Software Integrity Blog

How to Cyber Security: Fuzzing does not mean random

The most efficient fuzzing happens not with random test cases but with targeted test cases generated from detailed data models and a powerful anomalizer.

Continue Reading...

[Webinars] Tools to enable developers, open source risk in M&A

Learn how to empower your developers with IDE-based security testing, and why open source audits are an essential part of tech due diligence in M&A.

Continue Reading...

3 ways to boost your security with role-based security compliance training

Minimum compliance with security standards allows you to run the race, but to win against attackers, you’ll need role-based security compliance training.

Continue Reading...

How to manage tech due diligence from a social distance

Here are some practical tips for completing tech due diligence, focusing on open source software, when your teams can’t meet, go to the office, or travel.

Continue Reading...

3 benefits of AppSec training for your long-term security strategy

An application security training strategy can help your organization build key software security capabilities. Here are just three long-term benefits.

Continue Reading...

[Webinars] Open source security, remote security testing, secure development

Learn more about the 2020 OSSRA report, guidelines and solutions for remote security testing, and why all software development should be secure development.

Continue Reading...

5 software security courses to boost your skills, even under isolation

We’ve chosen five software security courses to help you and your team members prepare for the future of software development—no matter what it looks like.

Continue Reading...

CyRC analysis: CVE-2020-7958 biometric data extraction in Android devices

We dig into the inner workings of trustlets, how different components work together to provide a Trusted Execution Environment, and how to attack them.

Continue Reading...

Maintaining your AppSec program through office closures and economic uncertainty

Here are three ways application security teams can respond to staffing challenges and increased security risks today while strengthening their AppSec program for the future.

Continue Reading...

The shift to remote work makes red team testing more important than ever

Closing your office cuts off several attack vectors—but remote working creates thousands more. Here’s why a red team assessment is so essential right now.

Continue Reading...