Software Integrity

Archive for the 'Software Security Testing' Category

 

The BSIMM helps organizations mature software security

How does your software security initiative stack up against the best? Against others in your market? Against your own goals? A Building Security In Maturity Model (BSIMM) assessment can answer these questions. Whether you call it a software security initiative (SSI), application security program, product security process, or something else, it’s a business necessity to […]

Continue Reading...

Posted in Application Security, Featured, Maturity Model (BSIMM), Software Security Program Development, Software Security Testing | No Comments »

 

Introducing the Synopsys Software Integrity Community

We’re pleased to announce the launch of the Synopsys Software Integrity Community. At Synopsys, we’ve put in a lot of time and energy to ensure our users have easy ways to effectively utilize their developer tools and reach their full potential. We also understand the impact the software they’re creating has on the world around […]

Continue Reading...

Posted in Application Security, Software Quality, Software Security Testing | Comments Off on Introducing the Synopsys Software Integrity Community

 

The journey has just begun: Software quality meets software security

  Born out of the acquisition of various security and quality-focused organizations, Synopsys Software Integrity Group’s journey is just getting started. Founded in 1986, Synopsys rose to prominence with their advances in the Electronic Design Automation industry. As you can see from the graphic above, Synopsys made their move into the security and quality space […]

Continue Reading...

Posted in Application Security, Infographic, Software Quality, Software Security Testing | Comments Off on The journey has just begun: Software quality meets software security

 

Have you taken the 2017 Software Quality and Security Survey?

Are you involved in software security and/or development within your organization? We’re conducting research on developer perceptions and practices regarding software quality, and specifically software security. This 18-question survey is your chance to influence the market and support the needs of developers at firms like yours. The survey should only take 5-7 minutes to complete […]

Continue Reading...

Posted in Application Security, Software Quality, Software Security Testing | Comments Off on Have you taken the 2017 Software Quality and Security Survey?

 

Building your DevSecOps pipeline: 5 essential activities

No matter what you call it, SecDevOps, DevSecOps, or DevOpsSec, you have to build security into your continuous integration, continuous delivery, and continuous deployment pipeline. This checklist will guide you through the DevSecOps journey—as we’ll call it within this checklist—to assure that you’re integrating security into your pipeline. Here, we’re going to look at each of […]

Continue Reading...

Posted in Application Security, DevOps, Software Security Testing, Vulnerability Assessment | Comments Off on Building your DevSecOps pipeline: 5 essential activities

 

Fault Injection Podcast .003: Top Gun

Fault Injection is a podcast from Synopsys that digs into software quality and security issues. This week, hosts Robert Vamosi, CISSP and Security Strategist at Synopsys, and Chris Clark, Principal Security Engineer at Synopsys, go into detail about a new report produced with VDC Research entitled “Skyrocketing Costs of Aerospace & Defense Systems Failure Fuel […]

Continue Reading...

Posted in Embedded Software Testing, Software Architecture and Design, Software Security Testing | Comments Off on Fault Injection Podcast .003: Top Gun

 

Security topics every software developer should know

Software developers and information security professionals have almost always been two mutually exclusive groups. However, with the increase in security awareness, developers have started integrating security into the development process. To further bridge the gap between development and security, it is essential for developers to have a good understanding of security principles. In this post, […]

Continue Reading...

Posted in Application Security, Security Training, Software Security Testing, Vulnerability Assessment | Comments Off on Security topics every software developer should know

 

BURP’s proxy tool and the case of the missing cipher suites

During a recent iOS application penetration test, I was attempting to proxy network traffic using the BURP proxy tool. In doing so, I configured my device to use BURP as proxy, and voila, I was able to see the traffic (oh, the joys of certificate pinning). However, my excitement was short-lived. I noticed that I […]

Continue Reading...

Posted in Penetration Testing, Software Security Testing | Comments Off on BURP’s proxy tool and the case of the missing cipher suites

 

Synopsys launches the Fault Injection Podcast

Fault Injection is a podcast from Synopsys that digs into software quality and security issues. Hosts Chris Clark, Principal Security Engineer at Synopsys, and Robert Vamosi, CISSP and Security Strategist at Synopsys, provide a forum for industry experts to talk about software security topics and their intersection with specific verticals such as medical, automotive, and […]

Continue Reading...

Posted in Application Security, Ethical Hacking, Network Security, Software Security Testing, Web Application Security | Comments Off on Synopsys launches the Fault Injection Podcast

 

Top 10 free hacking tools for penetration testers

A craftsman requires the appropriate skills and tools to work in tandem in order to create a masterpiece. While tools are an important enabler in the process of creating the best piece of work possible, the process also requires relevant experience and expertise on the part of the craftsman. Much like craftsman’s toolbox, a pen […]

Continue Reading...

Posted in Penetration Testing, Software Security Testing | Comments Off on Top 10 free hacking tools for penetration testers