Agile development for application security managers | Synopsys
Let's analyze agile development from the standpoint of application security, and look at ways to implement security into the Agile development methodology.
How Does Agile Overcome Common Software Security Challenges? | Synopsys
Utilizing an Agile software development life cycle can optimize your practices to overcome common software security challenges. Learn how.
What’s the difference between agile, CI/CD, and DevOps? | Synopsys
While Agile, CI/CD, and DevOps are different, they support one another. Agile focuses on the development process, CI/CD on practices, and DevOps on culture.
Learn How the Agile Security Manifesto Guides Secure Development | Synopsys
Learn how adding these 4 principles to the Agile Manifesto and your own process can help integrate critical security measures in a natural, efficient way.
Agile application security vs. traditional application security | Synopsys
How does agile application security differ from traditional application security, and what does it mean for your agile development practice?
Agile vs. security: Resolving the culture clash | Synopsys
When considering the clash that often results from agile vs. security, it's important to see that there's a difference between being agile and doing agile.
Agile Software Development Tricks for the Security Savvy | Synopsys
Waiting for the agile fad to pass? Agile software development is here to stay and is being adopted by organizations of all sizes.
AGPL: Out of the shadows—the Affero GPL 3 | Synopsys
Shortly after the release of GPL3, the FSF released Affero GPL 3, or AGPL, in part to close the "SaaS loophole" in GPL. What is AGPL, and who uses it?
Hard questions after an airline software ‘glitch’ leads to a crash | Synopsys
The parts and systems on an airplane don’t have to fail in a big way to have big consequences. A flaw in airline software could be a matter of life or death.
An OWASP interaction model | Software Integrity Blog
The OWASP board decided to support a partnership model with private industry. See how this model may work to shape existing OWASP assets.
1.4 Billion Android Devices Vulnerable to Hijack Attacks | Synopsys
Roughly 80 percent of all Android devices contain a Linux vulnerability that affect unencrypted communications and allow attackers to hijack data.
Android Full-Disk Encryption Flaw May Have Been Previously Known to Google | ...
Are Android OEMs responsible for the gap in mobile security updates? | Synopsys
There may be legitimate reasons why an OEM or carrier may choose not to push out a security update for a particular type of device. Get the full story.
Up to 900 million Android phones vulnerable to Qualcomm flaw | Synopsys
Researchers have disclosed four major security holes affecting the Qualcomm chips in several recent, popular mobile phones.
Here Are the Top 10 Best Practices for Securing Android Apps | Synopsys
No matter what type of Android app you intend to build, consider these 10 best practices for improving the security posture of your Android mobile apps.
Since a WebView is a browser control in an app, it invites traditional attacks associated with the web. We examine how to protect against these attacks.
AngularJS 1.6: Life Outside the Sandbox | Synopsys
If you haven't already evaluated the impact of this on your Angular code in preparation for the changes, it's high time to do so.
An Escape Room Called the “AngularJS Sandbox” | Synopsys
The AngularJS sandbox should not be considered a security boundary. Here, we'll explore what that's the case and how to protect against vulnerabilities.
AngularJS Security Series Part I: Angular $http Service | Synopsys
Our goal for this AngularJS security series is simple: to help developers better understand Angular and embrace the practice of writing more secure code.
AngularJS Is Secure by Default, Right? Not So Fast. | Synopsys
While Angular adds much-needed features to the language, it also creates a handful of new problems for developers.
Answering the most frequently asked questions about GDPR | Synopsys
What’s the definition of “personal data” under GDPR? What are the penalties for noncompliance? How can Synopsys help you along your GDPR compliance journey?
Recognizing Another Type of Threat: Non-targeted Attacks | Synopsys
Non-targeted attacks exploit a weakness in software and in an organization’s defenses: awareness of vulnerable components in their applications.
Anti-Virus Scan Shuts Down Medical Device … During a Procedure | Synopsys
A patient undergoing a routine cardiac catheterization procedure had to remain sedated 5 additional minutes while the device rebooted.
When Your Anti-Malware Program Has A Zero-Day | Synopsys
Software intended to protect your computer shouldn't be vulnerable to exploitation, yet that is what one security researcher is finding.
Apache barred the Facebook BSD+Patents license | Synopsys
Apache Software Foundation has tagged the Facebook BSD+Patents license as Category X, barring it from inclusion in Apache projects. Should you be worried?