Software Integrity

Archive for the 'Application Security' Category

 

Common security challenges in CI/CD workflows

In a recent webinar that I co-presented with Jay Lyman, principal cloud management and container analyst at 451 Research, we had the opportunity to discuss the realities and opportunities that exist in DevSecOps. Real security challenges In the Q&A portion of the webinar, attendees posed questions about how to solve the problem of building security […]

Continue Reading...

Posted in Application Security, CI/CD, DevSecOps, Featured

 

Third parties spoil the party and WordPress content mismanagement

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? FastBooking and BetVictor third parties spoil the security party, and a WordPress security flaw allows hackers to hijack entire websites. Watch to learn more: Hundreds […]

Continue Reading...

Posted in Application Security, Open Source Security, Weekly Security Mashup

 

Vulnerable routers are still out there—and hackers are noticing

Vulnerable routers aren’t news Long ago and far away—in 2014, which is indeed long ago and far away in our cutting-edge world of information technology—security gurus like Dan Geer, Jim Gettys, and Bruce Schneier were issuing urgent warnings about the catastrophic insecurity of routers—those devices in our homes that give us access to the World […]

Continue Reading...

Posted in Application Security, Internet of Things, Static Analysis (SAST)

 

Join Synopsys at codenomi-con and Black Hat USA 2018

Black Hat USA is returning to Mandalay Bay, Las Vegas, Nevada, this August, beginning with four days of technical trainings, followed by the two-day main conference Aug. 8–9. For 21 years Black Hat USA has been an important information security event, so of course we’ll be there—don’t miss us in Booth 128. Plus our director […]

Continue Reading...

Posted in Application Security, Featured, Interactive Application Security Testing (IAST), Security Conference or Event

 

Traffic systems at risk of cyberattack, Cortana and Alexa news, PyRoMineIoT Cryptojacker

The cyber security and open source security news that made headlines this week! Why isn’t secure DevOps being practiced? via IBM SecurityIntelligence: New research reveals that consistent practice of secure development and operations (DevOps) remains a challenge for organizations across industries. Only half of DevOps teams integrate application security testing elements in continuous integration and […]

Continue Reading...

Posted in Application Security, Internet of Things, Open Source Security

 

World Cup device hacking dangers, Apple malware, and VPNFilter updates

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode. What’s in this week’s Security Mashup episode, you ask? The FIFA World Cup overfloweth—with hackers, forgeries take a bite out of Apple security, and routing us to “Hackerville” (a VPNFilter update). Watch this […]

Continue Reading...

Posted in Application Security, Data Breach, Weekly Security Mashup

 

Big temperature drop in Hades as Microsoft buys GitHub

The big news for open source last week was Microsoft’s announced purchase of GitHub. A major win for open source? The beginning of the end? Read Software Integrity Insight to see both sides of the coin, as well as the rest of the cyber security and open source security news that made headlines this week! […]

Continue Reading...

Posted in Application Security, Open Source Security

 

The What, Why and Who of Runtime Application Self-Protection (RASP)

What is Runtime Application Self-Protection? According to Gartner, runtime application self-protection is “a security technology that is built on or linked into an application runtime environment, and is capable of controlling application execution, and detecting and preventing real-time attacks.” RASP security products integrate with an application to prevent attacks at runtime by monitoring and analyzing traffic and […]

Continue Reading...

Posted in Application Security, Runtime Application Self-Protection (RASP)

 

Coverity now features integrated on-demand developer training

The latest release of Coverity by Synopsys features seamless integration with our completely rebuilt eLearning platform, an on-demand developer training solution focusing on secure coding best practices and security guidance. On-demand developer training enables development teams Synopsys eLearning is an outcome-driven, learner-centric training solution that makes learning about security easy, relevant, and accessible. With eLearning, learners […]

Continue Reading...

Posted in Application Security, eLearning, Static Analysis (SAST)

 

Microsoft acquires GitHub, Election Insecurity, and Ticketfly data breach

  Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and unsecurity in this week’s Security Mashup episode. What’s in this week’s Security Mashup episode, you ask? GitHub acquired by Microsoft, election insecurity persists, and the Ticketfly data breach.  Play this week’s episode below:   Microsoft has snapped up […]

Continue Reading...

Posted in Application Security, Black Duck by Synopsys, Open Source Security, Weekly Security Mashup