Software Integrity Blog

Archive for the 'General' Category

 

Webinar: Black Duck Legal Certification Course

In our Nov. 14 Black Duck Legal Certification Course with Hal Hearst and Phil Odence (Synopsys), you’ll learn about software due diligence and how to answer your clients’ open source questions.

Continue Reading...

Posted in General, Legal, Open Source Security, Webinars

 

Want to close the software security skills gap? Tanya Janca says start mentoring!

Tanya Janca believes that one of the reasons most connected products are insecure from day one is the software security skills gap that comes from developers not learning security in school. Her solution: Those who know should teach those who don’t. Janca discusses mentoring in the software security industry with us. Tanya Janca has no […]

Continue Reading...

Posted in General

 

Lance Spitzner: How to secure the human operating system | NCSAM at Synopsys

The original version of this article was published in Forbes. If it is everyone’s job to ensure online safety at work, that means everyone needs more and better training in how to do it. One of those on the front lines of that effort is Lance Spitzner, director at SANS Security Awareness. Spitzner, a security awareness trainer […]

Continue Reading...

Posted in General

 

Cyber security: Not just ‘a’ job but many jobs of the future | NCSAM at Synopsys

Cyber security jobs are dynamic, stimulating, and in high demand as cyber threats multiply out of control. What can we do to make sure these jobs are filled?

Continue Reading...

Posted in General

 

Need a job? Consider a career in cyber security | NCSAM at Synopsys

Now more than ever, deciding on a career is a daunting prospect. Yes, unemployment’s at a record low, and new jobs will inevitably replace whatever jobs are lost to “progress.” But those seeking new careers now have to consider that their next career will probably not be their last one. Between artificial intelligence, robots, and […]

Continue Reading...

Posted in General

 

Open Source Security Research Group gets a new office

Synopsys is well-known for our software integrity portfolio: integrated testing tools, managed services, professional services, and developer education. But products, services, and training aren’t all we offer. We also perform hundreds of Black Duck On-Demand open source audits every year. And all that audit data fuels the open source security research and vulnerability analysis we […]

Continue Reading...

Posted in General

 

What’s so special about zero-day vulnerabilities?

You may have heard about the zero-day vulnerability in the Tor Browser that was disclosed yesterday. It’s a big deal, and not just because of the ethics of buying and selling undisclosed vulnerabilities. Many people who use Tor Browser do so because of the privacy and security protections it offers—protections that the vulnerability had threatened […]

Continue Reading...

Posted in General

 

NetSpectre: An ominous Spectre variant, but no immediate danger

NetSpectre sounds like it could be Spectre on steroids. Then again, it sounds like it could be more like a lab mutation of probably the most serious design flaw in CPUs (central processing units) or computer chips in a generation—interesting, but not much of a threat in the real world. At least not yet. So […]

Continue Reading...

Posted in General

 

6 months later, Spectre still haunts

It’s now more than six months since the major design flaw in computer chips labeled Spectre became public. And as predicted, it is still haunting the world of information technology. That’s largely because, as experts explained at the time, Spectre is not a software bug that can be fixed by rolling out a patch or […]

Continue Reading...

Posted in General

 

What’s being done about the growing software security talent gap?

As we continue to face a staffing shortage in security, many companies are scratching their heads as to why new graduates are simply not starting careers in cyber security. According to TechRepublic’s Alison DeNisco Rayome, only 9% of millennials are interested in pursuing careers in cyber security, perhaps because it’s a relatively new field. Similarly, […]

Continue Reading...

Posted in General