Software Integrity

Archive for the 'CI/CD' Category

 

Common security challenges in CI/CD workflows

In a recent webinar that I co-presented with Jay Lyman, principal cloud management and container analyst at 451 Research, we had the opportunity to discuss the realities and opportunities that exist in DevSecOps. Real security challenges In the Q&A portion of the webinar, attendees posed questions about how to solve the problem of building security […]

Continue Reading...

Posted in Application Security, CI/CD, DevSecOps

 

Enable DevSecOps with Coverity: deliver secure code, faster

The timeless demand to reduce time to market has put DevOps in a position to solidify itself as a defining characteristic of modern SDLCs. While the need to accelerate software development is as old as software development is, the need to produce secure software is currently gaining traction in light of recent software security blunders. […]

Continue Reading...

Posted in CI/CD, DevOps, Static Analysis (SAST)

 

Infographic: What’s with the security / DevOps disconnect?

Download infographic  

Continue Reading...

Posted in Application Security, CI/CD, DevOps

 

Synopsys maintains leadership position in the 2018 Gartner Magic Quadrant for Application Security Testing

I’m proud to report that the 2018 Gartner Magic Quadrant for Application Security Testing has positioned Synopsys as a leader for the second consecutive year. This designation clearly illustrates our growing vision and ability to execute on our solutions. Building a track record of leadership I’d like to take a moment also to call out […]

Continue Reading...

Posted in Agile Methodology, Black Duck by Synopsys, CI/CD, DevOps, Interactive Application Security Testing (IAST)

 

What’s the difference between Agile, CI/CD, and DevOps?

We’ve been seeing a lot of instances recently in which the terms Agile, CI/CD, and DevOps are used interchangeably. 3 different tools for building your practice You couldn’t build a house with a single tool. Nor can you enable your development practice with one. Agility, CI/CD, and DevOps are three distinct tools, each important in […]

Continue Reading...

Posted in Agile Methodology, CI/CD, DevOps

 

Webinar: Ensure your software is secure without clogging up the CI/CD pipeline

While software grows more complex and the pace of development accelerates, the stakes for building secure software have never been higher. If you’re like most teams embracing a DevOps culture, you’re focused on breaking down silos, streamlining workflows, and cranking out functional software at a nearly continuous clip. Amid all these fundamental changes, how do […]

Continue Reading...

Posted in CI/CD, DevOps, Software Composition Analysis, Static Analysis (SAST)

 

In support of the #MentorHer movement

Last month, while I was in Bengaluru, India, for work, our HR manager for Asia asked me to address Synopsys women on women’s empowerment. I prepared a simple 10-slide presentation that outlined the key challenges I faced as a woman, how I had overcome them, and how the mentorship program at Cigital, now Synopsys, had […]

Continue Reading...

Posted in Application Security, CI/CD, DevOps

 

Manage security risk in GitHub open source projects with CoPilot

CoPilot is a publicly-facing free application that allows owners of open source projects on GitHub to monitor security risk associated with used components as part of their Git Flow development process.

Continue Reading...

Posted in CI/CD, Open Source Security, Vulnerability Assessment

 

What is cloud-native container security?

Security technology is changing for the better as the container deployment model makes it easier to automate application security. This means that as more enterprises deploy containers to public and private clouds they are able to incorporate security automation into their continuous integration and deployment (CI/CD) pipeline. Cloud-native container security is a term that describes […]

Continue Reading...

Posted in CI/CD, Cloud Security, Containers, DevOps

 

Webinar: Update your AppSec strategy to run effectively in a DevOps world

DevOps enables you to release features and bug remediation efforts faster than ever before through Agile methodologies, CI/CD processes, and open source tools. While traditional security activities have trouble keeping pace with DevOps, it’s also critical not to let security fall behind. Is security tripping you up? As the DevOps revolution continues to advance, security […]

Continue Reading...

Posted in Agile Methodology, CI/CD, DevOps, Security Training