Monthly Archive

Synopsys to expand portfolio, SaaS offerings with WhiteHat Security acquisition

Apr 27, 2022 By Jason Schmitt In Synopsys

Synopsys has signed a definitive agreement to acquire WhiteHat Security, a market-segment leading provider of dynamic application security testing (DAST) solutions.

Read Post

Synopsys

Read more about Synopsys to expand portfolio, SaaS offerings with WhiteHat Security acquisition

CVE-2022-24814- Stored XSS In Directus | Synopsys

Apr 22, 2022 By Synopsys In Synopsys

Synopsys CyRC has identified a new vulnerability, CVE 2022-21484. Watch the video to understand how an attacker could exploit the Directus vulnerability and proper remediation efforts.

View Video

Synopsys

Read more about CVE-2022-24814- Stored XSS In Directus | Synopsys

GartnerMQ Leader Again 2022

Apr 21, 2022 By Synopsys In Synopsys

Synopsys is named a Leader in the 2022 Gartner Magic Quadrant for Application Security Testing for the 6th year in a row! Learn more: Synopsys.com/leader

View Video

Synopsys

Security

Read more about GartnerMQ Leader Again 2022

CyRC Vulnerability Analysis: CVE-2022-1271 in gzip, but it's not as bad as it sounds

Apr 19, 2022 By Jonathan Knudsen In Synopsys

CVE-2022-1271 is a new vulnerability affecting gzip, a widely used open source component for archiving, compressing, and decompressing files. CVE-2022-1271, also tracked in the Black Duck KnowledgeBase™ as BDSA-2022-0958, is a bug in gzip, a file format and software application used for archiving, compressing, and decompressing files.

Read Post

Synopsys

Read more about CyRC Vulnerability Analysis: CVE-2022-1271 in gzip, but it's not as bad as it sounds

CVE-2022-1271 - Improper Input Validation in Gzip | Synopsys

Apr 19, 2022 By Synopsys In Synopsys

Synopsys's Blackduck Open Source KnowledgeBase has identified a new vulnerability, CVE-2022-1271. Watch the video to understand whether your application uses gzip command and the remediation efforts.

View Video

Synopsys

Read more about CVE-2022-1271 - Improper Input Validation in Gzip | Synopsys

The 2022 Open Source Security and Risk Analysis (OSSRA) Report | Synopsys

Apr 12, 2022 By Synopsys In Synopsys

Marking the 7th edition this year of the 2022 OSSRA, herein, Synopsys analyzes vulnerabilities and license conflicts found in more than 2,400 codebases across 17 industries.

View Video

Synopsys

Read more about The 2022 Open Source Security and Risk Analysis (OSSRA) Report | Synopsys

CyRC Vulnerability Advisory: Stored XSS in Directus

Apr 11, 2022 By David Johansson In Synopsys

CVE-2022-24814 is a stored XSS vulnerability that can lead to account compromise in the admin application of Directus.

Read Post

Synopsys

Read more about CyRC Vulnerability Advisory: Stored XSS in Directus

What is the maturity level of your AppSec program?

Apr 6, 2022 By Taylor Armerding In Synopsys

Using the Forrester assessment, you can measure the maturity of your AppSec program to help identify areas for improvement. Any organization that wants to secure its software should make maturity of its AppSec program its holy grail. Maturity means making security the first thought, not an afterthought. It means embedding security into software throughout the development life cycle, not trying to patch it at the last minute before production.

Read Post

Synopsys

Read more about What is the maturity level of your AppSec program?

ApSsec Decoded: Is an "SBOM" a Silver Bullet for Software Supply Chain Security? | Synopsys

Apr 5, 2022 By Synopsys In Synopsys

In this episode of AppSec Decoded, we provide an overview of a software bill of materials (SBOM) in the context of software supply chain security. Explore the range of organizational challenges that stem from their SBOM.

View Video