April 2023

Software due diligence in M&A: Key considerations and risks

Apr 28, 2023 By Kevin Collins In Synopsys

Software due diligence is crucial in M&A, but to approach it strategically you must understand its key considerations and risks. Mergers and acquisitions (M&As) can be a great way for companies to expand their offerings and market share. One of the biggest risk areas for M&A in tech deals is software plagued with vulnerabilities or that contains open source license compliance issues.

Read Post

Synopsys

Read more about Software due diligence in M&A: Key considerations and risks

Fuzz testing for connected and autonomous vehicles

Apr 28, 2023 By Dr. Dennis Kengo Oka In Synopsys

The previous blog post in this series presented an introduction to secure software development for modern vehicles. In this blog post, we will do a deep dive on connected and autonomous vehicles (AVs) and focus on fuzz testing.

Read Post

Synopsys

Read more about Fuzz testing for connected and autonomous vehicles

AppSec Decoded: Improving the Sec in DevSecOps | Synopsys

Apr 28, 2023 By Synopsys In Synopsys

Learn how to enable developers to build secure software.

View Video

Synopsys

Read more about AppSec Decoded: Improving the Sec in DevSecOps | Synopsys

Cloud detection and response, a key asset for cloud security

Apr 27, 2023 By John Waller In Synopsys

With the continued move to the cloud, cloud detection and response helps security teams defend their cloud applications and infrastructure.

Read Post

Synopsys

Read more about Cloud detection and response, a key asset for cloud security

AppSec Decoded: Scale application security cost-effectively with Polaris | Synopsys

Apr 27, 2023 By Synopsys In Synopsys

Whether your organization needs testing for a single application or thousands, the Polaris Software Integrity Platform® delivers a unified SaaS platform to meet your needs.

View Video

Synopsys

Read more about AppSec Decoded: Scale application security cost-effectively with Polaris | Synopsys

AppSec Decoded: Don't let your software supply chain poison your apps | Synopsys

Apr 27, 2023 By Synopsys In Synopsys

Learn why it’s critical for organizations to focus on software supply chain risks. Hear from Anita D’Amico, vice president of cross-portfolio solutions and strategy at Synopsys, on her predictions for the software supply chain.

View Video

Synopsys

Read more about AppSec Decoded: Don't let your software supply chain poison your apps | Synopsys

AppSec Decoded: Easy deployment with Polaris | Synopsys

Apr 27, 2023 By Synopsys In Synopsys

The Polaris Software Integrity Platform® offers developer-focused features that enable frictionless application security for developers.

View Video

Synopsys

Read more about AppSec Decoded: Easy deployment with Polaris | Synopsys

We're one step closer to knowing how to comply with EO 14028

Apr 27, 2023 By Tim Mackey In Synopsys

CISA’s draft self-attestation form, published today, is a step in the right direction in demystifying EO 14028 compliance. It’s finally happened. For everyone who has been trying to figure out how to comply with President Biden’s Executive Order on Cybersecurity (EO 14028), you now have the answer—sort of.

Read Post

Synopsys

Read more about We're one step closer to knowing how to comply with EO 14028

Fast application security testing with the Polaris platform

Apr 26, 2023 By Charlotte Freeman In Synopsys

Polaris Software Integrity Platform® – your application security testing system that can do both SAST and SCA, fast. Digitalization is speeding up business cycles across all industry sectors, so no matter what business you’re in, you need to keep up.

Read Post

Synopsys

Read more about Fast application security testing with the Polaris platform

AppSec Decoded: Evaluating threats with threat modeling risk analysis | Synopsys

Apr 25, 2023 By Synopsys In Synopsys

Learn how risk analysis, the final step in the threat modeling, helps guide an organization’s response to threats.

View Video

Synopsys

Read more about AppSec Decoded: Evaluating threats with threat modeling risk analysis | Synopsys

Improving software supply chain security for cloud applications and workloads

Apr 24, 2023 By Synopsys Editorial Team In Synopsys

You should consider the following tips, tricks and best practices to help improve your supply chain security in the cloud. The cloud has revolutionized the way businesses operate, providing a scalable and cost-effective solution for storing, processing, and sharing data. However, with this growth has come new security concerns, particularly around the cloud software supply chain.

Read Post

Synopsys

Read more about Improving software supply chain security for cloud applications and workloads

Friend or foe: AI chatbots in software development

Apr 21, 2023 By Taylor Armerding In Synopsys

Yes, AI chatbots can write code very fast, but you still need human oversight and security testing in your AppSec program. Chatbots are taking the tech world and the rest of the world by storm—for good reason. Artificial intelligence (AI) large language model (LLM) tools can write things in seconds that would take humans hours or days—everything from research papers to poems to press releases, and yes, to computer code in multiple programming languages.

Read Post

Synopsys

Read more about Friend or foe: AI chatbots in software development

Polaris integrations: Secure development at the speed of business

Apr 19, 2023 By Synopsys Editorial Team In Synopsys

Digitalization means you need to build more complex software than ever before – the Polaris Software Integrity Platform® can help. Whether you’re building software to run your business or selling software to other businesses, you’re relying on technologies like cloud computing, continuous integration/continuous deployment (CI/CD), microservices, and APIs to enable speed and agility in application development.

Read Post

Synopsys

Read more about Polaris integrations: Secure development at the speed of business

Black Duck SCA vs. Black Duck Audit Services

Apr 14, 2023 By Steven Power In Synopsys

With a surplus of software security testing solutions on the market, identifying the right SCA solution has never been more important. In today’s world, there is an increasingly large number of software security tools and testing solutions available with a range of capabilities, including software composition analysis (SCA), for managing open source risks.

Read Post

Synopsys

Read more about Black Duck SCA vs. Black Duck Audit Services

Improving cloud security posture with infrastructure-as-code

Apr 13, 2023 By Monika Chakraborty In Synopsys

With ever-increasing application architecture complexity, infrastructure-as-code is your key to boosting your cloud security posture.

Read Post

Synopsys

Read more about Improving cloud security posture with infrastructure-as-code

What pen testing can tell you about the health of your SDLC

Apr 13, 2023 By Charlotte Freeman In Synopsys

Tailored use of pen testing can provide critical support and insights for gauging the health of your SDLC.

Read Post

Synopsys

Read more about What pen testing can tell you about the health of your SDLC

AppSec Decoded: Creating a system model in threat modeling | Synopsys

Apr 13, 2023 By Synopsys In Synopsys

Learn how a system model helps guide the discussion and present results in threat modeling.

View Video

Synopsys

Read more about AppSec Decoded: Creating a system model in threat modeling | Synopsys

AppSec Decoded: Creating an attack model in threat modeling | Synopsys

Apr 13, 2023 By Synopsys In Synopsys

An attack model in threat modeling answers the question of how well your assets are protected against threats.

View Video

Synopsys

Read more about AppSec Decoded: Creating an attack model in threat modeling | Synopsys

Container security essentials

Apr 10, 2023 By Synopsys Editorial Team In Synopsys

As the preferred method for packaging and deploying cloud-native applications, a comprehensive understanding of containers, and how to secure them, has never been so important. As cloud-native applications continue to proliferate, containers are becoming the preferred option to package and deploy these applications because of the agility and scalability they offer. In fact, Gartner predicts that 75% of global organizations are running containerized applications in production.

Read Post

Synopsys

Read more about Container security essentials

Why cross-site scripting still matters

Apr 6, 2023 By Charlotte Freeman In Synopsys

With web application exploits the 3rd-most-common cybersecurity threat, overlooking the importance of XSS vulnerabilities puts you at risk. As we move through 2023, many organizations are looking at their cybersecurity programs and considering how to allocate their application security testing resources. While allocating testing resources to OWASP Top 10 vulnerabilities like cross-site scripting (XSS) may not feel innovative, it’s one of the best ways to ensure an organization’s security.

Read Post

Synopsys

Read more about Why cross-site scripting still matters

Polaris Software Integrity Platform | Synopsys

Apr 4, 2023 By Synopsys In Synopsys

Looking for an efficient and effective way to test your applications for security vulnerabilities? Look no further than Polaris Software Integrity Platform, the cloud-based application security testing solution optimized for the needs of development and DevSecOps teams. With Polaris, developers can easily onboard and begin scanning their code in just a matter of minutes, while security teams can effortlessly track and manage testing activities and risks across hundreds or even thousands of applications.

View Video

Synopsys

Read more about Polaris Software Integrity Platform | Synopsys

Polaris: Your no-compromise SaaS AST solution

Apr 4, 2023 By Synopsys Editorial Team In Synopsys

Polaris Software Integrity Platform® – a SaaS application security testing solution delivering speed without compromise. Faster, faster, faster. The pressure is on to do business faster, to develop faster, and to secure all of this with faster and faster AppSec. Businesses want to release products, services, and apps to their customers on shorter and shorter release cycles.

Read Post

Synopsys

Read more about Polaris: Your no-compromise SaaS AST solution

OWASP Top 10: Security misconfiguration

Apr 3, 2023 By Synopsys Cybersecurity Research Center In Synopsys

Listed at #5 in the OWASP Top 10 list, security misconfiguration refers to vulnerabilities that result from an application’s configuration. As with insecure design, security misconfiguration is a broad category within the OWASP Top 10. These types of misconfigurations can occur at any level of an application stack, so it’s critical for DevSecOps teams to work together to ensure the entire stack is properly set up.

Read Post

Synopsys

Read more about OWASP Top 10: Security misconfiguration

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

April 2023

Software due diligence in M&A: Key considerations and risks

Fuzz testing for connected and autonomous vehicles

AppSec Decoded: Improving the Sec in DevSecOps | Synopsys

Cloud detection and response, a key asset for cloud security

AppSec Decoded: Scale application security cost-effectively with Polaris | Synopsys

AppSec Decoded: Don't let your software supply chain poison your apps | Synopsys

AppSec Decoded: Easy deployment with Polaris | Synopsys

We're one step closer to knowing how to comply with EO 14028

Fast application security testing with the Polaris platform

AppSec Decoded: Evaluating threats with threat modeling risk analysis | Synopsys

Improving software supply chain security for cloud applications and workloads

Friend or foe: AI chatbots in software development

Polaris integrations: Secure development at the speed of business

Black Duck SCA vs. Black Duck Audit Services

Improving cloud security posture with infrastructure-as-code

What pen testing can tell you about the health of your SDLC

AppSec Decoded: Creating a system model in threat modeling | Synopsys

AppSec Decoded: Creating an attack model in threat modeling | Synopsys

Container security essentials

Why cross-site scripting still matters

Polaris Software Integrity Platform | Synopsys

Polaris: Your no-compromise SaaS AST solution

OWASP Top 10: Security misconfiguration

Monthly Archive

Follow Us