In September 2018, Synopsys Software Integrity Group, Asia Pacific, participated in the 27th edition of GovernmentWare. The GovWare conference anchors Singapore International Cyber Week, which promotes the development and innovation of the cyber ecosystem through international and regional collaboration and cooperation. SICW draws thousands of cyber security practitioners from around the world, and this year […]
Have you heard of the BSIMM? If you have, you know it’s the best way to measure your software security initiative (SSI) year after year to see how it’s evolving and how you compare to your peers. If you haven’t, you’re in luck: The latest version is out now, and it’s notably different from last […]
Hacking Security is a monthly podcast on emerging trends in application security. Episode 2 explores the four tribes described in the CISO Report. Listen now.
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode. 41% of cyber-security apps contain high-risk open source vulnerabilities via Davey Winder, author – SC Magazine – The 2018 Open Source Security and Risk Analysis Report– the latest in a series of annual […]
With RSA 2018 behind us, a recap is in order. For any readers who have never attended the RSA Conference (RSA) in North America, it’s worth setting the stage. For practical purposes, RSA is the premier technology security conference. There are tens of thousands of attendees, well over a dozen conference tracks, and the show […]
Can Synopsys Static Analysis (Coverity) automatically ignore issues in third-party or noncritical code?
Synopsys Static Analysis (Coverity) has powerful capabilities that can find issues deep within the logic of your application’s code. If you apply third-party or open source code during your build process, Coverity might even find issues in code your team didn’t write. Often, you won’t be interested in fixing that third-party code, for a variety of […]
We’ve listened to customer needs and pain points: Developers need a way to triage open source vulnerabilities within the application security tools they’re already using. That’s why we’ve established best practices and a secure development workflow integrating Black Duck Binary Analysis and Coverity Connect. The risk of open source and third-party code In today’s fast-paced […]
Small and medium-size businesses (SMBs) are nonsubsidiary, independent firms that employ fewer than a given number of employees. This number varies from country to country: Gartner defines an SMB as having fewer than 1,000 employees, but the European Union defines an SMB as having fewer than 250 employees. Managing an SMB budget Many factors affect […]
In July 2017, PayPal completed its acquisition of TIO Networks for $238 million. TIO Networks, a multichannel payment processor, serves over 16 million consumer bill pay accounts and offers solutions for payment services to financially underserved consumers and consumer services. Fast-forward to Nov. 10, 2017, when PayPal announced the suspension of TIO Networks’ operations due […]
The information technology sector is one of the world’s fastest growing industries. In fact, the rate at which software and software products are evolving is many times greater when compared to the rate at which software security is evolving. In an age of cybercrime, some of the most widespread cyber-based crimes include: Stealing information via […]