Software Integrity

Archive for the 'Agile Methodology' Category

 

Synopsys maintains leadership position in the 2018 Gartner Magic Quadrant for Application Security Testing

I’m proud to report that the 2018 Gartner Magic Quadrant for Application Security Testing has positioned Synopsys as a leader for the second consecutive year. This designation clearly illustrates our growing vision and ability to execute on our solutions. Building a track record of leadership I’d like to take a moment also to call out […]

Continue Reading...

Posted in Agile Methodology, Black Duck by Synopsys, CI/CD, DevOps, Interactive Application Security Testing (IAST) | Comments Off on Synopsys maintains leadership position in the 2018 Gartner Magic Quadrant for Application Security Testing

 

What’s the difference between Agile, CI/CD, and DevOps?

We’ve been seeing a lot of instances recently in which the terms Agile, CI/CD, and DevOps are used interchangeably. 3 different tools for building your practice You couldn’t build a house with a single tool. Nor can you enable your development practice with one. Agility, CI/CD, and DevOps are three distinct tools, each important in […]

Continue Reading...

Posted in Agile Methodology, CI/CD, DevOps | Comments Off on What’s the difference between Agile, CI/CD, and DevOps?

 

7 things to consider when transitioning your applications to the Cloud

Written in coordination with Ugochukwu Enyioha Organizations are moving their applications to the Cloud (or using the Cloud as a starting point for application development) at an astonishing rate. According to Forbes, 73% of companies are planning to move to a fully software-defined data center within 2 years. The shift is motivated by three primary […]

Continue Reading...

Posted in Agile Methodology, Cloud Security, DevOps | Comments Off on 7 things to consider when transitioning your applications to the Cloud

 

It’s time to enlist Security Champions to fuel Agile development

A 2015 Gartner report estimated that 25% of Global 2000 organizations would be using DevOps and Agile development practices as part of their mainstream strategies by the close of 2016. Our experience with Synopsys customers confirms this prediction has come true. In Agile development, passes through the software development life cycle (SDLC) occur more often […]

Continue Reading...

Posted in Agile Methodology, Application Security | Comments Off on It’s time to enlist Security Champions to fuel Agile development

 

Accelerate your agile security strategy

  “In the face of more rapid iterative and agile design and development efforts, the time required becomes even more precious. It’s not hard to understand why even the most well-intentioned manager will make the pragmatic decision to skip the effort, or pay it lip service.” -Gartner Testing tools help meet the challenges Automation is […]

Continue Reading...

Posted in Agile Methodology, Application Security, Infographic | Comments Off on Accelerate your agile security strategy

 

Webinar: Update your AppSec strategy to run effectively in a DevOps world

DevOps enables you to release features and bug remediation efforts faster than ever before through Agile methodologies, CI/CD processes, and open source tools. While traditional security activities have trouble keeping pace with DevOps, it’s also critical not to let security fall behind. Is security tripping you up? As the DevOps revolution continues to advance, security […]

Continue Reading...

Posted in Agile Methodology, CI/CD, DevOps, Security Training | Comments Off on Webinar: Update your AppSec strategy to run effectively in a DevOps world

 

Is threat modeling compatible with Agile and DevSecOps?

Bryan Sullivan, a Security Program Manager at Microsoft, called threat modeling a “cornerstone of the SDL” during a Black Hat Conference presentation. He calls it a ‘cornerstone’ because a properly executed threat model: Finds architectural and design flaws that are difficult or impossible to detect through other methods. Identifies the most ‘at-risk’ components. Helps stakeholders […]

Continue Reading...

Posted in Agile Methodology, Application Security, DevOps | Comments Off on Is threat modeling compatible with Agile and DevSecOps?

 

Agile development for application security managers

In today’s competitive business environment, it is more important than ever to develop applications not only accurately but quickly. The traditional “waterfall” method is effective, but requires so many steps that the process cannot keep up with today’s software development needs. Agile is a development methodology that speeds up software development dramatically, along with several […]

Continue Reading...

Posted in Agile Methodology, Application Security | Comments Off on Agile development for application security managers

 

A spell check equivalent for building security in

Originally posted on SecurityWeek I can honestly say that spell check is the reason I now know how to spell “separate.” It only took about 20 years of patient and faithful repetition from Microsoft Word. The concept of spell check is intriguing when considered in the context of security. There is a significant benefit to […]

Continue Reading...

Posted in Agile Methodology, Security Training, Static Analysis (SAST) | Comments Off on A spell check equivalent for building security in

 

How does Agile overcome common software security challenges?

Paradoxically, security is a negative goal. To secure something, you must understand how insecure it is. Start by trying to break it or by figuring out how other people might break it. The same is true of software. For example, a simple user input field on a mobile or web app may require the user to […]

Continue Reading...

Posted in Agile Methodology, Software Development Life Cycle (SDLC), Software Security Testing | Comments Off on How does Agile overcome common software security challenges?