CVE-2022-39063 is a vulnerability in the Open5GS project, an open source implementation of 5G components. The Synopsys Cybersecurity Research Center (CyRC) has exposed a denial-of-service vulnerability in Open5GS. Open5GS is an open source project that provides LTE and 5G mobile packet core network functionalities with an AGPLv3 or commercial license. It can be used to build private LTE/5G telecom networks by individuals or telecom network operators.

Learn who needs open source audits, why you might need one, who and what is involved, and how an open source audit can help you in an M&A. If you’re part of a modern business that does any software development, your dev teams are using open source components to move quickly, save money, and leverage community innovation. If you’re a law firm or a consultant, your clients use open source.

Smart homes rely on secure devices. Fuzz testing identifies software vulnerabilities in smart devices by fuzzing wireless and IoT protocols.

A software Bill of Materials or SBOM provides transparency into an organization’s software, protecting it from supply chain risks. Just because the component you add to your application is secure today doesn’t mean that the application will still be secure tomorrow.

We break down the ASCDPM standard and how Synopsys application security testing tools can help customers implement this new guidance. In early August 2022, the Consortium for Information & Software Quality (CISQ) released a new specification, the Automated Source Code Data Protection Measure (ASCDPM). CISQ is an industry leadership group that develops international standards for automating the measurement of software size and structural quality from source code.

It’s critical for developers to understand basic security concepts and best practices to build secure applications. Software developers are creative problem solvers. Their job is to build functioning applications, and they deal with rapid changes—in technologies, tools, and programming languages—as the landscape evolves and the development velocity accelerates. A key part of the development process is ensuring that the products delivered meet user needs and the goals of the business.

Learn about API authentication and authorization best practices to ensure your APIs are secure. While we often use the terms interchangeably, authorization and authentication are two separate functions. Authentication is the process of verifying who a user is, and authorization is the process of verifying what they have access to.

Understanding the key aspects of software due diligence audits will help you know what to look for in a trusted M&A partner. At some level, the pitch for any software-related service is the same: We have the expertise to provide high-quality solutions to your challenging problems. Sometimes that expertise is “powered by” proprietary technology. That’s well-aligned to what prospective clients look for in most software service scenarios.