Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Synopsys

Software risks in private equity buyouts | Synopsys

Nov 4, 2021 By Synopsys In Synopsys
We’ve been briefing private equity investment professionals on how software is developed today and the risks it creates in the software. Understanding issues in the code allows investors to ensure that deal terms fairly allocate risk and to allow for addressing in forward-looking plans. Watch the video to learn about the legal, security, and quality software risks to look for during a software due diligence and the approaches for managing those risks.
View Video

AppSec Decoded: Why Biden's executive order should be on your radar | Synopsys

Oct 28, 2021 By Synopsys In Synopsys
Biden’s executive order (EO), announced earlier this spring, outlines cyber security standards and best practices that will apply to federal departments, agencies, and their technology suppliers. Although the EO’s goal is to secure the U.S. government, implications are expected to be broader and could be adopted by the commercial sector. We spoke with Tim Mackey, principal security strategist at Synopsys Cybersecurity Research Center (CyRC), to learn how Biden’s EO differs from prior EOs and why it should be on everyone’s radar.
View Video
synopsys

How to cybersecurity: Heartbleed deep dive

Oct 25, 2021 By Jonathan Knudsen In Synopsys

Over seven years later, the Heartbleed vulnerability still offers important lessons in application security. Heartbleed is a serious vulnerability discovered in the openssl open source software component in April 2014. This article is a deep dive on Heartbleed and its broader implications for application security.

Read Post
synopsys

Top 10 Spring Security best practices for Java developers

Oct 18, 2021 By Hugues Martin In Synopsys

If you’ve reached this page, you’re probably familiar with Spring and its basic mechanisms already. From its inception in 2002, Spring has become one of the dominant frameworks to build any kind of web application in Java. Web applications usually are the biggest interface between a company and its users—both internal and external. When security is neglected at the developer level, applications can become very desirable targets to hackers.

Read Post
synopsys

The state of mergers and acquisitions wheeling and dealing

Oct 15, 2021 By Phil Odence In Synopsys

The most recent Transaction Advisors M&A Strategy Forum was held (virtually) in September and offered a wealth of information about deal tactics and terms. Transaction Advisors promotes best practices in all facets of M&A. (Full disclosure: Synopsys is a sponsor of the forum; we find the content very relevant to our clients.)

Read Post
synopsys

CyRC Vulnerability Advisory: SQL injection, path traversal leading to arbitrary file deletion and XSS in Nagios XI

Oct 13, 2021 By Scott Tolley In Synopsys

CVE-2021-33177, CVE-2021-33178, and CVE-2021-33179 are SQL injection, path traversal, and XSS vulnerabilities in the popular application, service, and network monitoring software Nagios XI.

Read Post
synopsys

BSIMM: Top five software security activities that create a better software security initiative

Oct 7, 2021 By Taylor Armerding In Synopsys

Looking to build trust in your software? Start with BSIMM12’s top five software security activities. For any organization looking to improve the security of its software, Building Security In Maturity Model (BSIMM) has dozens of options. Many dozens. The 12th iteration of the BSIMM report, released September 28, details 122 software security activities (also known as controls) that were observed in the 128 participating organizations.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.