Software Integrity Blog

 

[Webinars] Static analysis best practices, remote security testing and training

In this week’s webinars, we’ll share how to get the most out of your static analysis tool and how to make the transition from on-site to remote testing.

Register for our webinar on static analysis best practices

Maximizing the Impact of Static Analysis

Static analysis, also known as white box testing, static application security testing (SAST), or secure code review, finds bugs in application code, back doors, and other code-based vulnerabilities so you can mitigate those risks. But no static analysis tool can effectively address threats to a development environment out of the box. And many users have the misconception that the cost of tool adoption depends primarily on getting the tool working in a build environment.

Static analysis is the only way to enable developers to automatically identify vulnerabilities as they write code in their integrated development environment (IDE). With SAST, developers can:

  • Run scans in their IDE by using plugins that provide just-in-time security guidance.
  • Review source code before checking it into a version control repository.
  • Remediate identified vulnerabilities.
  • Adopt a preventative mindset.

Automation is an important part of adopting a SAST tool, as it drives efficiency, consistency, and early detection, enabling organizations to shift left. For a static analysis implementation to be effective, several distinct activities must come together to establish and maximize its impact. This webinar covers some challenges of SAST implementation and provides real solutions to get the most value out of SAST tools.

What: Maximizing the Impact of Static Analysis

When: Tuesday, July 14 @ 1 p.m. Eastern / 10 a.m. Pacific

Who: Meera Rao, Senior Principal Consultant, Synopsys

Watch now


Register for our remote security testing webinar

Remote Security Testing & Training: Busting Myths and Offering Solutions

While digital transformation and BYOD have allowed many IT activities to occur remotely, many enterprises still prefer to perform security testing on-site. Concerns about data security, network/application accessibility, assessment quality, and project management have discouraged teams from making the leap to remote testing.

In this webinar, we draw on lessons learned from many years of delivering managed application security services to provide guidelines on addressing these concerns and offer solutions for conducting remote security testing and security training.

What: Remote Security Testing & Training: Busting Myths and Offering Solutions

When: Wednesday, July 15 @ 11:30 a.m. Eastern / 8:30 a.m. Pacific

Who: Sandesh Mysore Anand, Managing Consultant, Synopsys; Rakshitha R. Rao, Security Consultant, Synopsys

Watch now


Register for our ISO SAE 21434 webinar

Secure Automotive Software Development in the Age of ISO/SAE 21434

Modern vehicles run on software containing more than 150 million lines of code. As a result of more advanced safety-relevant functionality, such as ADAS and autonomous driving, as well as new communication interfaces, mobile apps, and back-end servers based on connected car use cases, the need for developing secure systems in the automotive industry is higher than ever. A draft of the new cyber security standard ISO/SAE 21434 was recently released to help automotive companies address cyber security for the entire vehicle life cycle.

This talk presents cyber security activities in the software development process based on ISO/SAE 21434 to help automotive companies develop more secure systems. We’ll provide examples of what is required from a resources and tools perspective to ensure an efficient and practical implementation of the various cyber security steps in the development process.

What: Secure Automotive Software Development in the Age of ISO/SAE 21434

When: Wednesday, July 15 @ 9:30 a.m. BST

Who: Dr. Dennis Kengo Oka, Principal Automotive Security Strategist, Synopsys

Watch now

 

More by this author