By Kevin Collins

Tags: M&A, Software Integrity, OSS License Compliance

Apr 25, 2023/1 min read

AppSec Decoded: Evaluating threats with threat modeling risk analysis

By Synopsys Editorial Team

Tags: Software Integrity, Threat Modeling, Manage Security Risks

Apr 25, 2023/6 min read

Cloud detection and response, a key asset for cloud security

By John Waller

Tags: Software Integrity, Cloud Security, Manage Security Risks

Apr 25, 2023/3 min read

Fast application security testing with the Polaris platform

By Charlotte Freeman

Tags: Agile, CI/CD, Software Integrity, DevSecOps, Manage Security Risks

Apr 25, 2023/3 min read

We’re one step closer to knowing how to comply with EO 14028

By Tim Mackey

Tags: Software Integrity, Security News & Trends, Secure the Software Supply Chain, AppSec Best Practices, DevSecOps

Apr 24, 2023/6 min read

Improving software supply chain security for cloud applications and workloads

By Natalie Lightner

Tags: SCA, Software Integrity, Secure the Software Supply Chain, Cloud Security

Apr 20, 2023/5 min read

Friend or foe: AI chatbots in software development

By Taylor Armerding

Tags: Artificial Intelligence, Software Integrity, Security News & Trends, Program Strategy & Planning

Apr 20, 2023/1 min read

AppSec Decoded: Creating an attack model in threat modeling

By Synopsys Editorial Team

Tags: Software Integrity, Threat Modeling, Manage Security Risks

Apr 18, 2023/3 min read

Polaris integrations: Secure development at the speed of business

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, DevSecOps, Manage Security Risks

Apr 13, 2023/2 min read

Black Duck SCA vs. Black Duck Audit Services

By Steven Power

Tags: M&A, Software Integrity, OSS License Compliance

Apr 13, 2023/1 min read

AppSec Decoded: Creating a system model in threat modeling

By Synopsys Editorial Team

Tags: Software Integrity, Threat Modeling, Manage Security Risks

Apr 12, 2023/5 min read

Improving cloud security posture with infrastructure-as-code

By Monika Chakraborty

Tags: Software Integrity, Build Security into DevOps, IAST, Cloud Security

Apr 11, 2023/5 min read

What pen testing can tell you about the health of your SDLC

By Charlotte Freeman

Tags: Software Integrity, Build Security into DevOps, Pen Testing

Apr 03, 2023/1 min read

AppSec Decoded: Scoping + data gathering in threat modeling

By Synopsys Editorial Team

Tags: Software Integrity, Threat Modeling, Manage Security Risks

Apr 03, 2023/4 min read

Polaris: Your no-compromise SaaS AST solution

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, DevSecOps, Manage Security Risks

Apr 01, 2023/1 min read

OWASP Top 10: Security misconfiguration

By Synopsys Cybersecurity Research Center

Tags: Software Integrity, Security News & Trends, CyRC

Mar 26, 2023/2 min read

Synopsys Global Partner Program Receives CRN® 5-Star Rating for Second Consecutive Year

By Fred Bals

Tags: Software Integrity, Security News & Trends

Mar 23, 2023/5 min read

Assessing design quality for better software due diligence

By Ashwin Ala

Tags: M&A, Software Integrity, Manage Security Risks

Mar 23, 2023/1 min read

CyRC Vulnerability Advisory: CVE-2023-25828 Authenticated Remote Code Execution in Pluck CMS

By Matthew Hogg

Tags: Software Integrity, Security News & Trends, CyRC

Mar 22, 2023/5 min read

Production-safe DAST: Your secret weapon against threat actors

By Vishrut Iyengar

Tags: DAST, Software Integrity, Build Security into DevOps

Mar 19, 2023/6 min read

Automate your DevSecOps to take the pressure off triage

By Steven Zimmerman

Tags: Software Integrity, Build Security into DevOps, DevSecOps

Mar 15, 2023/7 min read

AppSec Decoded: Continuous AppSec testing in DevSecOps with Seeker IAST

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, IAST, DevSecOps

Mar 14, 2023/1 min read

OWASP Top 10: Insecure design

By Synopsys Cybersecurity Research Center

Tags: Software Integrity, Security News & Trends

Mar 11, 2023/5 min read

DevSecOps uses policy to take the pressure off testing

By Charlotte Freeman

Tags: Software Integrity, Security News & Trends, DevSecOps, Orchestration & Correlation

Mar 10, 2023/3 min read

Static analysis + penetration testing = More than the sum of their parts

By Phil Odence

Tags: M&A, Software Integrity, Security News & Trends

Mar 07, 2023/2 min read

Secure software development for modern vehicles

By Dr. Dennis Kengo Oka

Tags: Software Integrity, Security News & Trends, Compliance, Automotive

Mar 01, 2023/1 min read

AppSec Decoded: Managing your open source risks

By Synopsys Editorial Team

Tags: SCA, Software Integrity, Security News & Trends, Secure the Software Supply Chain

Mar 01, 2023/1 min read

OWASP Top 10: Injection

By Synopsys Cybersecurity Research Center

Tags: Software Integrity, Security News & Trends, CyRC

Feb 27, 2023/5 min read

Instantly scalable dynamic application security testing

By Vishrut Iyengar

Tags: DAST, Software Integrity, Manage Security Risks

Feb 26, 2023/1 min read

AppSec Decoded: Takeaways from the 2022 “Software Vulnerability Snapshot” report

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Security News & Trends, Pen Testing, Manage Security Risks

Feb 26, 2023/4 min read

Take the pressure off coding for your developers

By Steven Zimmerman

Tags: Software Integrity, Security News & Trends, DevSecOps

Feb 24, 2023/1 min read

The M&A Open Source Risk Number

By Phil Odence

Tags: M&A, Software Integrity, OSS License Compliance

Feb 14, 2023/4 min read

The step-by-step guide to threat modeling

By Charlotte Freeman

Tags: Software Integrity, Threat Modeling, Manage Security Risks

Feb 13, 2023/1 min read

OWASP Top 10: Cryptographic failures

By Synopsys Cybersecurity Research Center

Tags: Software Integrity, Build Security into DevOps, CyRC, Web AppSec

Feb 09, 2023/3 min read

Navigating software due diligence with a Black Duck Audit

By Steven Power

Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance

Feb 08, 2023/3 min read

Spotlight on CRED: Benchmarking security with a BSIMM assessment

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Threat & Risk Assessment, Manage Security Risks

Feb 06, 2023/1 min read

Tom Herrmann of the Synopsys Software Integrity Group recognized as 2023 CRN Channel Chief

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Feb 06, 2023/11 min read

CyRC special report: Secure apps? Don’t bet on it

By Jonathan Knudsen

Tags: SCA, Software Integrity, Security News & Trends, Mobile, CyRC

Feb 02, 2023/4 min read

CyRC Special Report: How companies fared in the aftermath of Log4Shell

By Jonathan Knudsen

Tags: SCA, Software Integrity, CyRC

Jan 30, 2023/1 min read

CyRC Vulnerability Advisory: CVE-2023-23846 Denial-of-Service Vulnerability in Open5GS GTP Library

By Synopsys Editorial Team

Tags: Software Integrity, Fuzzing, Security News & Trends, CyRC

Jan 29, 2023/4 min read

Open source software: A pillar of modern software development

By Mike McGuire

Tags: SCA, Software Integrity, Secure the Software Supply Chain

Jan 26, 2023/5 min read

Black Duck’s New Year’s Resolution

By Mike McGuire

Tags: SCA, Software Integrity, Secure the Software Supply Chain

Jan 25, 2023/1 min read

Software risks and technical debt: The role of process in determining good software

By Phil Odence

Tags: M&A, Software Integrity, OSS License Compliance

Jan 22, 2023/6 min read

2023 cybersecurity predictions that should be on your radar

By Taylor Armerding

Tags: Software Integrity, Security News & Trends

Jan 20, 2023/3 min read

Prioritizing open source vulnerabilities in software due diligence

By Mike McGuire

Tags: M&A, Software Integrity, OSS License Compliance

Jan 19, 2023/1 min read

OWASP Top 10: Broken access control

By Synopsys Cybersecurity Research Center

Tags: Software Integrity, Build Security into DevOps, CyRC

Jan 17, 2023/8 min read

Finding hard-coded secrets before you suffer a breach

By Ksenia Peguero

Tags: SCA, Software Integrity, Build Security into DevOps, IAST, SAST

Jan 10, 2023/1 min read

AppSec Decoded: The research behind the 2022 “Software Vulnerability Snapshot”

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Security News & Trends, Pen Testing

Jan 04, 2023/8 min read

How to choose React Native libraries for secure mobile application development

By Vineeta Sangaraju

Tags: Software Integrity, Build Security into DevOps, Mobile, SAST

Jan 01, 2023/1 min read

Cybersecurity Research Center Developer Series: The OWASP Top 10

By Synopsys Cybersecurity Research Center

Tags: Software Integrity, Build Security into DevOps, CyRC, Training

Dec 21, 2022/8 min read

The top cyber security stories of 2022

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Internet of Things

Dec 14, 2022/4 min read

Automating web security testing within your DevOps pipelines

By Charlotte Freeman

Tags: Software Integrity, Build Security into DevOps, IAST, DevSecOps

Dec 08, 2022/3 min read

SBOM: What’s in your software ingredients list?

By Synopsys Editorial Team

Tags: M&A, Software Integrity, Secure the Software Supply Chain, OSS License Compliance

Dec 06, 2022/5 min read

What is the cost of poor software quality in the U.S.?

By Mike McGuire

Tags: SCA, Software Integrity, Security News & Trends, Build Security into DevOps

Nov 29, 2022/2 min read

CyRC Vulnerability Advisory: Remote code execution vulnerabilities in mouse and keyboard apps

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, CyRC

Nov 27, 2022/1 min read

AppSec Decoded: Get actionable solutions with DAST

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Manage Security Risks

Nov 24, 2022/5 min read

Custom and variant licenses: What’s in the fine print?

By Phil Odence

Tags: M&A, Software Integrity, OSS License Compliance

Nov 22, 2022/5 min read

Beyond NVD data: Using Black Duck Security Advisories for version accuracy

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, CyRC

Nov 11, 2022/3 min read

The top three differences between an open source audit and an open source scan

By Umer Palla

Tags: M&A, Software Integrity, OSS License Compliance

Nov 09, 2022/11 min read

JavaScript security best practices for securing your applications

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, AppSec Best Practices, Training

Nov 08, 2022/5 min read

Scalable SAST and SCA in a single solution with Polaris fAST services

By Patrick Carey

Tags: SCA, Software Integrity, Build Security into DevOps, DevSecOps, SAST, Manage Security Risks

Nov 04, 2022/3 min read

Defensics adds gRPC support for distributed web and mobile application security testing

By Synopsys Editorial Team

Tags: Software Integrity, Fuzzing, Build Security into DevOps, Mobile, Web AppSec

Nov 02, 2022/1 min read

CyRC Vulnerability Advisory: CVE-2022-43945 buffer overflow vulnerabilities in NFSD

By Kari Hulkko

Tags: Software Integrity, Security News & Trends, CyRC

Oct 31, 2022/4 min read

Synopsys introduces GitHub Actions integration for developers

By Steven Zimmerman

Tags: Software Integrity, Build Security into DevOps, DevSecOps

Oct 28, 2022/4 min read

Avoid anaphylactic shock by auditing dependencies in software due diligence

By Synopsys Editorial Team

Tags: M&A, Software Integrity, OSS License Compliance

Oct 27, 2022/2 min read

Experts warn of critical security vulnerability discovered in OpenSSL

By Tim Mackey

Tags: SCA, Software Integrity, Security News & Trends

Oct 25, 2022/6 min read

New government directives and persistent threats reinforce urgency of securing software

By Synopsys Editorial Team

Tags: Software Integrity, Compliance, Public Sector

Oct 16, 2022/2 min read

Real-time OWASP vulnerabilities as you code with Code Sight and Rapid Scan Static

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, SAST

Oct 13, 2022/3 min read

I have my Black Duck Audit reports; What’s next?

By Synopsys Editorial Team

Tags: M&A, Software Integrity, OSS License Compliance

Oct 11, 2022/1 min read

CyRC Vulnerability Advisory: CVE-2022-39064 IKEA TRÅDFRI smart lighting

By Tuomo Untinen, Kari Hulkko

Tags: Software Integrity, Fuzzing, Security News & Trends, CyRC, Internet of Things

Oct 11, 2022/5 min read

Open source dependency best practices for developers

By Charlotte Freeman

Tags: SCA, Software Integrity, Secure the Software Supply Chain, AppSec Best Practices

Oct 10, 2022/1 min read

CyRC Vulnerability Advisory: CVE-2022-39065 IKEA TRÅDFRI smart lighting gateway

By Tuomo Untinen, Kari Hulkko

Tags: Software Integrity, Fuzzing, Security News & Trends, CyRC, Internet of Things

Oct 03, 2022/4 min read

IDE-based application security for developers in IntelliJ

By Steven Zimmerman

Tags: SCA, Software Integrity, Build Security into DevOps, DevSecOps, SAST

Sep 23, 2022/3 min read

Commercial software licenses in software due diligence

By Synopsys Editorial Team

Tags: M&A, Software Integrity, OSS License Compliance

Sep 13, 2022/2 min read

CyRC Vulnerability Advisory: Denial-of-service vulnerabilities (CVE-2022-39063) in Open5GS

By Synopsys Editorial Team

Tags: Software Integrity, Fuzzing, Security News & Trends, CyRC

Sep 08, 2022/8 min read

Smart home under fuzzing

By Kari Hulkko

Tags: Software Integrity, Fuzzing, Manage Security Risks, Internet of Things

Sep 07, 2022/4 min read

Understanding the hows and whys of open source audits

By Steven Zimmerman

Tags: M&A, Software Integrity, OSS License Compliance

Aug 29, 2022/1 min read

AppSec Decoded: Addressing NIST guidelines begins with understanding your risk profile

By Synopsys Editorial Team

Tags: Software Integrity, Public Sector

Aug 29, 2022/4 min read

Establishing trust in your software supply chain with an SBOM

By Mike McGuire

Tags: SCA, Software Integrity, Secure the Software Supply Chain

Aug 28, 2022/4 min read

Synopsys and the new Automated Source Code Data Protection Measure have you covered

By Charlotte Freeman

Tags: Software Integrity, Security News & Trends, Compliance

Aug 26, 2022/4 min read

What I wish I knew about security when I started programming

By Allon Mureinik

Tags: Software Integrity, Build Security into DevOps, Training

Aug 23, 2022/7 min read

API authentication and authorization best practices

By Charlotte Freeman

Tags: Software Integrity, Build Security into DevOps, Secure the Software Supply Chain, AppSec Best Practices, Manage Security Risks

Aug 23, 2022/1 min read

AppSec Decoded: The NIST guidance on supply chain risk management

By Synopsys Editorial Team

Tags: Software Integrity, Secure the Software Supply Chain, Public Sector

Aug 18, 2022/3 min read

The four most important aspects of software due diligence audits

By Phil Odence

Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance

Aug 17, 2022/11 min read

CyRC Case Study: Exploitable memory corruption using CVE-2020-25669 and Linux Kernel

By Synopsys Cybersecurity Research Center

Tags: Software Integrity, Security News & Research, CyRC

Aug 10, 2022/1 min read

AppSec Decoded: An introduction to the Synopsys Cybersecurity Research Center

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, CyRC

Aug 09, 2022/5 min read

Synopsys and ESG report points to prevalence of software supply chain risks

By Synopsys Editorial Team

Tags: SCA, Software Integrity, Security News & Trends, Secure the Software Supply Chain, Cloud Security

Aug 08, 2022/4 min read

Secure SDLC 101

By Charlotte Freeman

Tags: Agile, CI/CD, Software Integrity, Program Strategy & Planning, Manage Security Risks

Aug 03, 2022/1 min read

CyRC Vulnerability Advisory: Local privilege escalation in Kaspersky VPN

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, CyRC

Aug 01, 2022/6 min read

CyRC Vulnerability Analysis: Repo jacking in the software supply chain

By Synopsys Editorial Team

Tags: Software Integrity, CyRC

Jul 29, 2022/2 min read

Introducing IaC Security from Black Duck

By Natalie Lightner

Tags: SCA, Software Integrity, Build Security into DevOps

Jul 24, 2022/7 min read

Bridging the security gap in continuous testing and the CI/CD pipeline

By Kimm Yeo

Tags: Software Integrity, IAST, DevSecOps, Manage Security Risks, Orchestration & Correlation

Jul 19, 2022/4 min read

Interview-based due diligence or software audits?

By Zvi Levitas

Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance

Jul 18, 2022/1 min read

AppSec Decoded: Application security orchestration and correlation

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, DevSecOps, Manage Security Risks, Orchestration & Correlation

Jul 13, 2022/1 min read

AppSec Decoded: Get the most out of your open source software

By Synopsys Editorial Team

Tags: M&A, Software Integrity, Secure the Software Supply Chain

Jul 10, 2022/4 min read

Build a holistic AppSec program

By Boris Cipot

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks

Jul 05, 2022/5 min read

OWASP API Security Top 10: Security risks that should be on your radar

By Charlotte Freeman

Tags: Software Integrity, Build Security into DevOps, Manage Security Risks

Jun 30, 2022/2 min read

CyRC Vulnerability of the Month: Spring Framework

By Black Duck Security Advisory Team

Tags: Software Integrity, Security News & Trends, CyRC

Jun 26, 2022/6 min read

Celebrating one year of Rapid Scan Static

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, SAST, Web AppSec, Manage Security Risks

Jun 22, 2022/2 min read

M&A, trust in software, and a good night’s sleep

By Phil Odence

Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance

Jun 22, 2022/3 min read

WhiteHat brings new dimension to DAST capabilities at Synopsys

By Jason Schmitt

Tags: DAST, Software Integrity, Security News & Trends

Jun 15, 2022/3 min read

Enterprise applications run your business, so how can you secure them?

By Mike McGuire

Tags: SCA, Software Integrity, SAST, Manage Security Risks

Jun 13, 2022/6 min read

Why supply chain risk management is a top priority

By Taylor Armerding

Tags: Software Integrity, Secure the Software Supply Chain, Public Sector

Jun 09, 2022/1 min read

AppSec Decoded: Security at the speed of DevOps

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Manage Security Risks, Orchestration & Correlation

Jun 02, 2022/3 min read

Celebrating Pride 2022: Out in open source

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

May 23, 2022/8 min read

CyRC Case Study: Securing BIND 9

By Jonathan Knudsen

Tags: Software Integrity, Fuzzing, Build Security into DevOps, CyRC, SAST

May 22, 2022/1 min read

AppSec Decoded: Managing software supply chain risks

By Synopsys Editorial Team

Tags: SCA, Software Integrity, Secure the Software Supply Chain

May 19, 2022/2 min read

CyRC Vulnerability Advisory: Sensitive data exposure in JSON enables account compromise in Strapi

By David Johansson

Tags: Software Integrity, Security News & Trends, CyRC

May 18, 2022/5 min read

Tech tales: Achieving PCI compliance with application security testing

By Chai Bhat

Tags: Software Integrity, Financial Services, Compliance, Pen Testing, Manage Security Risks

May 17, 2022/2 min read

Building security into existing source code management workflows

By James Rabon

Tags: Software Integrity, Build Security into DevOps, DevSecOps, Orchestration & Correlation

May 12, 2022/3 min read

Two-factor authentication misconfiguration bypass

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Web AppSec, Internet of Things

May 10, 2022/3 min read

Black Duck Open Source Audits: Working through licensing issues like a pro

By Phil Odence

Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance

May 08, 2022/1 min read

Product Security Advisory: Reflected cross-site scripting in Black Duck Hub

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Apr 27, 2022/1 min read

Synopsys to expand portfolio, SaaS offerings with WhiteHat Security acquisition

By Jason Schmitt

Tags: DAST, Software Integrity, Security News & Trends

Apr 19, 2022/1 min read

CyRC Vulnerability Analysis: CVE-2022-1271 in gzip, but it’s not as bad as it sounds

By Jonathan Knudsen

Tags: SCA, Software Integrity, Security News & Trends, CyRC

Apr 11, 2022/1 min read

CyRC Vulnerability Advisory: Stored XSS in Directus

By David Johansson

Tags: Software Integrity, Security News & Trends, CyRC

Apr 06, 2022/4 min read

What is the maturity level of your AppSec program?

By Taylor Armerding

Tags: Software Integrity, Program Strategy & Planning, Threat & Risk Assessment, Manage Security Risks

Apr 05, 2022/1 min read

AppSec Decoded: Is an SBOM a silver bullet for software supply chain security?

By Synopsys Editorial Team

Tags: SCA, Software Integrity, Secure the Software Supply Chain, Compliance

Mar 31, 2022/4 min read

BYOD in the workforce: MDM and MAM with Microsoft Intune

By Synopsys Editorial Team

Tags: Software Integrity, Mobile, Manage Security Risks, Internet of Things

Mar 29, 2022/1 min read

CyRC Vulnerability Analysis: Two distinct Spring vulnerabilities discovered – Spring4Shell and CVE-2022-22963

By Jonathan Knudsen

Tags: SCA, Software Integrity, Security News & Trends, CyRC

Mar 20, 2022/3 min read

How to cybersecurity: Software supply chain security is much bigger than you think

By Jonathan Knudsen

Tags: SCA, Software Integrity, Secure the Software Supply Chain

Mar 14, 2022/7 min read

NIST provides recommended criteria for cybersecurity labeling for consumer software and IoT products

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, Internet of Things

Mar 10, 2022/5 min read

Synopsys contributes to the Linux Foundation Census II of the most widely used open source application libraries

By Synopsys Editorial Team

Tags: SCA, Software Integrity

Mar 07, 2022/1 min read

#BreakTheBias: A conversation about tackling gender equality in the workforce

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Feb 20, 2022/10 min read

Navigating the road ahead for automotive cybersecurity

By Synopsys Editorial Team

Tags: Software Integrity, Pen Testing, Threat Modeling, Manage Security Risks, Automotive

Feb 14, 2022/3 min read

Black History Month: Uplifting voices at Synopsys

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Feb 14, 2022/3 min read

What the cybersecurity executive order means for the private sector

By Mike McGuire

Tags: Software Integrity, Compliance, Public Sector

Feb 09, 2022/4 min read

Code Sight Standard Edition: Application security optimized for the needs of developers

By Raj Kesarapalli

Tags: SCA, Software Integrity, Security News & Trends, Build Security into DevOps, DevSecOps, SAST

Feb 09, 2022/4 min read

How to cybersecurity: Gravity is a harsh mistress

By Jonathan Knudsen

Tags: Software Integrity, Build Security into DevOps, DevSecOps, Manage Security Risks

Jan 31, 2022/1 min read

AppSec Decoded: Building security into DevSecOps

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, DevSecOps

Jan 26, 2022/2 min read

CyRC Vulnerability Analysis: Local privilege escalation vulnerability discovered

By Synopsys Cybersecurity Research Center

Tags: SCA, Software Integrity, CyRC

Jan 23, 2022/3 min read

Scale and mature your AppSec program with a managed services partner

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks

Jan 19, 2022/3 min read

Bob Saget and open source license compliance

By Phil Odence

Tags: SCA, M&A, Software Integrity, Security News & Trends, Secure the Software Supply Chain, OSS License Compliance

Jan 18, 2022/6 min read

Five Cryptography best practices for developers

By Charlotte Freeman

Tags: Software Integrity, Build Security into DevOps, AppSec Best Practices, Training

Jan 01, 2022/2 min read

Software due diligence: The home inspection of tech M&A

By Phil Odence

Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance

Dec 20, 2021/1 min read

AppSec Decoded: A proactive approach to building trust in your software supply chain

By Synopsys Editorial Team

Tags: Software Integrity, Secure the Software Supply Chain, Compliance, Public Sector

Dec 15, 2021/8 min read

Detecting Log4j (Log4Shell): Mitigating the impact on your organization

By Michael White

Tags: SCA, Software Integrity, Compliance, SAST

Dec 14, 2021/5 min read

How to cyber security: Software supply chain risk management

By Jonathan Knudsen

Tags: SCA, Software Integrity, Secure the Software Supply Chain, SAST

Dec 10, 2021/5 min read

CyRC Vulnerability Analysis: Remote code execution zero-day exploit in Java logging library (log4j2)

By Synopsys Editorial Team

Tags: SCA, Software Integrity, CyRC

Dec 08, 2021/5 min read

Safety Detectives interview with Tim Mackey

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Build Security into DevOps, Secure the Software Supply Chain, Manage Security Risks

Dec 07, 2021/2 min read

CyRC Vulnerability Advisory: Multiple vulnerabilities discovered in GOautodial

By Scott Tolley

Tags: Software Integrity, Security News & Trends, IAST, CyRC

Nov 21, 2021/6 min read

Effective software security activities for managing supply chain risks

By Chai Bhat

Tags: Software Integrity, Program Strategy & Planning, Secure the Software Supply Chain, Cloud Security, Container Security

Nov 16, 2021/2 min read

Don’t let Trojan Source sneak into your code

By Synopsys Editorial Team

Tags: Software Integrity, SAST

Nov 09, 2021/3 min read

A stitch in BIND saves nine

By Jonathan Knudsen

Tags: Software Integrity, Fuzzing, Security News & Trends, CyRC

Nov 01, 2021/3 min read

Top seven logging and monitoring best practices

By Ashutosh Rana

Tags: Software Integrity, Build Security into DevOps, AppSec Best Practices, Training

Oct 28, 2021/1 min read

AppSec Decoded: Why Biden’s executive order should be on your radar

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Public Sector

Oct 24, 2021/8 min read

How to cybersecurity: Heartbleed deep dive

By Jonathan Knudsen

Tags: Software Integrity, Compliance

Oct 16, 2021/7 min read

Top 10 Spring Security best practices for Java developers

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, AppSec Best Practices, Web AppSec

Oct 12, 2021/2 min read

CyRC Vulnerability Advisory: SQL injection, path traversal leading to arbitrary file deletion and XSS in Nagios XI

By Scott Tolley

Tags: Software Integrity, Security News & Trends, IAST, CyRC

Oct 06, 2021/5 min read

BSIMM: Top five software security activities that create a better software security initiative

By Taylor Armerding

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks

Sep 26, 2021/1 min read

AppSec Decoded: Cyber security measures for technology buyers and suppliers

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Secure the Software Supply Chain, Public Sector

Sep 14, 2021/1 min read

A new approach to AppSec

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Manage Security Risks, Orchestration & Correlation

Sep 10, 2021/4 min read

Strengthen your cloud security posture with Azure Sentinel

By Synopsys Editorial Team

Tags: Software Integrity, Cloud Security, Manage Security Risks

Sep 08, 2021/5 min read

ASOC series part 2: How to scale AppSec with application security automation

By Synopsys Editorial Team

Tags: Software Integrity, DevSecOps, Manage Security Risks, Orchestration & Correlation

Sep 02, 2021/7 min read

ASOC series part 1: How application security orchestration and correlation can improve DevSecOps efficiency

By Synopsys Editorial Team

Tags: Software Integrity, DevSecOps, Manage Security Risks, Orchestration & Correlation

Sep 01, 2021/6 min read

New banking paradigm requires better security paradigm

By Taylor Armerding

Tags: Software Integrity, Financial Services, Manage Security Risks

Aug 26, 2021/4 min read

Managing license compliance with Black Duck SCA

By Mike McGuire

Tags: Software Integrity, Manage Security Risks

Aug 19, 2021/6 min read

Reflections on trusting plugins: Backdooring Jenkins builds

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps

Aug 09, 2021/2 min read

Why penetration testing needs to be part of your IoT security

By Debrup Ghosh

Tags: Software Integrity, Build Security into DevOps, Pen Testing

Aug 08, 2021/5 min read

Keep infrastructure as code secure with Synopsys

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, SAST

Aug 03, 2021/5 min read

How to run your CodeXM checker

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Training, SAST

Jul 28, 2021/1 min read

AppSec Decoded: New executive order changes dynamic of software security standards

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Build Security into DevOps, Secure the Software Supply Chain, Compliance, Manage Security Risks, Public Sector

Jul 27, 2021/2 min read

Build developer trust with faster, accurate AppSec testing from Rapid Scan

By Scott Johnson

Tags: SCA, Agile, CI/CD, Software Integrity, Build Security into DevOps, SAST

Jul 21, 2021/2 min read

Shift even further left with blazing-fast Rapid Scan SAST

By Anna Chiang

Tags: Software Integrity, Build Security into DevOps, SAST

Jul 19, 2021/4 min read

Practical solutions for a secure automotive software development process following ISO/SAE 21434

By Dr. Dennis Kengo Oka

Tags: Software Integrity, Build Security into DevOps, Compliance, Automotive

Jul 11, 2021/6 min read

Reduce open source software risks in your supply chain

By Synopsys Editorial Team

Tags: Software Integrity, Secure the Software Supply Chain

Jul 08, 2021/3 min read

Getting started with writing checkers using CodeXM

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, SAST

Jun 29, 2021/2 min read

Optimizing software composition analysis for developer workflows with Black Duck Rapid Scan

By Mike McGuire

Tags: SCA, Software Integrity, Build Security into DevOps

Jun 28, 2021/3 min read

How to cyber security: Embedding security into every phase of the SDLC

By Jonathan Knudsen

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps

Jun 24, 2021/4 min read

How an open source software audit works

By Phil Odence

Tags: M&A, Software Integrity, OSS License Compliance

Jun 21, 2021/8 min read

CyRC Vulnerability Advisory: Denial-of-service vulnerabilities in Zephyr Bluetooth LE stack

By Matias Karhumaa

Tags: Software Integrity, Fuzzing, Security News & Trends, CyRC

Jun 17, 2021/1 min read

Reduce open source risk in M&A with software due diligence

By Synopsys Editorial Team

Tags: SCA, M&A, Software Integrity, OSS License Compliance

Jun 15, 2021/5 min read

Ransomware prevention begins with securing your applications

By Taylor Armerding

Tags: Software Integrity, Public Sector

Jun 14, 2021/4 min read

Data privacy laws drive urgency to create a data security strategy

By Anna Chiang

Tags: Software Integrity, Compliance, Manage Security Risks

Jun 10, 2021/6 min read

How to achieve MISRA and AUTOSAR coding compliance

By Dr. Dennis Kengo Oka

Tags: Software Integrity, Build Security into DevOps, Compliance, Automotive

Jun 07, 2021/1 min read

CyRC Vulnerability Advisory: Denial of service vulnerabilities in RabbitMQ, EMQ X, and VerneMQ

By Jonathan Knudsen

Tags: Software Integrity, Fuzzing, Security News & Trends, Compliance, CyRC

Jun 06, 2021/3 min read

Code Dx brings game-changing capabilities to Synopsys

By Jim Ivers

Tags: Software Integrity, Security News & Trends, Orchestration & Correlation

Jun 05, 2021/3 min read

Web application security testing at scale with Coverity SAST

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, SAST, Web AppSec, Manage Security Risks

May 31, 2021/3 min read

Addressing 5G security with threat modeling

By Chai Bhat

Tags: Software Integrity, Threat Modeling, Manage Security Risks, Internet of Things

May 25, 2021/4 min read

A CISO’s guide to sensitive data protection

By Anna Chiang

Tags: Software Integrity, Compliance, Manage Security Risks

May 24, 2021/2 min read

How to protect your Wi-Fi devices from new FragAttacks vulnerabilities

By Tuomo Untinen

Tags: Software Integrity, Fuzzing, Manage Security Risks

May 12, 2021/4 min read

Cybersecurity Executive Order requires new software security standards

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Compliance, Public Sector

May 10, 2021/5 min read

Open source license compliance and dependencies: Peeling back the licensing layers

By Matt Jacobs

Tags: M&A, Software Integrity, OSS License Compliance

May 06, 2021/8 min read

Top 10 DevSecOps best practices for building secure software

By Sneha Kokil

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps, AppSec Best Practices, DevSecOps

May 02, 2021/6 min read

Biden on cyber security after 100 days: A good start, but now comes the hard part

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Manage Security Risks, Public Sector

Apr 23, 2021/4 min read

How to cyber security: 5G is not magic

By Jonathan Knudsen

Tags: Software Integrity, Build Security into DevOps, Internet of Things

Apr 15, 2021/3 min read

Securing the IoT tsunami

By Chai Bhat

Tags: Software Integrity, Manage Security Risks, Internet of Things

Apr 14, 2021/3 min read

The 411 on Stack Overflow and open source license compliance

By Phil Odence

Tags: M&A, Software Integrity, OSS License Compliance

Apr 09, 2021/3 min read

Penetration testing: A yearly physical for your applications

By Debrup Ghosh

Tags: Software Integrity, Build Security into DevOps, Pen Testing, Web AppSec

Apr 08, 2021/12 min read

Integrating fuzzing into DevSecOps

By Synopsys Editorial Team

Tags: Software Integrity, Fuzzing, Build Security into DevOps, DevSecOps

Apr 06, 2021/4 min read

Don’t be the weak link in your customers’ supply chain security

By Taylor Armerding

Tags: Software Integrity, Program Strategy & Planning, Secure the Software Supply Chain, Public Sector

Mar 28, 2021/2 min read

Synopsys CyRC named a CVE Numbering Authority

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Program Strategy & Planning, Compliance, CyRC

Mar 24, 2021/3 min read

Hacking medical devices: Five ways to inoculate yourself from attacks

By Chandu Ketkar

Tags: Software Integrity, Security News & Trends, Medical Devices

Mar 20, 2021/5 min read

Closing the gender gap in today’s tech industry

By Sneha Kokil

Tags: Software Integrity, Security News & Trends

Mar 17, 2021/11 min read

WLAN under fuzzing with Defensics

By Tuomo Untinen, Kari Hulkko

Tags: Software Integrity, Fuzzing, Build Security into DevOps

Mar 14, 2021/4 min read

Why should DevOps teams choose IAST?

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, IAST

Mar 11, 2021/6 min read

Don’t let supply chain security risks poison your organization

By Taylor Armerding

Tags: Software Integrity, Program Strategy & Planning, Secure the Software Supply Chain, Public Sector

Mar 10, 2021/4 min read

Get earlier, actionable vulnerability insights from Black Duck Security Advisories

By Mike McGuire

Tags: SCA, Software Integrity, Secure the Software Supply Chain, Manage Security Risks

Mar 01, 2021/2 min read

CyRC Vulnerability Advisory: Denial of service vulnerability in Jetty web server

By Synopsys Cybersecurity Research Center

Tags: Software Integrity, Security News & Trends, Program Strategy & Planning, CyRC

Feb 23, 2021/5 min read

How to cyber security: Containerizing fuzzing targets

By Jonathan Knudsen

Tags: Software Integrity, Fuzzing, Build Security into DevOps

Feb 23, 2021/5 min read

Analysis of an attack on automotive keyless entry systems

By Dr. Dennis Kengo Oka

Tags: Software Integrity, Build Security into DevOps, Automotive

Feb 08, 2021/3 min read

8 must-have features in an IAST solution

By Synopsys Editorial Staff

Tags: Software Integrity, IAST, Manage Security Risks

Feb 03, 2021/4 min read

How to integrate automated AST tools in your CI/CD pipeline

By Meera Rao

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps

Jan 31, 2021/1 min read

AppSec Decoded: Manufacturing more-secure IoT devices

By Synopsys Editorial Team

Tags: Software Integrity, Manage Security Risks, Internet of Things

Jan 26, 2021/4 min read

Discovery capabilities: A core differentiator for Black Duck SCA

By Mike McGuire

Tags: SCA, Software Integrity, Build Security into DevOps, OSS License Compliance

Jan 26, 2021/7 min read

Securing your code: GDPR best practices for application security

By Taylor Armerding

Tags: Software Integrity, Program Strategy & Planning, Compliance, AppSec Best Practices, Manage Security Risks

Jan 23, 2021/3 min read

How to manage open source risks using Black Duck SCA

By Shandra Gemmiti

Tags: SCA, Software Integrity

Jan 21, 2021/6 min read

How to evaluate the ROI of your software security program

By Taylor Armerding

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks

Jan 20, 2021/7 min read

How to cyber security: Faceplanting in 10 lines of code

By Jonathan Knudsen

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps

Jan 03, 2021/6 min read

Don’t get overwhelmed with trivial defects. Manage them!

By Taylor Armerding

Tags: Software Integrity, Build Security into DevOps, AppSec Best Practices, DevSecOps

Dec 27, 2020/8 min read

DevSecOps: The good, the bad, and the ugly

By Nivedita Murthy

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps

Dec 21, 2020/5 min read

Things to consider when choosing a software composition analysis tool

By Shandra Gemmiti

Tags: SCA, Software Integrity, Build Security into DevOps

Dec 16, 2020/2 min read

CyRC analysis: Authentication bypass vulnerability in Bouncy Castle

By Synopsys Cybersecurity Research Center

Tags: Software Integrity, Security News & Trends, Compliance, CyRC

Dec 16, 2020/4 min read

How to cyber security: Software security is everyone’s responsibility

By Jonathan Knudsen

Tags: Agile, CI/CD, Software Integrity, Manage Security Risks

Dec 14, 2020/10 min read

How to build a serial port fuzzer with Defensics SDK

By Kari Hulkko

Tags: Software Integrity, Fuzzing, Build Security into DevOps

Dec 10, 2020/6 min read

Fuzzing Bitcoin with the Defensics SDK, part 2: Fuzz the Bitcoin protocol

By Jonathan Knudsen

Tags: Software Integrity, Fuzzing, Build Security into DevOps, Training

Dec 07, 2020/4 min read

6 Findings from DevSecOps Practices' Survey

By Fred Bals

Tags: Software Integrity, AppSec Best Practices, DevSecOps, Manage Security Risks

Dec 02, 2020/6 min read

Configure security tools for effective DevSecOps

By Taylor Armerding

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps, DevSecOps

Dec 01, 2020/5 min read

Fuzzing Bitcoin with the Defensics SDK, part 1: Create your network

By Jonathan Knudsen

Tags: Software Integrity, Fuzzing, Build Security into DevOps

Nov 19, 2020/4 min read

Four requirements for open source vulnerability management in a DevOps environment

By Shandra Gemmiti

Tags: SCA, Software Integrity, Secure the Software Supply Chain

Nov 17, 2020/3 min read

Automotive threat analysis and risk assessment method

By Jacob Wilson

Tags: Software Integrity, Compliance, Manage Security Risks, Automotive

Nov 16, 2020/6 min read

Can your security keep pace in a DevOps environment?

By Taylor Armerding

Tags: Agile, CI/CD, Software Integrity, Manage Security Risks

Nov 12, 2020/5 min read

How to cyber security: Gotta go fast … but why?

By Jonathan Knudsen

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps, DevSecOps

Nov 09, 2020/6 min read

The roles and responsibilities that lead to better software security initiatives

By Taylor Armerding

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks

Nov 09, 2020/3 min read

Three DevSecOps challenges and how to mitigate them

By Patrick Carey

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps, Training, DevSecOps

Nov 04, 2020/4 min read

Cyber security assurance levels in the automotive supply chain

By Jacob Wilson

Tags: Software Integrity, Compliance, Manage Security Risks, Automotive

Oct 28, 2020/5 min read

CyRC analysis: Circumventing WPA authentication in wireless routers with Defensics fuzz testing

By Tuomo Untinen, Kari Hulkko

Tags: Software Integrity, Fuzzing, Security News & Trends, Compliance

Oct 20, 2020/1 min read

AppSec Decoded: The security dilemma of IoT devices

By Synopsys Editorial Team

Tags: Software Integrity, Manage Security Risks, Internet of Things

Oct 18, 2020/5 min read

Get effective DevSecOps with version control

By Taylor Armerding

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps, DevSecOps

Oct 11, 2020/3 min read

Are you ready for ISO SAE 21434 Cybersecurity of Road Vehicles?

By Jacob Wilson

Tags: Software Integrity, Compliance, Manage Security Risks, Automotive

Sep 29, 2020/3 min read

Making SCA part of your AST Strategy

By Fred Bals

Tags: SCA, Software Integrity, Security News & Trends, Secure the Software Supply Chain

Sep 27, 2020/2 min read

CyRC Vulnerability Advisory: Authentication bypass vulnerabilities in multiple wireless router chipsets (CVE-2019-18989, CVE-2019-18990, and CVE-2019-18991)

By Synopsys Cybersecurity Research Center

Tags: Software Integrity, Fuzzing, Security News & Trends, CyRC

Sep 23, 2020/5 min read

Open source licenses: No license, no problem? Or … not?

By Matt Jacobs

Tags: SCA, M&A, Software Integrity, OSS License Compliance

Sep 17, 2020/5 min read

MITRE releases 2020 CWE Top 25 most dangerous software weaknesses

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, AppSec Best Practices

Sep 10, 2020/4 min read

TANSTAAFL! The tragedy of the commons meets open source software

By Fred Bals

Tags: Software Integrity, Manage Security Risks

Aug 26, 2020/3 min read

Black Duck continues to expand vulnerability prioritization methods

By Mike McGuire

Tags: SCA, Software Integrity, Security News & Trends

Aug 25, 2020/4 min read

Developing a COVID-19 track and trace app — through the lens of Synopsys

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Build Security into DevOps, Threat & Risk Assessment, Mobile, IAST, SAST, Public Sector

Aug 02, 2020/12 min read

Apache Struts research at scale, Part 3: Exploitation

By Christopher Fearon

Tags: Software Integrity, Security News & Trends, Compliance, CyRC

Jul 27, 2020/7 min read

Security bugs and flaws: Both bad, but in different ways

By Taylor Armerding

Tags: SCA, Software Integrity, Build Security into DevOps, Threat & Risk Assessment, Threat Modeling, Manage Security Risks

Jul 21, 2020/7 min read

Are you making software security a requirement?

By Jamie Boote

Tags: Software Integrity, Program Strategy & Planning, Threat & Risk Assessment, Manage Security Risks

Jul 12, 2020/7 min read

How to Cyber Security: Fuzz a tank

By Jonathan Knudsen

Tags: Software Integrity, Fuzzing, Build Security into DevOps

Jul 04, 2020/5 min read

Open source audits: The secret ingredient for successful M&A

By Shandra Gemmiti

Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance

Jul 01, 2020/8 min read

Find more bugs by detecting failure better: An introduction to SanitizerProcessMonitorAgent

By Jonathan Knudsen

Tags: Software Integrity, Fuzzing, Build Security into DevOps

Jun 28, 2020/4 min read

Are you following the top 10 software security best practices?

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, AppSec Best Practices, Manage Security Risks

Jun 17, 2020/3 min read

An introduction to installing Black Duck

By Synopsys Editorial Team

Tags: SCA, Software Integrity, Build Security into DevOps

Jun 11, 2020/11 min read

Authentication Token Obtain and Replace (ATOR) Burp plugin to handle complex login sequences

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps

Jun 03, 2020/2 min read

How to overcome the top 6 application security challenges

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks

Jun 01, 2020/3 min read

Why developers need a supplemental source to NVD vulnerability data

By Fred Bals

Tags: SCA, Software Integrity, Build Security into DevOps

May 19, 2020/5 min read

Are you ready for API security?

By Synopsys Cybersecurity Research Center

Tags: Software Integrity, Threat Modeling, Manage Security Risks

May 13, 2020/3 min read

Critical gap in developer security training puts applications at risk

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, AppSec Best Practices, Training

May 11, 2020/8 min read

How to Cyber Security: Fuzzing does not mean random

By Jonathan Knudsen

Tags: Software Integrity, Fuzzing, Build Security into DevOps

May 05, 2020/4 min read

3 ways to boost your security with role-based security compliance training

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Compliance, AppSec Best Practices, Training

May 03, 2020/2 min read

3 long-term benefits of an application security training strategy

By Synopsys Editorial Staff

Tags: Software Integrity, Build Security into DevOps, Training

Apr 27, 2020/15 min read

CyRC analysis: CVE-2020-7958 biometric data extraction in Android devices

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Compliance, CyRC

Apr 21, 2020/3 min read

The Complete Application Security Checklist

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks

Apr 15, 2020/7 min read

What the open source community can teach the suddenly remote workforce

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Training

Apr 13, 2020/1 min read

CyRC Vulnerability Advisory: CVE-2020-7958 biometric data disclosure vulnerability in OnePlus 7 Pro Android phone

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Mobile, CyRC

Apr 13, 2020/5 min read

How to Cyber Security: Application security is critical for data security

By Jonathan Knudsen

Tags: Software Integrity, Threat & Risk Assessment, Threat Modeling, Manage Security Risks

Apr 07, 2020/3 min read

How 5G and IoT devices open up the attack surface on enterprises

By Synopsys Editorial Staff

Tags: Software Integrity, Fuzzing, Manage Security Risks, Internet of Things

Mar 31, 2020/3 min read

What is the Ghostcat vulnerability (CVE-2020-1938)?

By Tanay Sethi

Tags: SCA, Software Integrity, Security News & Trends, Compliance

Mar 29, 2020/3 min read

3 ways to improve your software development skills

By Synopsys Editorial Staff

Tags: Software Integrity, Security News & Trends, Training

Mar 21, 2020/5 min read

How to deal with legacy vulnerabilities

By Taylor Armerding

Tags: SCA, Software Integrity, Manage Security Risks

Mar 15, 2020/6 min read

What is security debt, and how do I get out of it?

By Taylor Armerding

Tags: SCA, Software Integrity, Program Strategy & Planning, Build Security into DevOps, Manage Security Risks

Mar 11, 2020/4 min read

How do you effectively remediate the increasing sea of vulnerabilities?

By Shandra Gemmiti

Tags: SCA, Software Integrity, Secure the Software Supply Chain

Mar 10, 2020/7 min read

Apache Struts research at scale, Part 2: Execution environments

By Christopher Fearon

Tags: Software Integrity, Security News & Trends, Compliance, CyRC

Mar 10, 2020/3 min read

How does IAST fit into DevSecOps?

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps, IAST, DevSecOps

Mar 03, 2020/5 min read

5G: Vast potential, but better security needed

By Synopsys Editorial Staff

Tags: Software Integrity, Fuzzing, Mobile, Manage Security Risks, Internet of Things

Mar 02, 2020/3 min read

Thoreau’s ‘simplify’ exhortation hovers over RSA

By Taylor Armerding

Tags: Software Integrity, Manage Security Risks

Feb 19, 2020/6 min read

Want to comply with privacy laws? Start with security

By Taylor Armerding

Tags: Software Integrity, Program Strategy & Planning, Compliance, Manage Security Risks, Public Sector

Feb 18, 2020/5 min read

There’s no such thing as TMI when it comes to open source software

By Fred Bals

Tags: SCA, Software Integrity, Security News & Trends

Feb 12, 2020/3 min read

Find and fix open source and proprietary code security defects in the IDE with Polaris and Code Sight

By Patrick Carey

Tags: SCA, Software Integrity, Security News & Trends, Build Security into DevOps, DevSecOps, SAST

Feb 12, 2020/11 min read

Top 10 FOSS legal developments in 2019

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, OSS License Compliance

Feb 03, 2020/3 min read

Extending Black Duck’s capability with Red Hat OpenShift to scan Red Hat Quay images

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Container Security

Feb 03, 2020/4 min read

Mobile security app-titude best practices for secure app design and data privacy

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, AppSec Best Practices, Mobile

Feb 02, 2020/5 min read

Ask the Experts: What’s most rewarding about your career in cyber security?

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Build Security into DevOps, Manage Security Risks

Jan 22, 2020/5 min read

Coverity & Black Duck together. Better. Faster. Stronger.

By Fred Bals

Tags: SCA, Software Integrity, Build Security into DevOps, SAST

Jan 18, 2020/4 min read

Synopsys adds GitHub Action for SAST and SCA

By Synopsys Editorial Team

Tags: SCA, Agile, CI/CD, Software Integrity, Build Security into DevOps, SAST

Jan 08, 2020/1 min read

Synopsys acquires Tinfoil Security, DAST and API testing solutions provider

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Security News & Trends

Jan 06, 2020/7 min read

The journey to better medical device security: Still slow, still bumpy

By Taylor Armerding

Tags: Software Integrity, Build Security into DevOps, AppSec Best Practices, Medical Devices, Healthcare

Dec 17, 2019/5 min read

Mackey: Security isn’t ‘front of mind’ in the IoT

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Internet of Things

Dec 10, 2019/7 min read

Cost of data breaches in 2019: The 4 worst hits on the corporate wallet

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, Public Sector

Dec 08, 2019/3 min read

How to Cyber Security: Software is critical infrastructure

By Jonathan Knudsen

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks, Public Sector

Nov 24, 2019/6 min read

The blockchain train: Get on board—with caution

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Container Security

Nov 19, 2019/4 min read

SAST vs. SCA: What’s the difference? Do I need both?

By Synopsys Editorial Team

Tags: SCA, Software Integrity, Build Security into DevOps, SAST

Nov 18, 2019/3 min read

Integrating Coverity Scan with GitLab CI

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps, SAST

Nov 12, 2019/3 min read

Blue Yonder: Extending their SDLC to remediate open source issues

By Fred Bals

Tags: SCA, Software Integrity

Nov 10, 2019/3 min read

How to Cyber Security: Unicorns and donkeys

By Jonathan Knudsen

Tags: Software Integrity, Program Strategy & Planning, Training, Manage Security Risks

Oct 29, 2019/7 min read

It’s past time to put passwords out of our misery

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Threat & Risk Assessment

Oct 28, 2019/7 min read

The due diligence of a deal

By Phil Odence

Tags: M&A, Software Integrity, OSS License Compliance

Oct 24, 2019/11 min read

Apache Struts research at scale, Part 1: Building 115 versions of Struts

By Christopher Fearon

Tags: Software Integrity, Security News & Trends, Compliance, CyRC

Oct 22, 2019/6 min read

Don’t let your supply chain undermine your security

By Taylor Armerding

Tags: Software Integrity, Program Strategy & Planning, Secure the Software Supply Chain

Oct 09, 2019/2 min read

CloudBees and Synopsys: Putting “Sec” into DevSecOps

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps

Oct 09, 2019/8 min read

Best practices for secure application development

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, AppSec Best Practices

Oct 01, 2019/5 min read

Seeker FAQ: Interactive application security testing and CI/CD

By Kimm Yeo

Tags: Agile, CI/CD, Software Integrity, Security News & Trends, IAST

Sep 29, 2019/4 min read

Wormwood – An Explicit Way to Test Absinthe GraphQL APIs

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Build Security into DevOps

Sep 26, 2019/2 min read

Coverity release ties in well to the latest MITRE CWE Top 25

By Synopsys Editorial Team

Tags: SCA, Software Integrity, Security News & Trends, Compliance, SAST

Sep 23, 2019/7 min read

Hackers needed to defeat hackers

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Training

Sep 19, 2019/4 min read

Q&A: Fuzz testing, agent instrumentation, and Defensics

By Synopsys Editorial Team

Tags: Software Integrity, Fuzzing, Build Security into DevOps

Sep 11, 2019/2 min read

Let’s Talk Licenses: Beware the Beerware License

By Phil Odence

Tags: M&A, Software Integrity, OSS License Compliance

Sep 10, 2019/7 min read

Awash in regulations, companies struggle with compliance

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, Public Sector

Aug 26, 2019/3 min read

What are the different types of security vulnerabilities?

By Synopsys Editorial Team

Tags: Software Integrity, Web AppSec, Manage Security Risks

Aug 14, 2019/2 min read

Review of Apache Struts vulnerabilities yields 24 updated advisories

By Tim Mackey

Tags: Software Integrity, Security News & Trends, CyRC

Aug 13, 2019/2 min read

[Infographic] Financial cybersecurity by the numbers

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Financial Services

Aug 11, 2019/6 min read

The license and security risks of using Node.js

By Synopsys Editorial Team

Tags: Software Integrity, Web AppSec, Manage Security Risks

Aug 04, 2019/5 min read

Ask the Experts: How can we prevent ransomware attacks?

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Program Strategy & Planning, Training

Jul 30, 2019/7 min read

Apollo 11 software lessons still relevant today

By Taylor Armerding

Tags: Software Integrity, Compliance, Manage Security Risks, Public Sector

Jul 29, 2019/3 min read

3 use cases where source code scanning doesn’t cut it

By Shandra Gemmiti

Tags: SCA, Software Integrity

Jul 16, 2019/5 min read

Securing software development: NIST joins the parade

By Taylor Armerding

Tags: Software Integrity, Program Strategy & Planning, Compliance, Manage Security Risks

Jul 15, 2019/2 min read

Top 3 cloud security trends for 2019

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Cloud Security, Manage Security Risks

Jul 14, 2019/4 min read

Why hackers are targeting your web apps (and how to stop them)

By Taylor Armerding

Tags: Software Integrity, Web AppSec, Manage Security Risks

Jul 09, 2019/1 min read

Join Synopsys at codenomi-con and Black Hat USA 2019

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Jul 01, 2019/6 min read

Patch now or pay later: Report

By Taylor Armerding

Tags: Software Integrity, Security News & Trends

Jun 25, 2019/3 min read

Top 3 operational open source risk factors

By Phil Odence

Tags: M&A, Software Integrity, OSS License Compliance

Jun 23, 2019/7 min read

More medical mega-breaches thanks to third-party insecurity

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Program Strategy & Planning, Healthcare

Jun 18, 2019/7 min read

Web AppSec interview questions every company should ask

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Web AppSec, Manage Security Risks

Jun 17, 2019/6 min read

Q&A: Interactive application security testing (IAST) and Seeker

By Asma Zubair

Tags: Software Integrity, IAST, Manage Security Risks

Jun 12, 2019/5 min read

You’re using open source software, and you need to keep track of it

By Taylor Armerding

Tags: SCA, Software Integrity, OSS License Compliance

Jun 11, 2019/4 min read

The Verizon DBIR and the art of the breach

By Asma Zubair

Tags: Software Integrity, Security News & Trends, Threat & Risk Assessment

Jun 10, 2019/8 min read

Ask the Experts: Should the US have a data privacy law similar to GDPR?

By Synopsys Editorial Team

Tags: Software Integrity, Compliance, Manage Security Risks, Public Sector

Jun 04, 2019/6 min read

It’s not just autonomous cars of the future that need security

By Taylor Armerding

Tags: Software Integrity, Build Security into DevOps, Manage Security Risks, Automotive

May 24, 2019/3 min read

How are code quality and code security related?

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, SAST, Web AppSec, Internet of Things

May 15, 2019/4 min read

Don’t let insider threats rain on your cloud deployment

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Manage Security Risks

May 08, 2019/1 min read

Announcing Code Sight 2019.4

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Build Security into DevOps, SAST

May 06, 2019/4 min read

Synopsys and Red Hat OpenShift 4: One smooth Operator!

By Synopsys Editorial Team

Tags: Software Integrity, Container Security

May 01, 2019/5 min read

Feds seek to up their cybersecurity game

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Internet of Things, Public Sector

Apr 18, 2019/2 min read

Are you making these software standards compliance mistakes?

By Synopsys Editorial Team

Tags: Software Integrity, Compliance, Manage Security Risks

Apr 16, 2019/3 min read

The Synopsys Cybersecurity Research Center (CyRC): Advancing the state of software security

By Tim Mackey

Tags: Software Integrity, Security News & Trends, CyRC

Apr 09, 2019/4 min read

Complex but helpful: Negotiating FDA guidance to build a cybersecurity program

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Healthcare

Mar 27, 2019/5 min read

The cyber-physical convergence is accelerating—and so are the risks

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Internet of Things

Mar 20, 2019/4 min read

Want to secure your apps? Build security in with the right toolchain

By Taylor Armerding

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps, Threat & Risk Assessment, Manage Security Risks

Mar 13, 2019/5 min read

Bug bounties: A good tool, but don’t make them the only tool in security

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Web AppSec

Mar 12, 2019/4 min read

The days (and nights) of an ‘always on’ sales engineer

By Taylor Armerding

Tags: Software Integrity, Security News & Trends

Feb 27, 2019/5 min read

Connected cars need better connection to cybersecurity

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Automotive

Feb 20, 2019/5 min read

Advances in healthcare security since the Anthem data breach

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Manage Security Risks, Healthcare

Feb 10, 2019/2 min read

3 takeaways from “Managing the Business Risks of Open Source” webinar

By Fred Bals

Tags: SCA, Software Integrity, Security News & Trends, Manage Security Risks, OSS License Compliance

Feb 05, 2019/5 min read

Study shows security challenges in the auto industry

By Taylor Armerding

Tags: Software Integrity, Security News & Research, Automotive

Feb 05, 2019/2 min read

Container scanning for security with Black Duck OpsSight 2.2

By Synopsys Editorial Team

Tags: Software Integrity, Container Security

Jan 30, 2019/2 min read

How to “shift left” with application security tools, and how not to

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps

Jan 29, 2019/7 min read

Why dependencies matter for SAST

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Training, SAST

Jan 29, 2019/3 min read

Server-side GraphQL Querying with Elixir Absinthe

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Security News & Trends

Jan 23, 2019/5 min read

The future of open source software: More of everything

By Taylor Armerding

Tags: SCA, Software Integrity, OSS License Compliance

Jan 15, 2019/4 min read

Top 10 software vulnerability list for 2019

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Mobile, Web AppSec

Jan 15, 2019/3 min read

Throwback Thursday: Whatever happened to Stuxnet?

By Taylor Armerding

Tags: Software Integrity, Manage Security Risks

Jan 09, 2019/5 min read

GAO report confirms major gaps in government cybersecurity

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Automotive, Internet of Things, Public Sector

Dec 18, 2018/3 min read

Next-generation audit reports: Enhanced visibility into open source risks in M&A transactions

By Phil Odence

Tags: M&A, Software Integrity, OSS License Compliance

Dec 03, 2018/6 min read

President’s ‘cybersecurity moonshot’: Transformational or pie in the sky?

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Public Sector

Nov 30, 2018/4 min read

NPM dependencies, supply chain attacks, and Bitcoin wallets

By Ksenia Peguero

Tags: SCA, Software Integrity, Secure the Software Supply Chain

Nov 28, 2018/5 min read

Hard questions raised when a software ‘glitch’ takes down an airliner

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, Public Sector

Nov 28, 2018/4 min read

Air gaps in ICS going, going … and so is security

By Taylor Armerding

Tags: Software Integrity, Security News & Trends

Nov 19, 2018/2 min read

Should I include CSRF protection on a login form?

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Build Security into DevOps

Nov 15, 2018/6 min read

WPA2 encryption bypass: Using Defensics to uncover behavioral vulnerabilities

By Tuomo Untinen

Tags: Software Integrity, Fuzzing, Build Security into DevOps, Compliance

Nov 14, 2018/1 min read

CyRC Vulnerability Advisory: CVE-2018-18907 authentication bypass vulnerability in D-Link DIR-850L wireless router

By Synopsys Cybersecurity Research Center

Tags: Software Integrity, Fuzzing, Security News & Trends, Compliance

Nov 14, 2018/5 min read

Don’t expect jailed CEOs, but Wyden at least puts consumer privacy on the table

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, Public Sector

Nov 13, 2018/1 min read

Today I Learned: Using SCSS in your Vue Components

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Build Security into DevOps

Nov 11, 2018/3 min read

GPLv2 and the right to cure

By Matt Jacobs

Tags: Software Integrity, OSS License Compliance

Nov 08, 2018/6 min read

Threats obvious, but electronic voting systems remain insecure

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Public Sector

Nov 06, 2018/2 min read

Shared responsibility model: Who owns cloud security?

By Synopsys Editorial Team

Tags: Software Integrity, Cloud Security, Manage Security Risks

Oct 23, 2018/5 min read

Lance Spitzner: How to secure the human operating system | NCSAM at Synopsys

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Training

Oct 11, 2018/2 min read

Automation: One of the keys to DevSecOps

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, Program Strategy & Planning, DevSecOps, Manage Security Risks

Oct 09, 2018/2 min read

Why you need to perform open source due diligence in an M&A transaction

By Fred Bals

Tags: M&A, Software Integrity, OSS License Compliance

Oct 05, 2018/4 min read

Shield your home from spies | NCSAM at Synopsys

By Amit Sethi

Tags: Software Integrity, Security News & Trends, Training

Sep 30, 2018/3 min read

CVE-2018-11776 and why you need Black Duck Security Advisories

By Fred Bals

Tags: SCA, Software Integrity, Security News & Trends

Sep 26, 2018/3 min read

How and why business is migrating to the cloud

By Taylor Armerding

Tags: Software Integrity, Cloud Security, Manage Security Risks

Sep 22, 2018/4 min read

Tineola: Taking a bite out of enterprise blockchain

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Sep 14, 2018/6 min read

Let’s write more CodeXM checkers (second-stage ignition)

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, SAST

Sep 12, 2018/3 min read

The IoT within us: Network-connected medical devices

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Medical Devices, Internet of Things, Healthcare

Sep 11, 2018/1 min read

What’s so special about zero-day vulnerabilities?

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Sep 05, 2018/2 min read

A Quick Guide to the Complex: Ecto.Multi

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Build Security into DevOps

Sep 04, 2018/4 min read

These hacks brought to you by ‘leaky’ APIs

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Web AppSec, Manage Security Risks

Aug 28, 2018/3 min read

The intersection between IAST and SCA and why you need both in your security toolkit

By Tim Mackey

Tags: SCA, Agile, CI/CD, Software Integrity, Build Security into DevOps, IAST, Manage Security Risks

Aug 27, 2018/2 min read

CVE-2018-11776: The latest Apache Struts vulnerability

By Fred Bals

Tags: SCA, Software Integrity, Security News & Trends, CyRC

Aug 26, 2018/3 min read

Securing applications with Coverity’s static analysis results

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, Security News & Trends, SAST

Aug 19, 2018/2 min read

Integrating Coverity static analysis into development workflows

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps, SAST

Aug 14, 2018/3 min read

The Apache Software Foundation can take a joke, but not when it comes to licensing

By Phil Odence

Tags: Software Integrity, Manage Security Risks, OSS License Compliance

Aug 14, 2018/2 min read

The AppSec alphabet soup: A guide to SAST, IAST, DAST, and RASP

By Fred Bals

Tags: Software Integrity, IAST, SAST, Web AppSec, Manage Security Risks

Aug 10, 2018/5 min read

How to help your medical devices meet the UL (and FDA) standard

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Medical Devices, Healthcare

Aug 01, 2018/3 min read

Slim Docker Images for Rails

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Build Security into DevOps

Jul 31, 2018/2 min read

LifeLock lesson—Third party security is your security

By Tim Mackey

Tags: Software Integrity, Security News & Trends, Secure the Software Supply Chain, Compliance

Jul 27, 2018/4 min read

SingHealth hit with ‘unprecedented’ cyber attack

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Healthcare

Jul 23, 2018/5 min read

FDA adopts UL 2900-2-1, improves cyber security of connected medical devices

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Medical Devices, Healthcare

Jul 20, 2018/4 min read

Remediating XSS: Does a single fix work?

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Build Security into DevOps, Web AppSec, Manage Security Risks

Jul 14, 2018/2 min read

How RASP complements application security testing to minimize risk

By Synopsys Editorial Team

Tags: Software Integrity, IAST, Web AppSec, Manage Security Risks

Jul 10, 2018/9 min read

Common security challenges in CI/CD workflows

By Meera Rao

Tags: Agile, CI/CD, Software Integrity, SAST, Manage Security Risks

Jul 01, 2018/4 min read

Vulnerable routers are still out there—and hackers are noticing

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, SAST, Internet of Things

Jun 14, 2018/3 min read

The what, why, and who of runtime application self-protection (RASP)

By Synopsys Editorial Team

Tags: Software Integrity, Web AppSec, Manage Security Risks

Jun 06, 2018/2 min read

5 DevSecOps essentials and how to achieve them

By Synopsys Editorial Staff

Tags: Agile, CI/CD, Software Integrity, Security News & Trends, DevSecOps

May 25, 2018/3 min read

How does the TeenSafe data leak present a classic false sense of security?

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Cloud Security

May 07, 2018/9 min read

How to integrate SAST into the DevSecOps pipeline in 5 simple steps

By Meera Rao

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps, DevSecOps, SAST

Apr 30, 2018/4 min read

8 takeaways from NIST’s Application Container Security Guide

By Tim Mackey

Tags: Agile, CI/CD, Software Integrity, Security News & Trends, Container Security

Apr 12, 2018/2 min read

Data breaches and more data breaches—oh my!

By Tim Mackey

Tags: Software Integrity, Security News & Trends, Compliance

Apr 03, 2018/7 min read

How to break car kits with Bluetooth fuzz testing

By Pekka Oikarainen

Tags: Software Integrity, Fuzzing, Manage Security Risks, Automotive

Apr 03, 2018/5 min read

IMF wants to pierce the blockchain anonymity veil

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Financial Services

Apr 02, 2018/5 min read

Using containers? What’s hidden in your container images?

By Tim Mackey

Tags: Software Integrity, Manage Security Risks, Container Security

Mar 26, 2018/56 min read

Cracking XenForo corpuses: An unsupported sha256(sha256($pass).$salt) hash type

By Travis Biehn

Tags: Software Integrity, Build Security into DevOps, Training

Mar 21, 2018/8 min read

Detecting Spectre vulnerability exploits with static analysis

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, SAST

Mar 21, 2018/6 min read

Weighing the pros and cons of open sourcing election software

By Tim Mackey

Tags: Software Integrity, Public Sector

Mar 18, 2018/3 min read

What’s the difference between agile, CI/CD, and DevOps?

By John Steven

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps

Mar 16, 2018/6 min read

Still just recommendations, not regulation, for IoT security

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, Internet of Things, Public Sector

Mar 04, 2018/4 min read

Closing the CVE gap still a work in progress

By Taylor Armerding

Tags: Software Integrity, Security News & Trends

Mar 01, 2018/3 min read

The GitHub Memcached DDoS: It shouldn't have happened | Synopsys

By Taylor Armerding

Tags: Software Integrity, Security News & Trends

Feb 26, 2018/

Subscribe to stay on top of the latest in software security

By Synopsys Editorial Team

Tags: Software Integrity

Feb 19, 2018/4 min read

Can Coverity automatically ignore issues in third-party or noncritical code?

By Kris Diefenderfer

Tags: Software Integrity, Build Security into DevOps, SAST

Feb 14, 2018/3 min read

Small crypto mining attack points to big browser problem

By Taylor Armerding

Tags: Software Integrity, Security News & Trends

Feb 12, 2018/3 min read

In an IoT-filled world, be alert in the wake of ‘Hide and Seek’

By Taylor Armerding

Tags: Software Integrity, Security News & Research, Internet of Things

Jan 30, 2018/5 min read

Migrating to Docker on Black Duck

By Synopsys Editorial Team

Tags: SCA, Software Integrity, Build Security into DevOps, Container Security

Jan 23, 2018/2 min read

When software is the company, tech due diligence is critical

By Fred Bals

Tags: SCA, M&A, Software Integrity, OSS License Compliance

Jan 19, 2018/1 min read

Is shadow engineering developing your applications?

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, Security News & Trends

Jan 18, 2018/6 min read

The Data Protection Directive versus the GDPR: Understanding key changes

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Compliance

Jan 09, 2018/1 min read

Manage security risk in GitHub open source projects with CoPilot

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, Security News & Trends

Jan 08, 2018/4 min read

What does GDPR enforcement mean for your business?

By Stephen Gardner

Tags: Software Integrity, Security News & Trends, Compliance

Jan 02, 2018/3 min read

Is breach of the GPL license breach of contract?

By Synopsys Editorial Team

Tags: Software Integrity, OSS License Compliance

Dec 06, 2017/1 min read

PayPal uncovers TIO Networks data breach affecting 1.6 million users

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Nov 29, 2017/7 min read

Attacks on TLS vulnerabilities: Heartbleed and beyond

By Mantej Singh Rajpal

Tags: Software Integrity, Manage Security Risks

Nov 29, 2017/4 min read

Navigating responsible vulnerability disclosure best practices

By Synopsys Editorial Team

Tags: Software Integrity, Fuzzing, AppSec Best Practices, Manage Security Risks

Nov 15, 2017/2 min read

It’s time to enlist Security Champions to fuel Agile development

By Brendan Sheairs

Tags: Agile, CI/CD, Software Integrity, Security News & Trends

Nov 13, 2017/2 min read

Streamlining development with a DevSecOps life cycle

By Apoorva Phadke

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps, DevSecOps, Manage Security Risks

Nov 01, 2017/4 min read

How to proactively protect IoT devices from DDoS attacks

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Oct 17, 2017/2 min read

KRACK: Examining the WPA2 protocol flaw and what it means for your business

By Mantej Singh Rajpal

Tags: Software Integrity, Security News & Trends

Oct 17, 2017/5 min read

ROCA: Cryptographic flaws in BitLocker, Secure Boot, and millions of smartcards

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Oct 14, 2017/3 min read

What is cloud-native container security?

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, Security News & Trends, Cloud Security

Oct 12, 2017/1 min read

Black Duck and Google Grafeas: Improving container visibility and security

By Synopsys Editorial Team

Tags: SCA, Agile, CI/CD, Software Integrity, Container Security

Oct 03, 2017/4 min read

Examining Apache Struts remote code execution vulnerabilities

By Christopher Fearon

Tags: Software Integrity, Security News & Trends

Sep 29, 2017/5 min read

How to implement security measures without negatively affecting software quality

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Sep 21, 2017/3 min read

Why do companies need a software security program?

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks

Sep 15, 2017/3 min read

Equifax, Apache Struts, and CVE-2017-5638 vulnerability

By Fred Bals

Tags: Software Integrity, Security News & Trends, Secure the Software Supply Chain, Manage Security Risks

Sep 14, 2017/5 min read

Pandora’s box: Exploits show package manager blind spots

By Damon Weinstein

Tags: Software Integrity, Manage Security Risks

Sep 13, 2017/3 min read

So Apache broke up with Facebook. How does that affect you?

By Synopsys Editorial Team

Tags: M&A, Software Integrity, Security News & Trends, OSS License Compliance

Sep 12, 2017/3 min read

What you need to know about BlueBorne Bluetooth flaws

By Synopsys Editorial Team

Tags: Software Integrity, Fuzzing, Security News & Trends, SAST, Internet of Things

Sep 10, 2017/3 min read

Synopsys finds 3 Linux kernel vulnerabilities

By Synopsys Editorial Team

Tags: Software Integrity, Fuzzing, Security News & Trends

Sep 10, 2017/6 min read

Did lack of visibility into Apache Struts lead to the Equifax breach?

By Patrick Carey

Tags: Software Integrity, Security News & Trends, Secure the Software Supply Chain, Manage Security Risks

Sep 08, 2017/3 min read

What can your firm learn from the unfolding Equifax hack?

By Amit Sethi

Tags: Software Integrity, Security News & Trends

Sep 05, 2017/2 min read

“Easy” to hack Apache Struts vulnerability CVE-2017-9805

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Sep 05, 2017/6 min read

A journey through the secure software development life cycle phases

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Threat & Risk Assessment, Threat Modeling, Manage Security Risks

Aug 28, 2017/4 min read

DEF CON 25 exposes voting system vulnerabilities

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Public Sector

Aug 22, 2017/1 min read

Hub Detect: Comprehensive open source scanning

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Aug 15, 2017/3 min read

Scan nirvana: Hub Detect for all native build and CI tools

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps

Aug 14, 2017/2 min read

The quietly accelerating adoption of the AGPL

By Phil Odence

Tags: Software Integrity, OSS License Compliance

Jul 17, 2017/4 min read

Insecure example code leads to insecure production code

By Mike Lyman

Tags: Software Integrity, Security News & Trends, Training

Jul 07, 2017/3 min read

Is threat modeling compatible with Agile and DevSecOps?

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, Threat Modeling, Manage Security Risks

Jul 06, 2017/8 min read

Building your DevSecOps pipeline: 5 essential activities

By Meera Rao

Tags: Agile, CI/CD, Software Integrity, Build Security into DevOps

Jun 21, 2017/2 min read

3 permissive licenses and why they deserve a little respect

By Synopsys Editorial Team

Tags: M&A, Software Integrity, OSS License Compliance

Jun 20, 2017/4 min read

A primer on protecting keys and secrets in Microsoft Azure

By Sakthi Mohan

Tags: Software Integrity, Build Security into DevOps, Manage Security Risks

Jun 12, 2017/3 min read

Introducing Black Duck CoPilot

By Patrick Carey

Tags: Agile, CI/CD, Software Integrity, Security News & Trends, Cloud Security

Jun 06, 2017/4 min read

Security topics every software developer should know

By Apoorva Patankar

Tags: Software Integrity, Build Security into DevOps, Training

Jun 05, 2017/2 min read

Encryption technology in your code impacts export requirements

By Phil Odence

Tags: Software Integrity, Security News & Trends

May 30, 2017/3 min read

Why should every eCommerce website have an SSL certificate?

By Jamie Boote

Tags: Software Integrity, Web AppSec, Manage Security Risks

May 29, 2017/2 min read

4 key differences moving from Java to .NET Core

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

May 24, 2017/2 min read

When should threat modeling take place in the SDLC?

By Synopsys Editorial Team

Tags: Software Integrity, Threat Modeling, Manage Security Risks

May 16, 2017/2 min read

Node.js: Preventing common vulnerabilities in the MEAN stack

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Web AppSec, Manage Security Risks

May 08, 2017/5 min read

AngularJS: Preventing common vulnerabilities in the MEAN stack

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Web AppSec

May 07, 2017/3 min read

DoublePulsar continues to expose older Windows boxes: What you need to know

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

May 07, 2017/2 min read

.NET component vulnerability analysis in production

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, Security News & Trends

May 01, 2017/3 min read

Heartbleed: OpenSSL vulnerability lives on

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Apr 27, 2017/3 min read

What are the signs your web application has been hacked?

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Apr 20, 2017/2 min read

ExpressJS: Preventing common vulnerabilities in the MEAN stack (Part 1)

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Web AppSec, Manage Security Risks

Apr 18, 2017/4 min read

How to mitigate third-party security risks

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Threat & Risk Assessment, Manage Security Risks

Apr 13, 2017/5 min read

MongoDB: Preventing common vulnerabilities in the MEAN stack

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Web AppSec

Apr 04, 2017/7 min read

Attributes of secure web application architecture

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Build Security into DevOps, Web AppSec, Manage Security Risks

Apr 04, 2017/3 min read

Cloudera IPO: Risk for cyber attacks, lawsuits, and loss of IP?

By Fred Bals

Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance

Mar 26, 2017/4 min read

Does software quality equal software security? It depends

By Synopsys Editorial Team

Tags: SCA, Software Integrity, Fuzzing, Compliance, Manage Security Risks

Mar 22, 2017/4 min read

Forging a SHA-1 MAC using a length-extension attack in Python

By Mantej Singh Rajpal

Tags: Software Integrity, Build Security into DevOps, Web AppSec

Mar 22, 2017/6 min read

Swift: Close to greatness in programming language design, Part 2

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, SAST

Mar 21, 2017/3 min read

Vulnerability management and triage in 3 steps

By Synopsys Editorial Team

Tags: Software Integrity, AppSec Best Practices, Manage Security Risks

Mar 18, 2017/2 min read

CVE-2017-2636 strikes Linux kernel with double free vulnerability

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Mar 09, 2017/3 min read

New Apache Struts 2 zero-day vulnerability: What you need to know

By Meera Rao

Tags: SCA, Software Integrity, Security News & Trends

Mar 01, 2017/2 min read

Howard Schmidt, the United States’ first Cybersecurity Czar, has died

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Public Sector

Feb 27, 2017/4 min read

Responsible disclosure on a timetable

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Healthcare

Feb 23, 2017/11 min read

AngularJS security series part 1: Angular $http service

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Training, Web AppSec

Feb 23, 2017/6 min read

What is dual licensing? 3 software licensing models to consider

By Matt Jacobs

Tags: M&A, Software Integrity, OSS License Compliance

Feb 22, 2017/3 min read

Cloudbleed, like Heartbleed, may affect millions

By Synopsys Editorial Team

Tags: Software Integrity, Fuzzing, Security News & Trends, Cloud Security, Manage Security Risks

Feb 17, 2017/3 min read

Moving beyond ‘moving left’: The case for developer enablement

By Jim Ivers

Tags: Software Integrity, Training, Manage Security Risks

Feb 16, 2017/2 min read

Examining vulnerability criticality when risk ranking vulnerabilities

By Synopsys Editorial Team

Tags: Software Integrity, Manage Security Risks

Jan 31, 2017/3 min read

An overview of open standards for IoT communication protocols

By Synopsys Editorial Team

Tags: Software Integrity, Compliance, Internet of Things

Jan 23, 2017/2 min read

3 things to consider when risk ranking your applications

By Synopsys Editorial Team

Tags: Software Integrity, Threat & Risk Assessment, Threat Modeling, Manage Security Risks

Jan 11, 2017/3 min read

How much do bugs cost to fix during each phase of the SDLC?

By Arvinder Saini

Tags: Software Integrity, Build Security into DevOps, Threat & Risk Assessment, Pen Testing, IAST, Manage Security Risks

Dec 27, 2016/8 min read

AngularJS 1.6: Life outside the sandbox

By David Johansson

Tags: Software Integrity, Security News & Trends

Dec 14, 2016/2 min read

How to prevent SQL injection attacks: A cheat sheet

By Jamie Boote

Tags: Software Integrity, Build Security into DevOps, SAST, Manage Security Risks

Dec 08, 2016/3 min read

The fly in the ointment of the JSON license

By Synopsys Editorial Team

Tags: Software Integrity, OSS License Compliance

Nov 28, 2016/4 min read

5 reasons to use third-party authentication instead of creating your own

By Synopsys Editorial Staff

Tags: Software Integrity, Build Security into DevOps, Compliance, SAST

Nov 28, 2016/3 min read

Here are the top 10 best practices for securing Android apps

By Synopsys Editorial Team

Tags: Software Integrity, AppSec Best Practices, Mobile, Training, Manage Security Risks

Nov 21, 2016/4 min read

Hearts and minds: Culture management vs. human resources

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Nov 19, 2016/5 min read

Sweet32: Time to retire 3DES?

By Amit Sethi

Tags: Software Integrity, Build Security into DevOps

Nov 14, 2016/1 min read

Set up a software security group in 5 steps

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks

Nov 12, 2016/7 min read

How to respond to application security incidents

By Synopsys Editorial Team

Tags: Software Integrity, Manage Security Risks

Nov 08, 2016/5 min read

Abuse cases: How to think like a hacker

By Synopsys Editorial Staff

Tags: Software Integrity, Build Security into DevOps

Nov 07, 2016/5 min read

How to choose between closed source and open source software

By Jamie Boote

Tags: Software Integrity, Build Security into DevOps, SAST

Nov 06, 2016/5 min read

OSS warranties and indemnities in technology transactions

By Synopsys Editorial Team

Tags: M&A, Software Integrity, OSS License Compliance

Nov 05, 2016/4 min read

How to create an open source management policy

By Matt Jacobs

Tags: Software Integrity, OSS License Compliance

Nov 05, 2016/2 min read

Synopsys expands security signoff solution with Cigital and Codiscope acquisition

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Manage Security Risks

Oct 24, 2016/3 min read

Dyn DDoS attack: IoT vulnerabilities

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Internet of Things

Oct 21, 2016/2 min read

The pursuit of Hapi-ness: 5 must-have Hapi security plugins

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Oct 19, 2016/4 min read

Brace yourselves: Application transport security is coming

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Mobile

Oct 19, 2016/3 min read

Vulnerability management: Designing severity risk ranking systems

By Synopsys Editorial Team

Tags: Software Integrity, Fuzzing, Security News & Trends

Oct 14, 2016/3 min read

Open source security management: A question of when, not whether

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Security News & Trends, SAST

Oct 12, 2016/5 min read

Why isn’t cyber security taught in schools?

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Training

Oct 05, 2016/4 min read

Guide to open source licenses

By Synopsys Editorial Team

Tags: M&A, Software Integrity, OSS License Compliance

Sep 26, 2016/2 min read

Identifying and resolving software vulnerabilities: A balancing act

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks

Sep 24, 2016/1 min read

AAMI TIR57 recognized by the FDA as a foundational cybersecurity standard for medical devices

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Compliance, Medical Devices

Sep 21, 2016/2 min read

Why there are at least 6,000 vulnerabilities without CVE-IDs

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Sep 19, 2016/6 min read

AGPL: Out of the shadows

By Synopsys Editorial Team

Tags: M&A, Software Integrity, Security News & Trends, OSS License Compliance

Sep 15, 2016/1 min read

Software testing included in final ISA / IEC 62443-4-1

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Compliance

Sep 14, 2016/3 min read

The greatest security vulnerability: Humans

By Sakthi Mohan

Tags: Software Integrity, Security News & Trends

Sep 07, 2016/2 min read

The Complete Security Vulnerability Assessment Checklist

By Synopsys Editorial Team

Tags: Software Integrity, Threat & Risk Assessment, Web AppSec, Manage Security Risks

Sep 05, 2016/2 min read

Heartbleed bug: How it works and how to avoid similar bugs

By Anil Gajawada

Tags: Software Integrity, Web AppSec, Manage Security Risks

Aug 31, 2016/3 min read

Recognizing Another Type of Threat: Non-targeted Attacks

By Synopsys Editorial Team

Tags: Software Integrity, Manage Security Risks

Aug 24, 2016/3 min read

4 ineffective security controls that leave you with a false sense of security

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Training

Aug 24, 2016/2 min read

Pseudorandom number generation means pseudosecurity

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Training

Aug 17, 2016/6 min read

4 principles of secure software design

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Aug 08, 2016/3 min read

Avoiding false positives in application security through customization

By Synopsys Editorial Team

Tags: Software Integrity, Build Secure Software, SAST, Web AppSec, Manage Security Risks

Aug 01, 2016/5 min read

An escape room called the ‘AngularJS sandbox’

By Ksenia Peguero

Tags: Software Integrity, Build Security into DevOps

Jul 18, 2016/2 min read

Web application security threats and countermeasures

By Synopsys Editorial Team

Tags: Software Integrity, Web AppSec, Manage Security Risks

Jul 12, 2016/3 min read

The 5 pillars of a successful threat model

By Synopsys Editorial Staff

Tags: Software Integrity, Threat Modeling, Manage Security Risks

Jun 13, 2016/5 min read

How to mitigate the Java deserialization vulnerability in JBoss application servers

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, AppSec Best Practices

Jun 13, 2016/8 min read

Rocket.Chat: Enabling privately hosted chat services

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Jun 01, 2016/3 min read

4 threat modeling questions to ask before your next Agile sprint

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, Threat Modeling, Manage Security Risks

May 26, 2016/6 min read

What are the real security implications of the Hillary Clinton email scandal?

By Travis Biehn

Tags: Software Integrity, Security News & Trends, Manage Security Risks

May 24, 2016/1 min read

For want of a CVE: MITRE’s ongoing CVE backlog

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

May 17, 2016/4 min read

10 ways to infuse security into your software development life cycle

By Kris Balarama

Tags: Software Integrity, AppSec Best Practices, Manage Security Risks

May 14, 2016/5 min read

Best practices for free and open source software vulnerability management

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, AppSec Best Practices

May 05, 2016/4 min read

Are SaaS companies immune to open source risk?

By Synopsys Editorial Team

Tags: Software Integrity, OSS License Compliance

Apr 28, 2016/3 min read

Man in the middle: When Bob met Alice, and Eve heard everything

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Build Security into DevOps, Web AppSec, Manage Security Risks

Apr 27, 2016/3 min read

The open perimeter: Is your internal network protected?

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Internet of Things

Apr 26, 2016/6 min read

Node.js and Socket.IO: How security fails when ‘null’ is ‘false’

By David Johansson

Tags: Software Integrity, Security News & Trends

Apr 25, 2016/3 min read

The complete web application security testing checklist

By Christopher Cummings

Tags: Software Integrity, Web AppSec, Manage Security Risks

Apr 12, 2016/6 min read

Application security vs. software security: What’s the difference?

By Monika Chakraborty

Tags: Software Integrity, Build Security into DevOps, Mobile, Web AppSec

Apr 12, 2016/7 min read

TLS 1.3 and the future of cryptographic protocols

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Apr 11, 2016/1 min read

Synopsys discovers CVE-2015-5370 in Samba’s DCE/RPC protocol implementation

By Synopsys Editorial Team

Tags: Software Integrity, Fuzzing, Security News & Trends, CyRC

Apr 04, 2016/2 min read

How to avoid the top 10 software security flaws

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Apr 01, 2016/5 min read

Proper use of Java SecureRandom

By Amit Sethi

Tags: Software Integrity, Security News & Trends, Training

Mar 15, 2016/3 min read

How to do static analysis testing in 6 easy steps

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, AppSec Best Practices, SAST, Manage Security Risks

Mar 12, 2016/2 min read

Web application security basics: 3 tips to get started

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Mar 09, 2016/3 min read

What’s the difference? OAuth 1.0 vs OAuth 2.0

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Training, Web AppSec

Mar 08, 2016/9 min read

An examination of ineffective certificate pinning implementations

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Mobile

Feb 22, 2016/3 min read

Security risks in mergers and acquisitions

By Synopsys Editorial Team

Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance

Feb 10, 2016/2 min read

Static analysis tools: Are they the best for finding bugs?

By Apoorva Phadke

Tags: Software Integrity, Build Security into DevOps, SAST, Manage Security Risks

Feb 04, 2016/3 min read

Do you believe the 7 myths of software security?

By Synopsys Editorial Staff

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks

Feb 01, 2016/4 min read

7 fundamentals of an application security program

By Stephen Gardner

Tags: Software Integrity, Security News & Trends

Jan 27, 2016/5 min read

When and how to support static analysis tools with manual code review

By Mike Lyman

Tags: Software Integrity, Build Security into DevOps, SAST, Web AppSec, Manage Security Risks

Jan 24, 2016/4 min read

3 security risks that architecture analysis can resolve

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Threat & Risk Assessment

Jan 18, 2016/4 min read

Pen testing best practices to take the pain out of penetration testing

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, AppSec Best Practices, Web AppSec

Jan 14, 2016/2 min read

5 essentials of cloud-based application security testing

By Synopsys Editorial Team

Tags: Agile, CI/CD, Software Integrity, Cloud Security, Manage Security Risks

Dec 21, 2015/4 min read

How to mitigate your third-party mobile keyboard risk

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Mobile

Dec 17, 2015/6 min read

Android WebViews and the JavaScript to Java bridge

By Andrew Lee-Thorp

Tags: Software Integrity, Build Security into DevOps, Mobile

Dec 12, 2015/5 min read

The top hacking techniques of 2015 and how they work

By Jamie Boote

Tags: Software Integrity, Security News & Trends

Dec 10, 2015/2 min read

What Is Cross-Site Request Forgery?

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Dec 10, 2015/2 min read

What are cryptographic hash functions?

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Build Security into DevOps, Manage Security Risks

Dec 05, 2015/3 min read

3 ways abuse cases can drive security requirements

By Synopsys Editorial Staff

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks

Oct 22, 2015/5 min read

Software security myth #3: Penetration testing solves everything

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, AppSec Best Practices, Pen Testing, Manage Security Risks

Oct 09, 2015/5 min read

Using the SafetyNet API

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Mobile

Oct 07, 2015/4 min read

3 fundamentals of a software security initiative

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks

Sep 27, 2015/4 min read

Adding security steps to your agile development process

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Sep 23, 2015/7 min read

Benefits of Code Scanning for Code Review

By Mike Lyman

Tags: Software Integrity, Security News & Trends, Build Security into DevOps, SAST

Sep 22, 2015/4 min read

Agile and application security: A promising pair

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Sep 16, 2015/2 min read

5 ways to pay your technical debt back

By Jim Ivers

Tags: Software Integrity, Security News & Trends

Aug 14, 2015/3 min read

The cathedral and the bazaar of software security vulnerabilities

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Aug 06, 2015/1 min read

Serving resources over SSL with CSP upgrade-insecure-requests

By Ksenia Peguero

Tags: Software Integrity, Build Security into DevOps, Web AppSec, Manage Security Risks

Aug 04, 2015/5 min read

Software is everywhere

By Synopsys Editorial Team

Tags: Software Integrity, Fuzzing, Security News & Trends

Aug 03, 2015/5 min read

Integrating Touch ID into your iOS applications

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Mobile

Jul 27, 2015/3 min read

3 reasons software security governance is essential to your business

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Manage Security Risks

Jul 26, 2015/2 min read

How to build a red teaming playbook

By Synopsys Editorial Team

Tags: Software Integrity, Threat & Risk Assessment, Manage Security Risks

Jul 21, 2015/1 min read

How to build a game-changing red team

By Thomas Richards

Tags: Software Integrity, Security News & Trends

Jun 18, 2015/3 min read

Samsung Galaxy phone hack: Making sense of the “Samsung” RCE vulnerability

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Jun 18, 2015/2 min read

4 application security skills every expert ought to have

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Training, Web AppSec

Apr 07, 2015/4 min read

How mapping the Ocean’s Eleven heist can make you better at application security testing

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps

Mar 30, 2015/3 min read

Is conventional penetration testing enough to secure e-commerce applications?

By Synopsys Editorial Team

Tags: Software Integrity, Pen Testing, Web AppSec, Manage Security Risks

Mar 22, 2015/4 min read

The 3 laws of robots.txt

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Build Security into DevOps, Web AppSec

Mar 15, 2015/3 min read

XML External Entity Injection

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Security News & Trends

Feb 04, 2015/1 min read

Build software security in. Don’t rely on a tower defense strategy.

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Feb 01, 2015/5 min read

The role of randomness in online gambling

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Dec 13, 2014/8 min read

How to fix cross-site scripting: A developer’s guide

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Build Security into DevOps

Nov 03, 2014/9 min read

Understanding Python bytecode

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Web AppSec, Manage Security Risks

Oct 19, 2014/7 min read

Poodle: Yet another attack on SSLv3 (SSL 3.0)

By Chandu Ketkar

Tags: Software Integrity, Web AppSec

Aug 14, 2014/3 min read

How To Fix POODLE (And Why You’re Probably Still Vulnerable)

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Security News & Trends

Jul 29, 2014/4 min read

Multi-Stack Integration Tests with CircleCI

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

May 28, 2014/3 min read

Standard versus proprietary security protocols

By Chandu Ketkar

Tags: Software Integrity, Compliance, Mobile, Manage Security Risks, Internet of Things

May 19, 2014/4 min read

Cordova InAppBrowser remote privilege escalation

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

May 15, 2014/2 min read

Software due diligence: Before you buy it, look under the hood

By Matt Jacobs

Tags: M&A, Software Integrity, OSS License Compliance

Apr 24, 2014/3 min read

Understanding fragment injection

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Mobile, Web AppSec

Apr 13, 2014/4 min read

On detecting Heartbleed with static analysis

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Build Security into DevOps, SAST

Apr 07, 2014/6 min read

Heartbleed vulnerability: What should you do?

By Synopsys Editorial Team

Tags: Software Integrity, Fuzzing, Security News & Trends, Build Security into DevOps

Feb 25, 2014/6 min read

Understanding the Apple ‘goto fail;’ vulnerability

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Mobile

Jan 20, 2014/2 min read

SHA2 ‘vs.’ SHA1

By John Steven

Tags: Software Integrity, Program Strategy & Planning, Build Security into DevOps, Compliance

Jan 15, 2014/3 min read

SecureRandom implementation (sun.security.provider.SecureRandom – SHA1PRNG)

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps

Jan 05, 2014/2 min read

Issues to be aware of when using Java's SecureRandom

By Synopsys Editorial Staff

Tags: Software Integrity, Build Security into DevOps

Oct 29, 2013/2 min read

Remote code execution in Apache Roller via OGNL injection

By Synopsys Editorial Staff

Tags: Software Integrity, Security News & Trends

Oct 15, 2013/3 min read

2 path traversal defects in Oracle's JSF2 implementation

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Jul 25, 2013/7 min read

Protect Your Website From Its Embedded Content With iFrames

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Build Security into DevOps

Jul 09, 2013/6 min read

Stop Paying For SSL Certificates You Don’t Need

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Jun 27, 2013/5 min read

Cross-Browser Development Tips: Part 1 - CSS

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Mar 07, 2013/4 min read

Ruby Demystified: and vs. &&

By Synopsys Editorial Team

Tags: DAST, Software Integrity, Build Security into DevOps

Jan 24, 2013/4 min read

Who’s afraid of GPL3?

By Synopsys Editorial Team

Tags: Software Integrity, Manage Security Risks

Jun 10, 2012/11 min read

Securing password digests, or how to protect lonely unemployed radio listeners

By John Steven

Tags: Software Integrity, Security News & Trends

Apr 27, 2012/8 min read

Caching security architecture knowledge with design patterns

By John Steven

Tags: Software Integrity, Build Security into DevOps

Oct 31, 2010/2 min read

Secure URL redirection remediation

By Synopsys Editorial Team

Tags: Software Integrity, Program Strategy & Planning, Build Security into DevOps, Web AppSec

Aug 09, 2007/1 min read

Mitigate XSS: Why input validation is bogus

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends

Mar 14, 2007/1 min read

Busting the SQL stored procedure myth

By Synopsys Editorial Staff

Tags: Software Integrity, Security News & Trends

Jan 30, 2006/10 min read

Service-Oriented Architecture (SOA) & Software Security

By Gary McGraw

Tags: Software Integrity, Security News & Trends

Nov 28, 2004/9 min read

Static analysis for security

By Gary McGraw

Tags: Software Integrity, Security News & Trends

Sep 30, 2004/11 min read

Software security testing

By Gary McGraw

Tags: Software Integrity, Security News & Trends, AppSec Best Practices

May 30, 2004/15 min read

Risk analysis in software design

By Gary McGraw

Tags: Software Integrity, Threat & Risk Assessment, Manage Security Risks

Mar 31, 2004/9 min read

What is software security?

By Gary McGraw

Tags: Software Integrity, Program Strategy & Planning, Secure the Software Supply Chain, Cloud Security, Container Security

717

Stories

Writers

Top Writers

Synopsys Editorial Team

Taylor Armerding

Fred Bals

Last Published