Synopsys named a winner in the Application Security Organization category for a 2023 Fortress Cyber Security Award. The Business Intelligence Group today announced the winners of the 2023 Fortress Cyber Security Awards. The award program identifies and rewards the world’s leading companies and products that work to keep our data and electronic assets safe among a growing threat from hackers. Synopsys is honored to be recognized for this distinction.

As cloud adoption continues to grow, periodic cloud security risk assessments should be high on your organization’s priority list.

Organizations should emphasize processes that connect the dots between software development practices, business risk and due diligence activities. Typically, it’s businesspeople and lawyers who coordinate due diligence in an M&A transaction. A few might be former developers; often, many have gained some understanding of how software is built through osmosis and have at least an intuitive sense of technical risk.

In the 2023 Gartner® Magic QuadrantTM for Application Security Testing, Synopsys placed highest and furthest right for the fifth consecutive year for our Ability to Execute and our Completeness of Vision.

Having malicious code detection strategies in place is critical to keeping your software supply chain secure. Let’s imagine you discover a string of suspicious code within one of your applications. Perhaps a routine scan by your application testing team finds a point of interest that indicates malicious code, such as a time bomb or back door, has been inserted by a malicious insider within your software supply chain.

What is malicious code? What makes it dangerous? Learn how can you detect it and keep it out of your software supply chain. Everyone wants to believe that the code developed within a trusted software supply chain is legitimate. The unfortunate reality is that malicious coders have subtle ways to secretly embed code that exposes your business to risk. Malicious code can be challenging to recognize and can remain undetected within applications long before it causes damage. Learn to recognize the red flags.

Holistic software due diligence is a critical practice that helps private equity firms maximize their returns.

Agreement between Synopsys and ReversingLabs delivers comprehensive software supply chain risk management solution.

According to the 2023 “Open Source Security and Risk Analysis” (OSSRA) report, 96% of commercial code contains open source. In fact, 76% of the code scanned by Black Duck® Audit Services was open source. In other words, no matter what applications your organization builds, uses, or sells, you can be virtually certain that the application contains open source.

CVE-2023-25828 vulnerability; history, mitigation analysis, and everything you need to know about the remote code execution (RCE) vulnerability in Pluck CMS.

Synopsys Cybersecurity Research Center discovers new RCE vulnerability and cross-site scripting vulnerability in OpenTSDB.