Software Integrity Blog
BSIMM10: A decade of research on software security activities
September 18, 2019
Ask the experts: What’s the top cloud migration security risk?
September 9, 2019
What are the different types of security vulnerabilities?
August 28, 2019
Experts have given kudos to Apple for expanding its bug bounty program to all researchers. But is the $1 million top prize enough to turn black hats white?
The Black Duck Jira Cloud integration is based on a flexible, customizable model, backed by the same exemplary Black Duck software composition product.
![[Webinars] Automotive fuzz testing and financial services AppSec](http://www.synopsys.com/blogs/software-security/wp-content/uploads/2019/08/fuzz-testing-instrumentation-webinar.jpg)
Learn how agent instrumentation improves fuzz testing of automotive IVI and telematics systems, and about financial services application security.
Seeker IAST won a Gold International Stevie Award for DevOps Solution, and our Polaris platform won for Software Development Solution.
A cyber security acquisition can be a great deal for investors, but what about users? Here’s what to do if your application security tool has been acquired.
There’s a lack of robust mobile app security on billions of devices people carry around. Why is it such a problem, and what can developers do to solve it?
Web frameworks can introduce security issues into web applications. Mitigate this risk with a static analysis tool that understands the frameworks you use.
![[Webinar] Vulnerability reporting alternatives to NVD data feeds](http://www.synopsys.com/blogs/software-security/wp-content/uploads/2019/08/webinar-nvd-vulnerability-reporting.jpg)
National Vulnerability Database provide valuable information on newly reported vulnerabilities. But there’s a better, faster alternative to NVD data feeds.
At FLIGHT Boston 2019, we’ll have two full-day product training sessions, tracks in AppSec, open source, and DevOps and cloud, and plenty of networking.
We found that 24 Apache Struts Security Advisories incorrectly list impacted versions and that previously disclosed vulns affect an additional 61 versions.