Software Integrity Blog

Archive for the 'Software Compliance, Quality & Standards' Category

 

Want to comply with privacy laws? Start with security

How do you comply with privacy laws that haven’t even been enacted yet? Start by securing your software and systems against cyber attacks and data breach.

Continue Reading...

Posted in Data Breach Security, Software Compliance, Quality & Standards, Software Security Program | Comments Off on Want to comply with privacy laws? Start with security

 

Privacy still eroding on National Data Privacy Day

On National Data Privacy Day, we find little has changed in what numerous privacy advocates and experts have called “the golden age of surveillance.”

Continue Reading...

Posted in Software Compliance, Quality & Standards | Comments Off on Privacy still eroding on National Data Privacy Day

 

Why is US infrastructure vulnerable? Its software is vulnerable

We know that cyber attacks can have physical consequences. How does U.S. critical infrastructure fare in terms of cyber security and resilience to attack?

Continue Reading...

Posted in Software Compliance, Quality & Standards | Comments Off on Why is US infrastructure vulnerable? Its software is vulnerable

 

[Webinar] OWASP Top 10 for JavaScript Developers

The OWASP documentation doesn’t give much attention to JavaScript. This webinar explains the OWASP Top 10 in terms of JavaScript vulnerabilities.

Continue Reading...

Posted in Software Compliance, Quality & Standards, Web Application Security, Webinars | Comments Off on [Webinar] OWASP Top 10 for JavaScript Developers

 

Ask the Experts: How has software security improved in the last few years?

For Thanksgiving, let’s talk about what we’re thankful for: the trends, processes, and technologies that have had a positive impact on software security.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security, Cloud Security, Software Compliance, Quality & Standards | Comments Off on Ask the Experts: How has software security improved in the last few years?

 

How the 2019 CWE Top 25 can boost your application security

You can use the 2019 CWE Top 25 to help focus your application security efforts. Learn more about this list of the 25 most dangerous software weaknesses.

Continue Reading...

Posted in Software Compliance, Quality & Standards | Comments Off on How the 2019 CWE Top 25 can boost your application security

 

[Webinars] Evidence-based security, design and code quality in tech M&A

Learn how to improve software security using evidence-based standards, and why you should inspect design and code quality during technical due diligence.

Continue Reading...

Posted in Mergers & Acquisitions, Software Compliance, Quality & Standards, Webinars | Comments Off on [Webinars] Evidence-based security, design and code quality in tech M&A

 

Coverity release ties in well to the latest MITRE CWE Top 25

MITRE’s 2019 CWE Top 25 list contains many code quality issues that can result in security vulnerabilities. Static analysis can help you mitigate them.

Continue Reading...

Posted in Software Compliance, Quality & Standards, Static Analysis (SAST) | Comments Off on Coverity release ties in well to the latest MITRE CWE Top 25

 

Quantifying software quality risks in tech M&A

Tech M&A typically evaluates security and legal risks, but what about software quality risks? Poor code and architecture quality can have a lasting impact.

Continue Reading...

Posted in Mergers & Acquisitions, Software Architecture & Design, Software Compliance, Quality & Standards | Comments Off on Quantifying software quality risks in tech M&A

 

The False Claims Act: 156 years old and newly relevant to software security

We recently saw the first settlement by a company charged under the False Claims Act for failing to meet cyber security standards. Is there more to come?

Continue Reading...

Posted in Software Compliance, Quality & Standards | Comments Off on The False Claims Act: 156 years old and newly relevant to software security