Software Integrity Blog

Archive for the 'Application Security' Category

 

Under pressure: Managing the competing demands of development velocity and application security

Nearly 50% of development teams knowingly release vulnerable code. Learn why vulnerabilities are overlooked and how you can improve application security.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security

 

TANSTAAFL! The tragedy of the commons meets open source software

Open source projects can become victims of their own success. What can developers do to secure their open source software?

Continue Reading...

Posted in Application Security, Open Source Security

 

Black Duck continues to expand vulnerability prioritization methods

Today’s release of Black Duck adds vulnerability impact analysis, which indicates whether your application executes vulnerable code. Let’s look at how this addition further augments your prioritization efforts.

Continue Reading...

Posted in Application Security, Software Composition Analysis (SCA)

 

Developing a COVID-19 track and trace app — through the lens of Synopsys

The rapidly evolving COVID-19 emergency has set off a global race to trace, and Synopsys offers key considerations for track and trace application development.

Continue Reading...

Posted in Application Security, Mobile App Security

 

How to cyber security: Pain in the *AST

What’s the difference between IT security and application security? And what do all those acronyms mean? Learn more in our quick cyber security primer.

Continue Reading...

Posted in Application Security

 

To improve DevSecOps, set application security priorities

Where does application security fit into DevSecOps? Everywhere: from preventing vulnerabilities to securing open source to prioritizing significant defects.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security

 

Too many security tools can be as bad as too few

Security tool sprawl has made many teams so overwhelmed by security alerts that they can’t respond to them. Here’s how to deal with security tool overload.

Continue Reading...

Posted in Application Security

 

How to champion security in DevOps

Making the shift from DevOps to DevSecOps requires better communication, which you can help your teams accomplish with security training and enablement.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security

 

New DevSecOps study highlights need to address AppSec throughout the SDLC

The findings reaffirm the importance of shifting security left in the development process, enabling development teams with ongoing training as well as tooling solutions that complement their current processes so they can code securely without negatively impacting their velocity.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security

 

How DevSecOps done right makes application security easier

How do you integrate application security into DevOps? By enabling your developers to address security issues with automation, integration, and training.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security