- Silicon Design & Verification
- Silicon IP
- Software Integrity
- About Us
- Silicon Design & Verification Products
- Solutions
- Resources
- Services
- Community
- Training
- Silicon IP Products
- Solutions
- Resources
- Services
- Community
- Software Integrity
- Tools & Services
- Training & Education
- Solutions
- Resources
- Support
- Partners
- About Us
< Silicon Design & Verification Products
< Silicon Design & Verification Products
< Silicon Design & Verification Products
< Silicon Design & Verification Products
3D Image Processing
Simpleware Products
Simpleware for Life Sciences
Simpleware for Materials & Manufacturing
< Silicon Design & Verification Products
< Silicon Design & Verification Products
< Silicon Design & Verification Products
Photonic Solutions
PIC Design Suite
< overview
Silicon Design & Verification Products
+
Design
+
System Simulation & Modeling
+
Verification Continuum
+
3D Image Processing
+
Silicon Engineering
+
Optical Solutions
+
Photonic Solutions
< Solutions
< Solutions
< Solutions
< Resources
< Resources
< Resources
< overview
< Services
< Services
< Services
< Community
Community
Community Overview
< Community
< Community
< Community
< Community
< Community
< Community
< Community
< overview
Community
+
Community
+
SNUG
+
Partners
+
EmbARC.org
+
Interoperability
+
Academic Programs
+
Company Blogs
+
BSIMM
< Training
< overview
< main menu
< Silicon IP Products
< Silicon IP Products
Memories & Libraries
Logic Libraries
Memory Compliers
Duet Packages
HPC Design Kit
Embedded Test & Repair
Non-Volatile Memory
< Silicon IP Products
< Silicon IP Products
Processor Solutions
ARC Processor IP
Embedded Vision Processor IP
Development Tools
Operating Systems
Ecosystem
ASIP Tools
< Silicon IP Products
< Silicon IP Products
< Silicon IP Products
< Silicon IP Products
< Silicon IP Products
< overview
Silicon IP Products
+
Interface IP
+
Memories & Libraries
+
Analog IP
+
Processor Solutions
+
IP Subsystems
+
Security IP
+
Market Segments
+
IP Accelerated
+
SoC Infrastructure IP
< Solutions
< Resources
< Services
< Services
< Services
< Community
Community
Community Overview
< Community
< Community
< Community
< Community
< Community
< Community
< Community
< overview
Community
+
Community
+
SNUG
+
Partners
+
EmbARC.org
+
Interoperability
+
Academic Programs
+
Company Blogs
+
BSIMM
< overview
Software Integrity
< Tools & Services
< Tools & Services
Professional Services
Strategy and Planning (BSIMM)
Architecture & Design
DevSecOps Integration
Cloud Security
Industry Solutions
< Tools & Services
Open Source Audits
< overview
< Training & Education
< Training & Education
Product Education
< overview
< Solutions
< Solutions
< Resources
< Resources
< Support
< Support
Contact Support
< Partners
< main menu
Software Integrity
+
Software Integrity
+
Tools & Services
+
Training & Education
+
Solutions
+
Resources
+
Support
+
Partners
< About Us
< About Us
< About Us
< About Us
< About Us
< About Us
Software Integrity
GPLv2 and the right to cure
November 12, 2018
‘Cyber Pearl Harbor’ unlikely, but critical infrastructure needs a major upgrade | NCSAM at Synopsys
Officials have warned for decades of a “cyber Pearl Harbor” or “cyber 9/11” kind of attack on the nation’s critical infrastructure. Yet no attack has come. It’s either because our attackers can’t do it or haven’t really wanted to so far—and “can’t” seems less likely every day. Are we prepared for what’s next? The original version of […]
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Cook calls for digital privacy laws, user data exposed in the Wife Lovers hack, and just another Windows zero-day. Watch this week’s episode here: Tim […]
In our Nov. 14 Black Duck Legal Certification Course with Hal Hearst and Phil Odence (Synopsys), you’ll learn about software due diligence and how to answer your clients’ open source questions.
The automotive industry runs on software—but with increased software use comes an increased attack surface. Making safe, reliable vehicles starts with building secure software. Dr. Gary McGraw explains the importance of secure design principles and how to take the first step toward automotive software security. The original version of this article was published in The Security […]
Tanya Janca believes that one of the reasons most connected products are insecure from day one is the software security skills gap that comes from developers not learning security in school. Her solution: Those who know should teach those who don’t. Janca discusses mentoring in the software security industry with us. Tanya Janca has no […]
In our on-demand webinar with Bryan Cross (GitHub) and Dave Meurer (Synopsys), you’ll learn how to use integrated application security tools to secure containers at every layer.
The original version of this article was published in Forbes. If it is everyone’s job to ensure online safety at work, that means everyone needs more and better training in how to do it. One of those on the front lines of that effort is Lance Spitzner, director at SANS Security Awareness. Spitzner, a security awareness trainer […]
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Voter records for sale on the dark web, what the ONWASA ransomware attack says about the state of critical infrastructure security, and the government does […]
The 2018 Verizon Data Breach Investigations Report (DBIR) reported and analyzed 649 breaches in utilities, transportation, healthcare, and other verticals that employ operational technology (OT) systems in addition to traditional IT for their main operations. In total, that represents 29.2% of reported breaches (not incidents) in industries considered part of infrastructure verticals—and that doesn’t even […]
The BSIMM—Building Security In Maturity Model—is now into its 10th year of being a self-described “measuring stick for software security” for multiple industries. But there are still newcomers—this year it’s retail. Ten retail firms participated in BSIMM9, which tracks the development of SSIs (software security initiatives) by organization based on 116 possible activities, grouped into […]
Subscribe via Email
Get the latest Software Integrity news, thought leadership, and more.
Categories
- Agile, CI/CD & DevOps
- Announcements
- Archive
- Automotive Security
- Cloud Security
- Container Security
- Critical Infrastructure Security
- Data Breach
- Developer Enablement
- Events
- Featured
- Financial Services Security
- Fuzz Testing
- General
- Government Security
- Hacking Security
- Healthcare Security
- Infographic
- Interactive Application Security Testing (IAST)
- Internet of Things
- Legal
- Maturity Model (BSIMM)
- Medical Device Security
- Mobile Application Security
- Open Source Security
- Podcasts
- Privacy
- Red Teaming
- Security Standards and Compliance
- Security Training
- Software Architecture and Design
- Software Composition Analysis
- Software Security Initiative (SSI)
- Static Analysis (SAST)
- Web Application Security
- Webinars
- Weekly Security Mashup