Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2023

synopsys

Consolidate insight to enhance risk management

Nov 27, 2023 By Shandra Gemmiti In Synopsys
As the digital revolution has unfolded, the dramatic increase in the amount of code written, borrowed, and bought means that the attack surface has also increased dramatically. Software proliferation creates challenges for teams that must keep up with innovation while also securing their software.
Read Post
synopsys

Audited vs. automated: What your automated open source tool isn't seeing

Nov 21, 2023 By Don Mulrenan In Synopsys
Black Duck® introduced the concept of managing open source, and the licensing and security risks that come with it, back in 2002. The process and the products have matured over the last two decades. Open source management has now become nearly as commonplace as source code control, whether development shops are using tools such as Black Duck or simply maintaining a spreadsheet of what is in their code.
Read Post

Consolidating risk visibility with Software Risk Manager | Synopsys

Nov 17, 2023 By Synopsys In Synopsys
Organizations use many AST tools to test software, across all stages of development, for different types of issues. However, these tools are often siloed, and security teams don’t have a way of summarizing the data they generate to understand what to prioritize, test, and fix. This has driven the evolution of Application Security Posture Management (ASPM) solutions which consolidate findings and centrally manage testing, security workflows, and risk visibility across all applications.
View Video
synopsys

Why cross-site scripting still matters

Nov 15, 2023 By Charlotte Freeman In Synopsys
As we go into 2024, many organizations are looking at their cybersecurity programs and considering how to allocate their application security testing resources. Although making sure that you’re allocating testing resources to OWASP top 10 vulnerabilities like cross-site scripting (XSS) may not feel innovative, it’s one of the best ways to ensure your organization’s security posture.
Read Post
synopsys

Software Vulnerability Snapshot Report Findings

Nov 14, 2023 By Fred Bals In Synopsys
Using anonymized data from three years of tests conducted on commercial software systems and applications, the recently published 2023 Software Vulnerability Snapshot report from Synopsys focuses on exposing persistent vulnerabilities that are significant challenges to web and software application security, including the top three vulnerability types related to.
Read Post
synopsys

Critical aspects of a secure software supply chain

Nov 7, 2023 By Mike McGuire In Synopsys
What do the Log4J zero-day vulnerability, the SolarWinds attack, and Alex Birsan’s hacking of Apple and Microsoft have in common? The answer is simple: software supply chain security. But while the answer may be simple, each example highlights a different aspect of software supply chain security.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.