Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Configure security tools for effective DevSecOps

Managing security vulnerabilities and false positives is a challenge in today’s DevSecOps environment. Configure the right tools correctly to avoid overload. To do a job well, you need the right tools. But it’s just as important—perhaps even more so—to use those tools correctly. A hammer will make things worse in your construction project if you’re trying to use it as a screwdriver or a drill. The same is true in software development.

AppSec Decoded: The consequences of insecure IoT devices

Watch the latest video in our AppSec Decoded series to learn why manufacturers should consider building security into their IoT devices. Application Security Decoded: Manufacturers should build security into their IoT devices | Synopsys - YouTube An error occurred. Try watching this video on www.youtube.com, or enable JavaScript if it is disabled in your browser.

20/20 hindsight shows that foresight wasn't 20/20

In a year marked by unprecedented challenges, we revisit the 2020 cyber security predictions to see which projections held up and which ones didn’t. ’Tis the season. No, we’re not talking about the holidays—Thanksgiving, Hanukkah, Kwanzaa, Christmas, and others. In the world of cyber, ’tis the season for speculation. Every year around this time, experts dust off their crystal balls and tell us what to expect in the coming year.

Automotive threat analysis and risk assessment method

The TARA method provides risk evaluation, assessment, treatment, and planning for identified risks. Learn how to apply this method to the ISO SAE 21434 standard. In our earlier blog posts we covered the ISO SAE 21434 standard, including the organizational cyber security plan as well as the cyber security assurance levels in depth. We will now look at the impact calculation and detailed threat analysis and risk assessment (TARA) coverage within this new standard.

Can your security keep pace in a DevOps environment?

There’s a growing need for both security and speed in application development. DevSecOps introduces security earlier in the SDLC to ensure secure code. Comparing the speed of software development today to even just a decade ago is a bit like comparing a bullet train to a bicycle. With CI/CD and DevOps now mainstream, it’s faster by orders of magnitude.

How to cyber security: Gotta go fast ... but why?

DevSecOps allows organizations to deliver applications at a high velocity using iteration and automation to better serve customers. Velocity is one of the pillars of DevSecOps. Through the magic of automation, DevSecOps teams can achieve impressively short timespans between when developers make changes in code and when those changes are deployed.

The roles and responsibilities that lead to better software security initiatives

If a project or initiative is going to be successful, it needs a plan spelling out what to do and how to do it. But that’s not enough. Somebody, or a group of somebodies, has to be in charge of getting it done. They have to own it. That’s the case with software security initiatives (SSIs), which are the focus of the Building Security In Maturity Model (BSIMM), the annual report by Synopsys.

Cyber security assurance levels in the automotive supply chain

With the ISO SAE 21434 standard for road vehicles coming soon, learn the role cyber security assurance levels play in your road vehicle safety program. Automotive cyber security standard ISO SAE 21434 specifies requirements for cyber security risk management of road vehicle electrical and electronic systems, including their components and interfaces. It covers engineering for concept, development, production, operation, maintenance, and decommissioning.