New Synopsys Black Duck® engagement summary report summarizes a breadth of insights across all domains of software due diligence.

Synopsys researcher discovers vulnerabilities CVE-2023-2453, CVE-2023-4480 in PHPFusion.

New 2023 SANS DevSecOps Survey explores DevSecOps challenges and trends. In today's rapidly evolving digital landscape, the intersection of development, security, and operations has become paramount. DevSecOps, a methodology that integrates security practices into the DevOps workflow, has emerged as a critical approach to ensure the security and efficiency of software development processes.

IoT security begins with building secure software. Learn how to embed security into your SDLC to avoid becoming an easy target for hackers. With the evolution of the Internet of Things (IoT), there are billions of devices in the world today. Everything is becoming a computer—your thermostat, stove, refrigerator, washer, dryer, vehicle, door locks—even things like lawn mowers and vacuum cleaners.

Parallels between the history of open source and the rise of AI in software development can teach us valuable AppSec lessons. The front page news about generative artificial intelligence (GAI) taking over software development from poor human developers has waned a bit. But there is no doubt that the technology will continue to transform the software development space over time.

Cross-platform DevSecOps challenges are easily solved with Polaris Software Integrity Platform® capabilities.

WhiteHat Dynamic helps organizations eliminate false positives. In the digital age, web apps are the engine that powers business. Organizations rely on web apps to run everything from internal team sites and HR portals to external client portals, business interfaces, and shopping carts. But web apps are also where threat actors can attack your business-critical applications to access your back-end databases.

CVE-2023-0871 is an XML External Entity injection vulnerability in OpenNMS Horizon.

Generative artificial intelligence tools are changing the world and the software development landscape significantly. Our webinar series will help you understand how. The popular press continues to reverberate with stories about the miracles of generative artificial intelligence (GAI) and machine learning (ML), and all the ways it might be used for good—and for bad. There’s hardly a tech company that isn’t talking about how GAI/ML can enhance its offerings.

Introducing Synopsys AI code analysis API With generative AI tools like ChatGPT, GitHub Copilot, and Tabnine flooding the software development space, software developers are quickly adopting these technologies to help automate everyday development tasks.