Software Integrity Blog

The importance of secure development training for new hires

Most new grads haven’t learned how to develop secure code. Here are four critical steps to create a secure development training program for your team.

Continue Reading...

The advanced license compliance functionality you didn’t know your SCA tool needed

Open source license noncompliance can have severe implications. Here are four advanced license compliance features that help protect your proprietary code.

Continue Reading...

[Webinars] DoS attacks in Node.js, SAST in DevSecOps

Learn how to protect Node.js apps against denial-of-service attacks, and how to integrate static application security testing into DevSecOps pipelines.

Continue Reading...

Authentication Token Obtain and Replace (ATOR) Burp plugin to handle complex login sequences

The Authentication Token Obtain and Replace (ATOR) plugin, built on ExtendedMacro, supports complex login sequences in Burp and is fast and easy to use.

Continue Reading...

How to get compliance audit training in the new virtual workplace

Compliance training will help you pass an audit, but to secure your customer data, your teams need virtual security training beyond compliance requirements.

Continue Reading...

How to Cyber Security: Software testing is cool

Software security testing involves knocking down walls, scaling fences, and otherwise breaking applications to generate helpful feedback for development.

Continue Reading...

[Webinars] CI/CD security testing, shift left, code quality in M&A

Learn about application security testing in CI/CD pipelines, how to scale responsiveness with a secure SDLC, and why software quality matters in tech M&A.

Continue Reading...

How to overcome the top 6 application security challenges

Take a closer look at the most common application security challenges and how managed services can help you overcome them proactively and cost-effectively.

Continue Reading...

Black Duck Audits: Not just for M&A

If you don’t have an SCA tool, a software audit can give you a bill of materials needed for product releases, vendor requirements, and procuring insurance.

Continue Reading...

Why developers need a supplemental source to NVD vulnerability data

The NVD is a good source for open source vulnerability data. But with an average 27-day reporting delay, it shouldn’t be your only source of information.

Continue Reading...