Development and operations teams have already come a long way by aligning around the shared goal of delivering stable, high-quality software quickly. They’ve automated manual processes and built tools into continuous integration and continuous delivery (CI/CD) pipelines. In doing so, they’ve increased trust between groups, which is essential as these once-disparate teams tackle critical issues […]
Continue Reading...
Posted in Agile, CI/CD & DevOps, Security Training, Webinar
The latest release of Coverity by Synopsys features seamless integration with our completely rebuilt eLearning platform, an on-demand developer training solution focusing on secure coding best practices and security guidance. On-demand developer training enables development teams Synopsys eLearning is an outcome-driven, learner-centric training solution that makes learning about security easy, relevant, and accessible. With eLearning, learners […]
Continue Reading...
Posted in Security Training, Static Analysis (SAST)
Synopsys eLearning goes beyond your typical training solution. Our course offerings provide developers with targeted training that centers specifically on the security frameworks and platforms they’re using. In fact, I was recently talking to one of our course authors who is in the process of writing new course material. We were talking about password hashing […]
Continue Reading...
Posted in Security Training
Written in coordination with Prasaath Velu According to 451 Research, 19% of about 800 organizations listed security awareness training ineffectiveness or difficulty as a top information security pain point. In fact, (ISC)2 has estimated that there will be a 20% increase in software security jobs—from 1.5 million in 2015 to 1.8 million in 2022—further stressing […]
Continue Reading...
Posted in Security Training
An old proverb states that if you give a man a fish, you feed him for a day; but, if you teach a man to fish, you feed him for life. Software security training aligns very well with this proverb. The majority of developers don’t come equipped with security skills. In fact 95% of software […]
Continue Reading...
Posted in Infographic, Security Training
Only when security is treated with the same importance as quality can your software’s integrity drive a proactive strategy rather than a reactive response. In addition to ensuring software quality, development teams are under increasing pressure to address software security concerns. The high-profile data breaches that continuously arise are raising awareness of security issues. Because […]
Continue Reading...
Posted in Fuzz Testing, Interactive Application Security Testing (IAST), Security Training, Static Analysis (SAST), Web Application Security
Last week’s news introduced us to another pair of vulnerabilities hitting right at the foundation of everything we place our trust in. Named KRACK and ROCA, these flaws target specific facets of Wi-Fi networks and cryptographic keys, meaning that attackers can potentially sneak into networks we consider private, and decipher things we consider secret. Who’s affected? […]
Continue Reading...
Posted in Data Breach, Security Training, Software Architecture and Design
October is Cyber Security Awareness Month. The internet has revolutionized how we do business, stay in touch, and shop. As we upload more of our lives onto the internet, we put more of ourselves at risk. A little security goes a long way in protecting what we do online. Here are four quick tips to […]
Continue Reading...
Posted in Security Training, Web Application Security
Let’s say you tested 46 web applications, 19 mobile apps, and 20 client-server apps this year alone. You also purchased a new application security testing tool in the process. You found 112 vulnerabilities and all-in-all you’re feeling pretty good. But before you get too excited, ask yourself a few questions: Did you reduce risk significantly? […]
Continue Reading...
Posted in Security Standards and Compliance, Security Training, Software Security Initiative (SSI)
There is a sad reality in the software world that developer education and training not only neglect software security, but often teach developers the wrong activities to secure it. This ranges from the ‘get it to work and move on’ habit to insecure code samples in the tutorials and forums we all use when learning new […]
Continue Reading...
Posted in Security Standards and Compliance, Security Training, Web Application Security
