Synopsys

Preparing for critical libcurl and curl vulnerabilities (CVE-2023-38545)

Oct 9, 2023 By Mike McGuire In Synopsys

The maintainer and original author of curl, Daniel Stenberg, has taken to X (formerly Twitter) and LinkedIn to sound the alarm on what he refers to as “probably the worst security problem found in curl in a long time.” According to project maintainers, the fixed version, 8.4.0, is set to be released on Wednesday, October 11.

Read Post

Synopsys

Read more about Preparing for critical libcurl and curl vulnerabilities (CVE-2023-38545)

Find open source vulnerabilities in containers with Black Duck Binary Analysis | Synopsys

Oct 6, 2023 By Synopsys In Synopsys

Discover how to identify open source components and vulnerabilities in various software binaries including container images, mobile apps, and embedded software with Black Duck Binary Analysis What’s covered?

View Video

Synopsys

Read more about Find open source vulnerabilities in containers with Black Duck Binary Analysis | Synopsys

Track and manage open source risks across your application portfolio with Black Duck SCA | Synopsys

Oct 6, 2023 By Synopsys In Synopsys

Learn how your security teams can take a proactive approach to managing open-source risk using Black Duck. Join us as we explore the process of analyzing scan results, addressing new CVEs, and prioritizing remediation efforts.

View Video

Synopsys

Read more about Track and manage open source risks across your application portfolio with Black Duck SCA | Synopsys

Handling Unsafe External APIs with Seeker | Synopsys

Oct 6, 2023 By Synopsys In Synopsys

Learn how Seeker’s new consumption of external APIs feature helps users discover vulnerabilities caused by the untrusted data from external 3rd party API calls. This capability allows AppSec teams to comply and address API10:23 on OWASP API Security Risks 2023 list.

View Video

Synopsys

Read more about Handling Unsafe External APIs with Seeker | Synopsys

Black Duck Security Advisories - Deeper more actionable insights than CVEs | Synopsys

Oct 5, 2023 By Synopsys In Synopsys

Explore how Synopsys conducts independent research to issue Black Duck Security Advisories (BDSAs), providing more in-depth vulnerability data related to open source components.

View Video

Synopsys

Read more about Black Duck Security Advisories - Deeper more actionable insights than CVEs | Synopsys

Find secure, compliant, and high-quality OSS components with Black Duck SCA | Synopsys

Oct 5, 2023 By Synopsys In Synopsys

In this video, we take you on a tour through Black Duck’s SCA tool to show you how you can find and select the most high-quality open-source components for your applications. Key Highlights: Ready to save time and innovate with confidence? Visit synopsys.com/blackduck to learn more about obtaining visibility into component health and viability.

View Video

Synopsys

Read more about Find secure, compliant, and high-quality OSS components with Black Duck SCA | Synopsys

Build an SBOM in under 30 seconds with Black Duck SCA | Synopsys

Oct 5, 2023 By Synopsys In Synopsys

In this video, we show you how easy it is to create an open source Software Bill of Materials (SBOMs) using Black Duck. Join us as we demonstrate how to effortlessly generate an SBOM in under 30 seconds, empowering enterprise teams to prioritize SBOM creation.

View Video

Synopsys

Read more about Build an SBOM in under 30 seconds with Black Duck SCA | Synopsys

XML external entity injection vulnerability in OpenNMS

Oct 4, 2023 By Synopsys Editorial Team In Synopsys

OpenNMS is a Java language open source network monitoring platform. The OpenNMS platform monitors some of the largest networks in the Fortune 500, covering the healthcare, technology, energy, finance, government, education, retail, and industrial sectors, many with tens of thousands of networked devices.

Read Post

Synopsys

Read more about XML external entity injection vulnerability in OpenNMS

Synopsys Joins The Dark Reading Newsdesk at Black Hat USA | Synopsys

Oct 2, 2023 By Synopsys In Synopsys

Learn more about Synopsys Software Integrity: https://www.synopsys.com/software-integrity.html
Subscribe: https://www.youtube.com/synopsyssoftwareintegrity
Follow Synopsys on Twitter: https://twitter.com/SynopsysAppsec

View Video

Synopsys

Read more about Synopsys Joins The Dark Reading Newsdesk at Black Hat USA | Synopsys

Accelerate modern development with Polaris pull request comments support | Synopsys

Sep 27, 2023 By Synopsys In Synopsys

Integrate seamlessly into your SCM and DevOps pipelines. Learn how teams can effortlessly provide automatic feedback on new issues, without slowing down workflows. With Polaris in your pipelines, access both SAST and SCA findings directly within GitHub as comments on pull requests. Streamline triage, audit, policy, and reporting—all conveniently stored in Polaris.

View Video

Synopsys

Read more about Accelerate modern development with Polaris pull request comments support | Synopsys

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Synopsys

Preparing for critical libcurl and curl vulnerabilities (CVE-2023-38545)

Find open source vulnerabilities in containers with Black Duck Binary Analysis | Synopsys

Track and manage open source risks across your application portfolio with Black Duck SCA | Synopsys

Handling Unsafe External APIs with Seeker | Synopsys

Black Duck Security Advisories - Deeper more actionable insights than CVEs | Synopsys

Find secure, compliant, and high-quality OSS components with Black Duck SCA | Synopsys

Build an SBOM in under 30 seconds with Black Duck SCA | Synopsys

XML external entity injection vulnerability in OpenNMS

Synopsys Joins The Dark Reading Newsdesk at Black Hat USA | Synopsys

Accelerate modern development with Polaris pull request comments support | Synopsys

Monthly Archive

Follow Us