Software Integrity Blog
[Webinars] Secure your CI/CD pipelines with IAST and Synopsys Detect
Learn how interactive application security testing (IAST) fits into any CI/CD pipeline and how to secure your Azure CI/CD Pipelines with Synopsys Detect.
Bridging the Security Testing Gap in Your CI/CD Pipeline
Are you struggling with application security testing? Do you wish it were easier, faster, and better? Join us for a webinar on DevOps.com to learn more about IAST, a next-generation application security tool that provides highly accurate, real-time vulnerability results without the need for application or source code scans. Learn how this nondisruptive tool can:
- Run in the background and report vulnerabilities during functional testing, CI/CD, and QA activities
- Auto verify, prioritize and triage vulnerability findings in real time with 100% confidence
- Fully automate secure app delivery and deployment, without the need for extra security scans or processes
- Free up DevOps resources to focus on strategic or mission-critical tasks and contributions
What: Bridging the Security Testing Gap in Your CI/CD Pipeline
When: Tuesday, Sept. 10 @ 11 a.m. Eastern / 8 a.m. Pacific
Who: Asma Zubair, senior product manager, Synopsys; Kimm Yeo, product marketing manager, Synopsys
Automating Pipeline Security Checks With Synopsys and Azure DevOps
Microsoft Azure DevOps is a collection of modern dev services designed to help development teams plan smarter, collaborate better, and ship faster. Azure CI/CD Pipelines, where applications are built, tested, and deployed, benefit from additional functionality provided by third-party extensions. Synopsys Detect, an extension for Azure DevOps, simplifies the addition of static code analysis and open source composition analysis to your pipelines. Tune in to learn how to plug Synopsys into your Azure Pipelines to fix potential leaks before they burst.
In this webinar, Synopsys and Microsoft will explain how to:
- Add static code analysis to your build pipelines with Coverity on Polaris
- Integrate Black Duck open source compliance and security checks into your delivery pipelines
- Perform Seeker interactive testing on apps deployed to Azure App Service
What: Automating Pipeline Security Checks With Synopsys and Azure DevOps
When: Available on demand
Who: Sasha Rosenbaum, sr. program manager, Microsoft; Tomas Gonzalez, alliance technical engineer, Synopsys
Financial Services Study Shows Why Investing in AppSec Matters
If you’re a provider of financial services, then client trust, privacy, and risk management are critical to your success. Therefore, you must protect your organization’s sensitive data from cyber attacks and data breaches. A recent survey of current software security practices in the financial services industry explores the industry’s software security posture and its ability to address security-related issues.
In this webinar with Drew Kilbourne, managing director, Synopsys and Larry Ponemon, chairman, Ponemon Institute, will review findings from the report and discuss what they mean for the industry at large. Here’s a preview of some key findings:
- 56% of organizations had experienced an attack resulting in system failure and downtime.
- 74% were concerned about security vulnerabilities introduced by third-party suppliers, but less than 43% said they require third parties to adhere to cyber security requirements.
- Only 34% of financial applications are tested for vulnerabilities, and only 25% of respondents were confident in their ability to detect vulnerabilities before going to market.
What: Financial Services Study Shows Why Investing in AppSec Matters
When: Available on demand
Who: Drew Kilbourne, managing director, Synopsys; Dr. Larry Ponemon, chairman, Ponemon Institute
