Software Integrity Blog

Archive for the 'Agile, CI/CD & DevOps' Category

 

Webinar: Cloud DevSecOps with Synopsys and AWS

In our on-demand webinar with Binoy Das (AWS) and Dave Meurer (Synopsys), you’ll learn how to manage security in your cloud DevSecOps processes with automation.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Cloud Security, General, Webinars | Comments Off on Webinar: Cloud DevSecOps with Synopsys and AWS

 

Webinar: Static analysis helps DevOps teams maintain velocity securely

In our on-demand webinar with Meera Rao (Synopsys), you’ll learn how to integrate SAST into DevOps using automation to find issues early in the SDLC and support DevOps velocity.

Continue Reading...

Posted in Agile, CI/CD & DevOps, General, Static Analysis (SAST), Webinars | Comments Off on Webinar: Static analysis helps DevOps teams maintain velocity securely

 

Webinar: Using Security Champions to build a DevSecOps culture within your organization

In our on-demand webinar with Brendan Sheairs (Synopsys), you’ll learn about the fundamentals and challenges of building a Security Champions program to transform DevOps into DevSecOps.

Continue Reading...

Posted in Agile, CI/CD & DevOps, General, Security Training, Webinars | Comments Off on Webinar: Using Security Champions to build a DevSecOps culture within your organization

 

The intersection between IAST and SCA and why you need both in your security toolkit

Interactive application security testing (IAST) and software composition analysis (SCA) are powerful technologies—and you need both in your security toolkit.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Interactive Application Security Testing (IAST), Software Composition Analysis | Comments Off on The intersection between IAST and SCA and why you need both in your security toolkit

 

Securing applications with Coverity’s static analysis results

This is the third post in a three-part series on how you can maximize the impact of a static analysis solution by supporting developers and their goals.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Static Analysis (SAST) | Comments Off on Securing applications with Coverity’s static analysis results

 

Integrating Coverity static analysis into development workflows

This is the second post in a three-part series on how you can maximize the impact of a static analysis solution by supporting developers and their goals.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Static Analysis (SAST) | Comments Off on Integrating Coverity static analysis into development workflows

 

Making the skies safe and secure with DO-178C compliance

A little background on DO-178 We live with software failure every day—from cell phones and laptops that crash or hang to headline-grabbing stories of personal data breaches. Software has been used in safety-critical airborne applications for decades, but fatalities caused by software are unheard of in civil aviation. Why this difference? The reason is the way airborne software is certified, following the objectives defined in DO-178.

Continue Reading...

Posted in Agile, CI/CD & DevOps, General, Static Analysis (SAST) | Comments Off on Making the skies safe and secure with DO-178C compliance

 

Common security challenges in CI/CD workflows

What are the most common security challenges in CI/CD workflows? Organizations report CI/CD security challenges related to tools, approach, speed, false positives, developer resistance, and compliance. Meera Rao, director of the secure development practice at Synopsys, explains how to deal with each one effectively.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Static Analysis (SAST), Webinars | Comments Off on Common security challenges in CI/CD workflows

 

Enable DevSecOps with Coverity: Deliver secure code faster

Traditional software security can be too slow for DevOps. The answer: DevSecOps. To create secure software quickly, you need automated static analysis.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Static Analysis (SAST) | Comments Off on Enable DevSecOps with Coverity: Deliver secure code faster

 

5 essentials for getting your bearings in a DevSecOps world

Embracing a DevSecOps practice requires key cultural and practical changes to integrate security into the SDLC. Learn about the 5 essentials for DevSecOps.

Continue Reading...

Posted in Agile, CI/CD & DevOps | Comments Off on 5 essentials for getting your bearings in a DevSecOps world