Two powerful yet relatively new technologies in application security testing are interactive application security testing (IAST) and software composition analysis (SCA). IAST solutions are designed to help organizations identify and manage security risks associated with vulnerabilities discovered in running web applications using dynamic testing (a.k.a. runtime testing) techniques. SCA, a term coined by market analysts, […]
Continue Reading...
Posted in Application Security, Black Duck by Synopsys, DevSecOps, Interactive Application Security Testing (IAST), Software Composition Analysis
Every application security testing tool has advantages and disadvantages. No single solution can ensure you find and fix all vulnerabilities. But application security tools can complement one another and help you secure your applications in each stage of the software development life cycle (SDLC) and beyond. Here’s a quick overview of SAST, IAST, DAST, and […]
Continue Reading...
Posted in Dynamic Analysis (DAST), Infographic, Interactive Application Security Testing (IAST), Runtime Application Self-Protection (RASP), Static Analysis (SAST)
The need for web apps to be secure is demonstrated at least weekly, if not daily. At the end of June, just two of several examples were the U.K. branch of the ticket-selling giant Ticketmaster, breached because of vulnerable code on its payments page, and a collection of around 4,000 hotels that relied on booking […]
Continue Reading...
Posted in Application Security, Interactive Application Security Testing (IAST)
Everybody’s heard the cliché that if you build a better mousetrap, the world will beat a path to your door. The same applies to building a better bugtrap—as in software bug. Which is why developers ought to be beating a path to a tool that offers a better way to find bugs during the SDLC […]
Continue Reading...
Posted in Application Security, Interactive Application Security Testing (IAST)
Black Hat USA is returning to Mandalay Bay, Las Vegas, Nevada, this August, beginning with four days of technical trainings, followed by the two-day main conference Aug. 8–9. For 21 years Black Hat USA has been an important information security event, so of course we’ll be there—don’t miss us in Booth 128. Plus our director […]
Continue Reading...
Posted in Application Security, Interactive Application Security Testing (IAST), Security Conference or Event
I’m proud to report that the 2018 Gartner Magic Quadrant for Application Security Testing has positioned Synopsys as a leader for the second consecutive year. This designation clearly illustrates our growing vision and ability to execute on our solutions. Building a track record of leadership I’d like to take a moment also to call out […]
Continue Reading...
Posted in Agile Methodology, Black Duck by Synopsys, CI/CD, DevOps, Interactive Application Security Testing (IAST)
Only when security is treated with the same importance as quality can your software’s integrity drive a proactive strategy rather than a reactive response. In addition to ensuring software quality, development teams are under increasing pressure to address software security concerns. The high-profile data breaches that continuously arise are raising awareness of security issues. Because […]
Continue Reading...
Posted in Application Security, Dynamic Analysis (DAST), Fuzz Testing, Interactive Application Security Testing (IAST), Security Training, Software Quality, Static Analysis (SAST)
In The Total Economic Impact™ Of Seeker®-Interactive Application Security Testing (IAST) by Synopsys, a December 2016 commissioned study conducted by Forrester Consulting on behalf of Synopsys, Forrester Consulting performed an in-depth cost-benefit analysis of an organization deploying the Seeker solution in an Agile development environment. Forrester found the organization interviewed for the study experienced: Reduced risk of a […]
Continue Reading...
Posted in Application Security, Interactive Application Security Testing (IAST)
The Total Economic Impact™ Of Seeker®-Interactive Application Security Testing (IAST) by Synopsys, a December 2016 commissioned study conducted by Forrester Consulting on behalf of Synopsys, examines the potential return on investment (ROI) that enterprises may realize by deploying Seeker. The study provides readers with a framework to: Evaluate the potential financial impact of Seeker on […]
Continue Reading...
Posted in Interactive Application Security Testing (IAST)
