Software Integrity Blog

Apple’s $1 million bug bounty could launch arms race for zero-days

Experts have given kudos to Apple for expanding its bug bounty program to all researchers. But is the $1 million top prize enough to turn black hats white?

Continue Reading...

Introducing the Black Duck Jira Cloud integration

The Black Duck Jira Cloud integration is based on a flexible, customizable model, backed by the same exemplary Black Duck software composition product.

Continue Reading...

[Webinars] Automotive fuzz testing and financial services AppSec

Learn how agent instrumentation improves fuzz testing of automotive IVI and telematics systems, and about financial services application security.

Continue Reading...

Synopsys adds more awards to its 2019 winning streak

Seeker IAST won a Gold International Stevie Award for DevOps Solution, and our Polaris platform won for Software Development Solution.

Continue Reading...

Your application security testing tool just got acquired. Now what?

A cyber security acquisition can be a great deal for investors, but what about users? Here’s what to do if your application security tool has been acquired.

Continue Reading...

Mobile apps: Insecure by default

There’s a lack of robust mobile app security on billions of devices people carry around. Why is it such a problem, and what can developers do to solve it?

Continue Reading...

Why your SAST tool needs to understand your web framework

Web frameworks can introduce security issues into web applications. Mitigate this risk with a static analysis tool that understands the frameworks you use.

Continue Reading...

[Webinar] Vulnerability reporting alternatives to NVD data feeds

National Vulnerability Database provide valuable information on newly reported vulnerabilities. But there’s a better, faster alternative to NVD data feeds.

Continue Reading...

3 reasons to join us at FLIGHT Boston

At FLIGHT Boston 2019, we’ll have two full-day product training sessions, tracks in AppSec, open source, and DevOps and cloud, and plenty of networking.

Continue Reading...

Review of Apache Struts vulnerabilities yields 24 updated advisories

We found that 24 Apache Struts Security Advisories incorrectly list impacted versions and that previously disclosed vulns affect an additional 61 versions.

Continue Reading...