Balancing Agility and Open Source Security for DevOps | Synopsys
Open source insight this week, lots of DevOps news including why automation is critical for securing code, as well as balancing agility with security needs.
AGPL: Out of the Shadows - the Affero GPL 3 | Synopsys
Shortly after the release of GPL3, the FSF released Affero GPL 3, or AGPL. There were two philosophical camps in drafting GPL3: one that GPL3 incorporate new conditions to close the “SAAS loophole”...
An OWASP interaction model | Software Integrity Blog
The OWASP board decided to support a partnership model with private industry. See how this model may work to shape existing OWASP assets.
Hard questions after an airline software ‘glitch’ leads to a crash | Synopsys
The parts and systems on an airplane don’t have to fail in a big way to have big consequences. A flaw in airline software could be a matter of life or death.
Android Full-Disk Encryption Flaw May Have Been Previously Known to Google | ...
Improper Input Flaw Affects Most Android Phones | Synopsys
Security researchers disclosed that a Qualcomm flaw that may expose users' text messages, call histories, and possibly other sensitive data.
1.4 Billion Android Devices Vulnerable to Hijack Attacks | Synopsys
Roughly 80 percent of all Android devices contain a Linux vulnerability that affect unencrypted communications and allow attackers to hijack data.
Are Android OEMs responsible for the gap in mobile security updates? | Synopsys
There may be legitimate reasons why an OEM or carrier may choose not to push out a security update for a particular type of device. Get the full story.
Up to 900 Million Android Phones Vulnerable to Qualcomm Flaw | Synopsys
Four major security holes have been disclosed affecting the Qualcomm chips in several recent, popular mobile phones.
Here Are the Top 10 Best Practices for Securing Android Apps | Synopsys
No matter what type of Android app you intend to build, consider these 10 best practices for improving the security posture of your Android mobile apps.