Synopsys acquires Black Duck Software

Synopsys officially announced the acquisition of Black Duck Software this week. The companies first entered into an agreement that would enable Synopsys to acquire Black Duck early last month. According to Synopsys, the acquisition of Black Duck will help provide its customers with visibility into open source software. Black Duck provides automated solutions that detect … continue reading

Synopsys to acquire Black Duck Software

Synopsys and Black Duck Software have signed an agreement that will allow Synopsys to acquire Black Duck for approximately $565 million. Black Duck is known for its open source security and license management solutions. The acquisition is expected to close in December of this year. The transaction will be subject to Hart Scott Rodino regulatory … continue reading

Report: Open source software projects are maturing

Electronic design automation company Synopsys released the findings of its 2017 Coverity Scan Report, which shows an increased of “project maturity” in the over 4,600 open source software projects analyzed based on certain secure development strategies. The 20-page report outlines Synopsys’s method of gathering user-submitted projects, encompassing approximately 760 million lines of code, and analyzing … continue reading

SD Times 2017 Testing Showcase

Continuous testing. Automated testing. Artificial testing. Service virtualization. Test-driven development. These are among the many technologies available to organizations looking to bring their testing up to the speed of software development. Ensuring quality can no longer be the drag on software deployment, if businesses want to stay competitive and be able to take advantage of … continue reading

Building application security in from start to finish

Building end-to-end security into the software development process from the requirements phase through code delivery to production, is easier said than done. Often companies only run a few security tests and activities. That’s no longer good enough. In today’s environment it’s necessary to use multiple techniques to scour the entire software development lifecycle (SDLC) from … continue reading

New security data from Synopsys, cloud trends from DigitalOcean and a new APM tool from ZeroTurnaround — SD Times News Digest: September 21, 2017

Synopsys releases BSIMM8 Electronic design automation company Synopsys has released the latest version of their software security maturity model, BSIMM8, which includes data collected from 109 firms and describes the work of nearly 5,000 software security professionals. Findings of the survey show a clear trend of improvement, with companies seeing an average score increase between … continue reading

Fuzz testing finds industries left vulnerable by unsecured software

There are potential zero day exploits in the open source protocols and common file formats across six specific industries, according to Synopsys’ State of Fuzzing 2017 report. This includes the automotive, finance, industrial control systems, Internet of Things (IoT), government, and medical fields. The report stems from more than 4.8 billion fuzz tests conducted by Synopsys’ customers … continue reading

Microsoft AI

Microsoft Research AI, Synopsys’ Software Integrity Platform, and Apache Struts 2.5.12 — SD Times news digest: July 13, 2017

Microsoft is continuing to commit resources to artificial intelligence research with the announcement of a new organization. Microsoft Research AI is a research and incubation hub for tackling AI’s most difficult challenges, and reuniting the fields of machine learning, perception and natural language processing. “As AI moves from research to product, we are maintaining our … continue reading

Synopsys calls for removal, replacement of OWASP Top 10-A7

This year, the Open Web Application Security Project (OWASP) released its Top 10 2017 project for public review. There were two vulnerability updates to this year’s 14th release of OWASP, and although they were added to raise awareness on security risks in applications, one company is calling a movement for removal and replacement of one … continue reading

What is the WannaCry ransomware, and why should organizations be concerned?

There’s a new ransomware attack that has affected several organizations globally, and although it’s slow-moving, security experts are urging companies to keep their antivirus programs up-to-date, as well as their software. The ransomware — dubbed WannaCry (WanaCrypt0r 2.0/WCry) — has hit Britain’s National Health Service, some of Spain’s big companies, and has spread across Russia, … continue reading

man on a computer

Free learning resources and tools for security savvy developers

Developers will never be responsible for all of security in an organization, but if they keep up with best practices, resources, and find new ways to secure and deliver good code, they could play a key role in developing resilient software. Today, most firms have a software security group (or SSG) or a product security … continue reading

Slack introduces Threads, Realm Mobile Platform reaches v1.0, and CA Technologies officially acquires Automic—SD Times news digest: Jan. 19, 2017

Slack has introduced a much-sought-after feature today called Threads, which lets users reply to messages, organize discussions and manage their conversations. According to Paul Rosania, a member of the core product team at Slack, the company was trying to implement a feature that would group conversations in a channel to make it clear which message … continue reading

Next Page »
HTML Snippets Powered By : XYZScripts.com