6 months later, Spectre still haunts | Synopsys Software Integrity
It’s now more than six months since the major design flaw in computer chips labeled Spectre became public. And it's still haunting the world of information technology. For those who don’t have a ...
6 recommendations for healthcare cybersecurity | Synopsys
The Health Care Industry Cybersecurity Task Force published its recommendations this month, with six key recommendations for healthcare cybersecurity.
Checklist: 7 elements of GDPR software security compliance | Synopsys
Our GDPR compliance checklist explains seven steps you can take to improve your software security initiative and illustrate GDPR software security compliance.
7 software security myths about security best practices | Synopsys
Software security best practices are meant to improve security initiatives, not secure single applications. Here are 7 software security myths to consider.
7 ways financial services firms can protect themselves | Synopsys
When it comes to the finance industry, there are strategies that firms can implement to lock down assets and data as securely as possible.
8 must-have features in an IAST solution | Synopsys
With so many vendors to choose from, finding the perfect IAST solution for your organization’s needs can be difficult. Here’s a checklist of 8 must-have features for any good IAST tool.
A Methodology for Quantifying Risks from Web Services | Synopsys
How do you quantify the risks from usage of Web Services that make calls to various APIs available commercially and in public domain for “free” usage?
AAMI TIR57 recognized by the FDA as a foundational cybersecurity standard for...
The AAMI TIR57 "Principles for medical device security - Risk management" standard was published by AAMI this summer.
9 highlights from the 2018 Software Integrity blog | Synopsys
From vulnerability detection to API security, these nine topics hit the highlights from our coverage of software security and quality this year.
8 Takeaways from NIST’s Application Container Security Guide | Synopsys
NIST published the “Application Container Security Guide” in September to address security risks associated with container adoption. Read 8 key takeaways.
Abuse cases: How to think like a hacker | Synopsys
There are no protections in place to help developers anticipate what a malicious user might do with a feature. There should be.
Achieving Open Source Security in Container Environments | Synopsys
How do you achieve open source security in containers? Companies need to have an understanding of the components and dependencies in their container images.
3 Ways Abuse Cases Can Drive Security Requirements | Synopsys
Learn how to use abuse cases effectively to improve the security of an application's business features.
Learn how to accelerate your agile security strategy | Synopsys
Find the most aerodynamic way to build security into agile development with a variety of tools that effectively meet your firm's challenges.
Add Security to Your SDLC With This Handy Checklist | Synopsys
This checklist will guide you throughout the development journey to assure that you’re integrating security into each of the seven SDLC artifacts.
Adding Security to your Agile Development Process | Synopsys
An examination of the security steps that should be added to your Agile development process and determining the best way to add them.
IAST defined, plus the advantages of IAST for business-critical software
As an acronym, IAST is awkward to pronounce or to guess what it stands for. But as a testing tool, IAST is remarkably effective at rooting out potentially catastrophic bugs in web-based ...
Adobe Flash Flaw Compromises 'Kid-Friendly' Tablet | Synopsys
A newly disclosed software flaw allows remote hackers to follow user activity, activate in-built microphone, and take pictures using the device's camera.
'Active defense' is irresponsible | Software Integrity Blog
A look at the idea of “Active Defense”, which basically boils down to attacking the people who (may have) attacked you. Is it irresponsible?
What’s the difference between Agile, CI/CD, and DevOps? | Synopsys
We've been seeing a lot of instances recently where Agile, CI/CD, and DevOps are used interchangeably. The truth is that they're actually rather different.
Learn How the Agile Security Manifesto Guides Secure Development | Synopsys
Learn how adding these 4 principles to the Agile Manifesto and your own process can help integrate critical security measures in a natural, efficient way.
Agile Development for Application Security Managers | Synopsys
Let's analyze agile development from the standpoint of application security, and look at ways to implement security into the Agile development methodology.
How Does Agile Overcome Common Software Security Challenges? | Synopsys
Utilizing an Agile software development life cycle can optimize your practices to overcome common software security challenges. Learn how.
Agile Methodology and Application Security | Synopsys
Agile methodology and application security are often spoken of together as oil and water, but are they really?
Agile vs. security: Resolving the culture clash | Synopsys
When considering the clash that often results from agile vs. security, it's important to see that there's a difference between being agile and doing agile.