Software Integrity

Archive for the 'Webinar' Category


Webinar: BSIMM9: Here’s what’s new!

In early October, we released the latest version of the BSIMM report, BSIMM9. While many things about the report haven’t changed much, it’s the new things that make it really exciting. After 10 years of study and 167 total firms measured, we’re seeing interesting trends in the state of software security initiatives and how firms […]

Continue Reading...

Posted in Maturity Model (BSIMM), Webinar


Webinar: Securing enterprise-level cloud deployments

The world looks different when you’re in the cloud. As you move to a cloud environment from an on-premises environment, you’ll encounter a whole new set of processes and demands. Access expands. Responsibilities change. Control shifts. The speed of provisioning resources and applications increases. And these changes significantly affect all aspects of IT security. Security […]

Continue Reading...

Posted in Cloud Security, Webinar


Webinar: Cloud DevSecOps with Synopsys and AWS

Automation in the cloud can help you build faster and deliver continuously, but it can also make managing security a challenge. By integrating Black Duck by Synopsys with the development tools you use in Amazon Web Services, you can scan images in your container registry, automate build scans in your CI pipeline, and stay notified […]

Continue Reading...

Posted in Agile, CI/CD & DevOps, Cloud Security, Webinar


Webinar: Effective policies for managing and releasing open source software

The use of open source has surpassed the occasional and solidified itself as the standard. In fact, the Black Duck by Synopsys 2018 Open Source Security and Risk Analysis found that 96% of the applications we scanned last year contained open source components. It’s increasingly difficult to properly manage open source in an organization to ensure […]

Continue Reading...

Posted in Legal, Open Source Security, Webinar


Webinar: Static analysis helps DevOps teams maintain velocity securely

Static application security testing (SAST) is the process of examining source code for security defects. SAST is one of many checks in an application security assurance program designed to find and fix security vulnerabilities early in the DevOps process. Integrating SAST into DevOps is critical to building a sustainable program. And automating your SAST tools […]

Continue Reading...

Posted in Agile, CI/CD & DevOps, Static Analysis (SAST), Webinar


Webinar: The future of application security: Enable DevSecOps with IAST

What is IAST? Interactive application security testing is an emerging technology that is transforming the way organizations secure their web apps at the speed of DevOps. IAST automatically and continuously scans apps during QA testing to detect security vulnerabilities earlier in the SDLC than traditional DAST or pen testing solutions—when it’s easier, faster, and cheaper […]

Continue Reading...

Posted in Interactive Application Security Testing (IAST), Webinar


Webinar: Using Security Champions to build a DevSecOps culture within your organization

Development and operations teams have already come a long way by aligning around the shared goal of delivering stable, high-quality software quickly. They’ve automated manual processes and built tools into continuous integration and continuous delivery (CI/CD) pipelines. In doing so, they’ve increased trust between groups, which is essential as these once-disparate teams tackle critical issues […]

Continue Reading...

Posted in Agile, CI/CD & DevOps, Security Training, Webinar


Facing off with Google, Snap out of it, and Password protection

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Facing off with Google, Snap out of it, and Password protection. Watch this week’s episode taped live at Black Hat USA 2018. Inside Google’s plan […]

Continue Reading...

Posted in Data Breach, Open Source Security, Webinar, Weekly Security Mashup


Medical devices still hackable, researchers say

Security researchers Jonathan Butts and Billy Rios wanted to make it clear at the beginning of their presentation. “The benefits of implanted medical devices outweigh the risks (for most people),” read one of their opening slides. But they probably wouldn’t have been doing a session at Black Hat titled “Understanding and Exploiting Implanted Medical Devices” […]

Continue Reading...

Posted in Healthcare Security, Medical Device Security, Webinar


Project Zero director exhorts Black Hat audience to do security better

Google’s famous “Don’t be evil” motto got a corollary this week at Black Hat from Parisa Tabriz, director of engineering for the company’s Project Zero: “Do things better.” “We have a responsibility to do things better. Computer security is becoming the security of the world,” she said during her Wednesday morning keynote in Mandalay Bay’s […]

Continue Reading...

Posted in Webinar