Software Integrity

Archive for the 'Software Security Testing' Category

 

Checklist: Do the software testing tools you employ empower your developers?

Finding and resolving security issues early in the development process saves your organization both time and money. It’s an inefficient strategy to implement solutions further into the software development life cycle (SDLC). However, addressing issues early in the process is easier said than done. Choosing the software testing tools that best align with your firm’s […]

Continue Reading...

Posted in Software Security Testing, Software Testing Optimization | No Comments »

 

Navigating responsible vulnerability disclosure best practices

The definition of responsible vulnerability disclosure varies based on who you ask. Tech goliath Microsoft has openly disagreed with Google on this very topic, as outlined by The Verge. In the vulnerability management industry, discretion is key. Because we’re continuously handling vulnerabilities that can be used maliciously by black hats, there are widespread implications and […]

Continue Reading...

Posted in Application Security, Fuzz Testing, Security Risk Assessment, Software Security Testing, Vulnerability Assessment | Comments Off on Navigating responsible vulnerability disclosure best practices

 

What are the different types of software testing?

Most of us use the internet on a daily basis. As the number of internet users continues to grow, more personal and sensitive information is collected—information that firms need to protect. From online banking and ordering food, to calling a cab, paying bills, and booking hotels, our lives are highly plugged-in. With this, the onus is […]

Continue Reading...

Posted in Application Security, Software Security Testing | Comments Off on What are the different types of software testing?

 

How to implement security measures without negatively affecting software quality

Over the past decade, most organizations have established a well-oiled process for software development and maintenance. We refer to this as the software development life cycle (SDLC). However, advancing security threats relating to insecure software have brought the focus to security implementation within the SDLC without hampering quality. Let’s examine a few strategies to implement security […]

Continue Reading...

Posted in Application Security, Software Development Life Cycle (SDLC), Software Quality, Software Security Testing | Comments Off on How to implement security measures without negatively affecting software quality

 

The BSIMM helps organizations mature software security

How does your software security initiative stack up against the best? Against others in your market? Against your own goals? A Building Security In Maturity Model (BSIMM) assessment can answer these questions. Whether you call it a software security initiative (SSI), application security program, product security process, or something else, it’s a business necessity to […]

Continue Reading...

Posted in Application Security, Maturity Model (BSIMM), Software Security Program Development, Software Security Testing | Comments Off on The BSIMM helps organizations mature software security

 

Introducing the Synopsys Software Integrity Community

We’re pleased to announce the launch of the Synopsys Software Integrity Community. At Synopsys, we’ve put in a lot of time and energy to ensure our users have easy ways to effectively utilize their developer tools and reach their full potential. We also understand the impact the software they’re creating has on the world around […]

Continue Reading...

Posted in Application Security, Software Quality, Software Security Testing | Comments Off on Introducing the Synopsys Software Integrity Community

 

The journey has just begun: Software quality meets software security

  Born out of the acquisition of various security and quality-focused organizations, Synopsys Software Integrity Group’s journey is just getting started. Founded in 1986, Synopsys rose to prominence with their advances in the Electronic Design Automation industry. As you can see from the graphic above, Synopsys made their move into the security and quality space […]

Continue Reading...

Posted in Application Security, Infographic, Software Quality, Software Security Testing | Comments Off on The journey has just begun: Software quality meets software security

 

Have you taken the 2017 Software Quality and Security Survey?

Are you involved in software security and/or development within your organization? We’re conducting research on developer perceptions and practices regarding software quality, and specifically software security. This 18-question survey is your chance to influence the market and support the needs of developers at firms like yours. The survey should only take 5-7 minutes to complete […]

Continue Reading...

Posted in Application Security, Software Quality, Software Security Testing | Comments Off on Have you taken the 2017 Software Quality and Security Survey?

 

Building your DevSecOps pipeline: 5 essential activities

No matter what you call it, SecDevOps, DevSecOps, or DevOpsSec, you have to build security into your continuous integration, continuous delivery, and continuous deployment pipeline. This checklist will guide you through the DevSecOps journey—as we’ll call it within this checklist—to assure that you’re integrating security into your pipeline. Here, we’re going to look at each of […]

Continue Reading...

Posted in Application Security, DevOps, Software Security Testing, Vulnerability Assessment | Comments Off on Building your DevSecOps pipeline: 5 essential activities

 

Fault Injection Podcast .003: Top Gun

Fault Injection is a podcast from Synopsys that digs into software quality and security issues. This week, hosts Robert Vamosi, CISSP and Security Strategist at Synopsys, and Chris Clark, Principal Security Engineer at Synopsys, go into detail about a new report produced with VDC Research entitled “Skyrocketing Costs of Aerospace & Defense Systems Failure Fuel […]

Continue Reading...

Posted in Embedded Software Testing, Software Architecture and Design, Software Security Testing | Comments Off on Fault Injection Podcast .003: Top Gun