Topic: synopsys

Development today: Short-term benefits, long-term risks.

For all the talk of server and network security, the fact remains that applications are among the main attack vectors leveraged by bad actors. This is so because development teams are focused on delivering new functionality and features as quickly as possible. They are not usually trained in security practices, and often have little desire … continue reading

SBOMs can help ensure software integrity

To secure the software in your supply chain, there’s a lot of hype today about the need for an SBOM (software bill of materials). But what does that really mean for development teams today? BOMs have been used for years by organizations; they are a list of the raw materials, sub-assemblies, intermediate assemblies, sub-components, parts, … continue reading

Asking developers to do security is a risk in itself without training

As the pace and complexity of software development increases, organizations are looking for ways to improve the performance and effectiveness of their application security testing, including “shifting left” by integrating security testing directly into developer tools and workflows. This makes a lot of sense, because defects, including security defects, can often be addressed faster and … continue reading

SD Times news digest: Tricentis acquires Testim; SmartBear releases Bugsnag updates; TigerGraph to launch “Graph for All Million Dollar Challenge”;

Tricentis, an organization focused on test automation for modern cloud and enterprise applications, today announced that it has acquired the AI-based SaaS test automation platform, Testim. This combination is aimed to simplify Tricentis’ test automation, allowing users to more easily create end-to-end tests. “We are very excited to join Tricentis,” said Oren Rubin, founder and … continue reading

Report: Companies prioritize securing open-source components in modern software

The rapid adoption of the cloud has led companies to increasingly secure open-source components in modern software.  The newly released 12th Building Security In Maturity Model (BSIMM12) report found a 61% increase in software security groups’ identification and management of open source over the past two years.  The report was created by Synopsys, a company … continue reading

Reducing friction between dev and app sec teams is key

As developers begin to be responsible for more and more elements beyond just coding, having tools take some of the burden off them will become important. Developers are now expected to become security experts, and while it’s important to know the basics such as how to write secure code, there also becomes a dependence on … continue reading

SD Times news digest: DataRobot to acquire Algorithmia, Synopsys announces Rapid Scan, Thundra announces Foresight CI Observability Tool

DataRobot announced that it’s acquiring the MLOps platform Algorithmia to deepen its capabilities to unlock value from AI through better, faster, frictionless solutions for every part of the modern enterprise. “We understand that businesses cannot get the value of their ML models unless they have the ability to deliver those models quickly, reliably, and at … continue reading

DevOps requires a modern approach to application security

Time to market is a key indicator today of business success, and anything that impedes a business’ ability to move fast needs to be addressed. While there have been a number of efforts to automate and integrate security into the application development process, it continues to be a hindrance to many organizations.  Organizations are still … continue reading

Putting developers into application security

Making security easy for developers, in their preferred tools, while still generating reports for the CISO is a challenge many organizations face today, when the reality is that late-stage security approaches can’t plug vulnerabilities deep within applications. Yet putting the onus squarely on developers is a gamble, as many aren’t knowledgeable about certain kinds of … continue reading

SD Times news digest: GitLab.com transitions CDN to Cloudflare, LaunchDarkly raises $53 million, and Datadog launches partner network

GitLab.com has announced that it is changing its content delivery network to Cloudflare. Currently, they are using Fastly to serve content, but switching to Cloudflare will allow them to have a single vendor for CDN, WAF, and DDoS protection.   According to GitLab, this will only affect some GitLab.com users, not GitLab self-managed users. Affected users … continue reading

Report: BSIMM10 shows new wave of engineering-led software security in DevOps

The security aspect of DevOps is evolving as new data found a new wave of engineering-led software security efforts originating bottom-up in the development and operations teams rather than top-down from a centralized software security group (SSG).  Software security initiatives (SSIs) have identified a number of individuals (often developers, testers, and architects) who are invested … continue reading

Ensure security and quality at speed

Today’s companies must become software companies to keep pace with competitive pressures and customer demands. As organizations become increasingly software-enabled, their footprints are extending out to cloud environments and the Internet of Things (IoT), increasing application complexity and the associated risks. With Synopsys, software teams can avoid the usual trade-offs between faster time-to-market imperatives, security … continue reading

HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!