Watch the video to learn the importance of a holistic AppSec approach, the crucial role an IAST solution plays in DevSecOps, and more.

In this episode of AppSec Decoded—the first of two conversations on the “Software Vulnerability Snapshot” report— we discuss the research and purpose behind the report.

Learn more about Synopsys Software Integrity: https://www.synopsys.com/software-integrity.html
Subscribe: https://www.youtube.com/synopsys
Follow Synopsys on Twitter: https://twitter.com/sw_integrity

Understand what steps your organization needs to take now to prepare for the upcoming patch to address OpenSSL’s critical security vulnerability on Nov 1.

In this episode of AppSec Decoded, recorded live at RSA 2022 in San Francisco, cybersecurity experts Natasha Gupta, security solutions manager at Synopsys, and Taylor Armerding, security advocate at Synopsys, discuss pandemic-accelerated improvements in DevSecOps.

Synopsys Code Sight plug-in lets you perform fast, deep SAST directly within your IDE. With Rapid Static Scan, you can find vulnerabilities in the IDE and confirm security fixes in real-time as you code, avoid late stage fixes, and more.

The Synopsys Code Sight IDE plugin helps developers and software engineers produce secure software without changing their workflows or leaving the IDE. Analyze code as you write it, find code quality and security issues, detect vulnerabilities in open source components and dependencies, and get fix recommendations. Code Sight is available for popular IDEs right from the marketplace.

In this second of two episodes of AppSec Decoded, recorded live at RSA 2022 in San Francisco, Tim Mackey, principal security strategist within the Synopsys Cybersecurity Research Center, and Taylor Armerding, security advocate at Synopsys, continue their conversation on how the guidance from NIST can help any organization.

In this first of two episodes of AppSec Decoded, recorded live at RSA 2022 in San Francisco, Tim Mackey, principal security strategist within the Synopsys Cybersecurity Research Center, and Taylor Armerding, security advocate at Synopsys, discuss the overall focus of that guidance: How to build processes and programs around risk-based principles.

Jonathan Knudsen, head of global research at the Synopsys Cybersecurity Research Center (CyRC), talks with Taylor Armerding, security advocate at Synopsys, about CyRC’s major annual reports, including the “Open Source Software and Risk Analysis”(OSSRA) report, which uses anonymized data from M&A audits to develop a profile of how much open source is in the software ecosystem, how organizations are using it, and whether they’re keeping it up-to-date.