Software Integrity Blog
[Webinars] Evidence-based security, design and code quality in tech M&A
Learn how to improve software security using evidence-based standards, and why you should inspect design and code quality during technical due diligence.
Using Evidence-Based Security in Your Secure Development Life Cycle
All too often, security is stuck in the 1960s doing slow desk checks, the results of which are out of date before the PDF report lands on an auditor’s desk. If developers see this report, they’ll find it’s full of hot garbage. Security folks must become agile, thinking like developers and helping build secure applications, not criticizing and using recommendations from the last century.
In this talk, you’ll learn how you can contribute data, offer better remediation advice, and use modern evidence-based standards such as the forthcoming OWASP Top 10 2020 and the OWASP Application Security Verification Standard 4.0 in your development pipeline. Security professionals have heard this all before, but we persist in doing the wrong things. Let’s not do security like it’s 1998; let’s build assurance in from the get-go, with each and every build.
What: Using Evidence-Based Security in Your Secure Development Life Cycle
When: Available on demand
Who: Andrew van der Stock, senior principal consultant, Synopsys
Do Design Quality and Code Quality Matter in M&A Tech Due Diligence?
(Spoiler alert: Yes.)
In an acquisition where a software asset is a core part of the deal valuation, it’s important to understand the overall quality of the software before doing the deal. Buggy software is problematic and needs to be cleaned up, so assessing code quality is important. But also, with poorly designed software, every fix is costly, laborious, and risky. The cost of fixes can significantly affect the long-term technical and economic viability of the application, and maintaining the software can seriously degrade ROI. That’s why understanding a software system’s design and architectural health and the likely “cost of ownership” is key.
Join us for this live webinar to learn how to paint a complete picture of the technical quality of software to avoid buyer’s remorse post-close. We’ll cover:
- The dimensions of technical due diligence
- The difference between design quality and code quality
- How software architecture can have a long-term impact
- What to look for in software design and code quality audits
What: Do Design Quality and Code Quality Matter in M&A Tech Due Diligence?
When: Available on demand
Who: Dan Sturtevant, co-founder and CEO, Silverthread; Phil Odence, GM of Black Duck Audits, Synopsys
More by this author
- Agile, CI/CD & DevOps
- Application Security
- Automotive Cyber Security
- Cloud Security
- Container Security
- Data Breach Security
- Developer Enablement
- Featured
- Financial Cyber Security
- Fuzz Testing
- Healthcare Security & Privacy
- Interactive Application Security Testing (IAST)
- IoT Security
- Medical Device Security
- Mergers & Acquisitions
- Mobile App Security
- News & Announcements
- Open Source Security
- Security Training & Awareness
- Software Architecture & Design
- Software Compliance, Quality & Standards
- Software Composition Analysis (SCA)
- Software Security Program
- Software Security Research
- Static Analysis (SAST)
- Web Application Security
- Webinars