Security | Threat Detection | Cyberattacks | DevSecOps | Compliance


From simulation to success: the impact of fuzzing in software-in-the-loop testing

Software-in-the-loop (SiL) testing is a pivotal method in the software development lifecycle, especially for embedded systems and critical applications. By simulating real-world conditions and integrating software components within a controlled virtual environment, SiL allows for the early detection of bugs, ensuring higher code quality and reliability. Read on to learn how to introduce SiL testing in your project.

FDA's cybersecurity requirements for medical devices and when to comply with them

The United States Food and Drug Administration (FDA) is a federal agency within the Department of Health and Human Services. The FDA is responsible for protecting and promoting public health through the control and supervision of medications, vaccines, biopharmaceuticals, medical devices, and other types of products. To ensure the safety and security of medical devices, the FDA supports a variety of standards and guidelines that medical device manufacturers are highly recommended to follow.

A Complete Overview of Binary-Based SAST

Zimperium's Global Mobile Threat Report found that unique mobile malware samples grew by 51% in 2022. According to Anne Neuberger, the US Deputy National Security Advisor for Cyber and Emerging Technologies, the annual average cost of cybercrime will reach over $23 trillion in 2027. The threat landscape and the cost of ignoring security are increasing. It is no longer advisable to just be reactive but proactive in maintaining the security of mobile devices.

DAST Vs. Penetration Testing: Comprehensive Guide to Application Security Testing

For two decades or so now, web applications have been the backbone of many businesses, making their security paramount. Dynamic Application Security Testing (DAST) and penetration testing are crucial for identifying and mitigating security vulnerabilities in web application security. While both aim to enhance application security, they differ significantly in their approach, execution, and outcomes.

Understanding the Nuances: DAST vs. Penetration Testing

Cyberattacks are a growing threat, making it crucial for us to understand the tools and techniques available to secure applications. Today, we dive into the differences and similarities between Dynamic Application Security Testing (DAST) and Penetration Testing with insights from a Veracode industry expert and certified penetration tester, Florian Walter. DAST is an automated technique designed to identify security vulnerabilities in web applications and APIs during runtime.

How AI adoption throughout the SDLC affects software testing

With AI finding adoption throughout all stages of the development process, the SDLC as we know it is becoming a thing of the past. Naturally, this has many implications for the field of software testing. This article will discuss how the SDLC has evolved over time, going into detail on the impact that AI adoption is having on both software development and software testing.

The ethical considerations for AI-powered software testing

As AI integrates into every stage of the SDLC, the area of software testing is undergoing transformative and unprecedented changes. In this article, we will discuss the ethical considerations for AI-powered software testing, examining the advantages and potential hurdles generative AI presents as a new technology being applied across the SDLC.

Why Static Analysis (SAST) isn't enough to prevent critical bugs in embedded software

Static code analysis is widely adopted among organizations for its ability to provide fast feedback loops and identify bugs early in development. However, despite its advantages, numerous bugs and vulnerabilities remain undetected and are only found when they've made their way into production or been caught by late-stage penetration testing. The best security practice involves leveraging both static and dynamic testing, such as fuzz testing.

Protect your Hardware Security Module against edge cases with Code Intelligence

As vehicles become increasingly reliant on software, secure and functional Hardware Security Modules (HSMs) are paramount. Unknown vulnerabilities in your automotive software can pose a significant threat to your products and business by putting you at risk of coding errors or insecure configurations, which can be exploited by malicious actors or lead to consequential failures.