Smart, Secure Everything from Silicon to Software
The 6 Levels of Vehicle Autonomy Explained | Synopsys Automotive
Before merging onto roadways, self-driving cars will have to progress through 6 levels of driver assistance technology advancements. SAE defines 6 levels of driving automation ranging from 0 (fully...
Functional Safety & Reliability Solutions | Synopsys Automotive
Ensure functional safety and reliability with Synopsys chip design platforms and verification platforms. Learn more.
Automotive Solutions | Synopsys Automotive
Synopsys solutions to help you meet security, functional safety, reliability, & compliance requirements in your automotive SoCs & software.
Synopsys Email Subscription Center Request Form | Register Form
MISRA–AUTOSAR Standards & the Future of the Connected Car | Synopsys Automotive
The integrated MISRA–AUTOSAR C++ rule set will bring together the best ideas from two industry-leading organizations. It will deliver a unified industry standard with a common set of rules. The ...
What is ASIL (Automotive Safety Integrity Level)? – Overview | Synopsys ...
ASIL refers to Automotive Safety Integrity Level. It is a risk classification system defined by the ISO 26262 standard for the functional safety of road vehicles. Learn more.
What is ISO 26262 Functional Safety Standard? | Synopsys Automotive
ISO 26262 mandates a functional safety development process that automotive OEMs and suppliers must follow and document to have their devices qualified to run inside commercial vehicles. It outlines...
What is MISRA (Motor Industry Software Reliability Association)? | Synopsys ...
MISRA (the Motor Industry Software Reliability Association) provides guidelines for developing safety- and security-related electronic systems, embedded control systems, software-intensive ...
10 critical cloud security threats in 2018 and beyond | Synopsys
Explore 10 critical cloud security threats: data breaches, human error, data loss, insider threats, DDoS attacks, insecure APIs, exploits, account hijacking, APTs, and CPU flaws.
2015 Cyber Security Breaches That Will Live In Infamy | Synopsys
Join us as we explore three cyber security breaches that made waves in 2015, and what they mean for the future of security.
2017 Coverity Scan Report: Examining open source security and the road ahead ...
The 2017 Coverity Scan report examines OSS project risk, initiatives form the Linux Foundation, and the future of open source software. Learn more.
Increase in data breaches (most of them preventable) in 2017 | Synopsys
A few reasons for the increase in data breaches: Attackers are getting better, tools are getting more sophisticated, and the attack surface is growing.
What to Look Forward to at the 2017 Medical Device Security 101 Conference | ...
Ensuring that healthcare providers, medical device manufacturers, and industry regulators are knowledgeable about security threats.
OWASP Top 10—A7: Request for removal and replacement | Synopsys
Proposed entry “A7 - Insufficient Attack Protection” is a potentially dangerous addition to the 2017 OWASP Top 10 Application Security Risks list.
Introducing the 2018 CISO Report: A Q&A with Gary McGraw | Synopsys
We recently sat down with Dr. Gary McGraw to discuss his latest research effort around the CISO role. Learn more about the findings in a new report.
Have you taken the 2017 Software Quality and Security Survey?
Are you involved in software security and/or development within your organization? Take the software quality and security survey today. Submit your input by 8/25 for your chance to win a $200 ...
We’re a 2018 NEVY Awards finalist for Cybersecurity Company of the Year | ...
We’re honored to be named a finalist for the Cybersecurity Company of the Year Award in the 2018 NEVY Awards, hosted by the New England Venture Capital Association (NEVCA) and presented by ...
Experts talk 2019 application security trends at RSA | Synopsys
We asked a couple of AppSec experts and BSIMM participants about 2019 application security trends, challenges, obstacles, and solutions. Here’s what they said.
The 3 Fundamentals of a Software Security Initiative | Synopsys
The most effective software security initiatives are tuned to fit your organization and built to scale.
Views on the 30-Day Data Breach Notification Laws
This week there has been much conversation around President Obama’s proposed law calling for organizations to publically disclose breaches within 30 days.
2019 software security predictions: AI, IoT, and more | Synopsys
Our experts share their 2019 software security predictions about AI/machine learning, design and standards, cloud adoption, and IoT, routers, and data in transit.
The 4 Most Important Secure Development Disciplines | Synopsys
Building security into their DevOps culture by following 4 development disciplines enables Dynatrace to focus on secure software & product development.
4 Risks in connected cars: security implications of open source | Synopsys
At Flight Amsterdam I led a panel discussion on the security implications of open source in connected cars, joined by Gordon Haff and Simon Gutteridge.
Life-forms descend on Leipzig #34C3: Chaos Communication Congress
At the 34th Chaos Communication Congress (#34C3), life-forms descended on Leipzig to encourage people to use technology to make the world better. Or TUWAT.
Online Safety Tips to Promote Within Your Company | Synopsys
Raise security awareness in your organization. You’ll protect your employees and your business. Get started with these online safety tips.
5 DevSecOps essentials and how to achieve them | Synopsys
Embracing a DevSecOps practice requires key cultural and practical changes to integrate security into the SDLC. Learn about the 5 essentials for DevSecOps.
5 Reasons to Outsource Your Authentication Like You Do Your Credit Card ...
Implementing 1 or more of the providers doesn’t make security considerations go away, nor does it even make your application safe.
5 things to do before your threat modeling assessment | Synopsys
Here are 5 activities to undertake before your next threat modeling assessment that will set your team and organization up for success.
The 5 Pillars of a Successful Threat Model | Synopsys
Threat modeling identifies risks and flaws affecting a system.Here are 5 primary activities to perform when creating or updating a threat model.
5 Ways To Pay Your Technical Debt Back | Synopsys
Secure your software development moving forward and reduce the creation of technical debt by aligning your software supply chain.
6 months later, Spectre still haunts | Synopsys Software Integrity
It’s now more than six months since the major design flaw in computer chips labeled Spectre became public. And it's still haunting the world of information technology. For those who don’t have a ...
Checklist: 7 elements of GDPR software security compliance | Synopsys
Our GDPR compliance checklist explains seven steps you can take to improve your software security initiative and illustrate GDPR software security compliance.
6 recommendations for healthcare cybersecurity | Synopsys
The Health Care Industry Cybersecurity Task Force published its recommendations this month, with six key recommendations for healthcare cybersecurity.
7 myths about software security best practices | Synopsys
Software security best practices are meant to improve security initiatives, not secure single applications. Here are 7 software security myths to consider.
7 ways financial services firms can protect themselves | Synopsys
When it comes to the finance industry, there are strategies that firms can implement to lock down assets and data as securely as possible.
8 must-have features in an IAST solution | Synopsys
With so many vendors to choose from, finding the perfect IAST solution for your organization’s needs can be difficult. Here’s a checklist of 8 must-have features for any good IAST tool.
9 highlights from the 2018 Software Integrity blog | Synopsys
From vulnerability detection to API security, these nine topics hit the highlights from our coverage of software security and quality this year.
8 Takeaways from NIST’s Application Container Security Guide | Synopsys
NIST published the “Application Container Security Guide” in September to address security risks associated with container adoption. Read 8 key takeaways.
A Methodology for Quantifying Risks from Web Services | Synopsys
How do you quantify the risks from usage of Web Services that make calls to various APIs available commercially and in public domain for “free” usage?
AAMI TIR57 recognized by the FDA as a foundational cybersecurity standard for...
The AAMI TIR57 "Principles for medical device security - Risk management" standard was published by AAMI this summer.
3 Ways Abuse Cases Can Drive Security Requirements | Synopsys
Learn how to use abuse cases effectively to improve the security of an application's business features.
Abuse cases: How to think like a hacker | Synopsys
There are no protections in place to help developers anticipate what a malicious user might do with a feature. There should be.
Achieving Open Source Security in Container Environments | Synopsys
How do you achieve open source security in containers? Companies need to have an understanding of the components and dependencies in their container images.
Learn how to accelerate your agile security strategy | Synopsys
Find the most aerodynamic way to build security into agile development with a variety of tools that effectively meet your firm's challenges.
Adding Security to your Agile Development Process | Synopsys
An examination of the security steps that should be added to your Agile development process and determining the best way to add them.
Add Security to Your SDLC With This Handy Checklist | Synopsys
This checklist will guide you throughout the development journey to assure that you’re integrating security into each of the seven SDLC artifacts.
Adobe Flash flaw compromises 'kid-friendly' tablet | Synopsys
A newly disclosed Adobe Flash security flaw allows remote hackers to follow a LeapFrog user's activity, activate the built-in microphone, and take pictures using the device's camera.
IAST defined, plus the advantages of IAST for business-critical software
As an acronym, IAST is awkward to pronounce or to guess what it stands for. But as a testing tool, IAST is remarkably effective at rooting out potentially catastrophic bugs in web-based ...
What’s the difference between agile, CI/CD, and DevOps? | Synopsys
We've been seeing a lot of instances recently where agile, CI/CD, and DevOps are used interchangeably. The truth is that they're actually rather different.