Software Integrity Blog
Things to consider when choosing a software composition analysis tool
December 21, 2020
How does IAST fit into DevSecOps?
March 10, 2020
The ROI of software security is difficult to calculate when the goal is to avoid a breach. Learn where to look for ROI in an AppSec program to maximize your investment.
The Common Vulnerability Scoring System (CVSS) can help you navigate the constantly growing ocean of open source vulnerabilities. But it’s difficult to lend your trust and put the security of your organization and your customers into the hands of a system that you may know very little about. Let’s take a closer look at the CVSS to see what it’s all about.
Design quality audits are sometimes overlooked in software due diligence, but they are vital to understanding the overall health of a company’s software system.
We’re proud to announce that Synopsys has been named a leader in The Forrester Wave™: Static Application Security Testing, Q1 2021. Find out why.
The total cost of poor software quality in the U.S. is estimated at $2.08 trillion. Learn what contributes to the cost and how security can help minimize errors.
Misuse of security tools can lead to defect overload for development teams. Knowing when and how to use these tools will yield more effective DevSecOps.
Our latest AppSec Decoded video addresses the biggest threats to IoT devices and the role governments should play in IoT regulation.
DevSecOps offers benefits—but it also has its challenges. Learn why companies are making the shift and why it’s not always easy.
CVE-2020-28052 is an authentication bypass vulnerability discovered in Bouncy Castle’s OpenBSDBcrypt class. It allows attackers to bypass password checks.
The burden of software security often falls solely on security teams, but to be successful, organizations need to make security a team effort.
Don’t miss the latest AppSec news and trends every Friday.
- Agile, CI/CD & DevOps
- Application Security
- Automotive Cyber Security
- Cloud Security
- Container Security
- DAST
- Data Breach Security
- Developer Enablement
- Featured
- Financial Cyber Security
- Fuzz Testing
- Healthcare Security & Privacy
- Interactive Application Security Testing (IAST)
- IoT Security
- Medical Device Security
- Mergers & Acquisitions
- Mobile App Security
- News & Announcements
- Open Source Security
- Public Sector Cyber Security
- Security Standards and Compliance
- Security Training & Awareness
- Software Architecture & Design
- Software Compliance, Quality & Standards
- Software Composition Analysis (SCA)
- Software Security Program
- Software Security Research
- Static Analysis (SAST)
- Web Application Security
- Webinars