Software Integrity

Archive for July 2016

 

Synopsys Supports Presidential Policy Directive 41

New presidential directive outlines threat response and asset response activities and could be enhanced with use of the Synopsys Software Integrity Platform that includes AbuseSA, as well as Coverity, Defensics, Protecode, and Seeker. On Tuesday, the White House published the Presidential Policy Directive-41 (PPD-41) on United States Cyber Incident Coordination. Essentially it establishes a Cyber […]

Continue Reading...

Posted in Seeker | Comments Off on Synopsys Supports Presidential Policy Directive 41

 

Checklist: Take Control of Your Risk Management Process

The power of threat modeling is that it makes you think about your system’s specific characteristics. It allows you to gain visibility around weaknesses that pose significant impact to your entire organization. This checklist explores four key ways to use threat modeling to avoid sink holes in your risk management process. Identify threats that exist […]

Continue Reading...

Posted in Security Risk Assessment, Software Security Testing, Threat Modeling | Comments Off on Checklist: Take Control of Your Risk Management Process

 

How Effective Are Your Software Security Metrics?

Many firms present metrics in a vastly oversimplified way, calculating too few measurements to share. Many other firms barrage the audience with a variety of highly detailed metrics. This often overwhelms the reader. Both approaches are weak. If you want to share key software security metrics, it’s critical to focus on the impact that the metrics […]

Continue Reading...

Posted in Application Security, Security Conference or Event, Security Metrics | Comments Off on How Effective Are Your Software Security Metrics?

 

Synopsys Finds 460 Software Vulnerabilities in Hospital Information System

On Thursday researchers Mike Ahmadi of Synopsys and Billy Rios of Whitescope disclosed 460 vulnerabilities in Philips Xper Connect, an optional bidirectional hospital information system (HIS) interface. 272 of these vulnerabilities they said are present in 5 software packages present in the Xper-IM Connect system software. 188 of the vulnerabilities are associated with Windows XP […]

Continue Reading...

Posted in Medical Device Security | Comments Off on Synopsys Finds 460 Software Vulnerabilities in Hospital Information System

 

CodenomiCON 2016 Brings Elite Hackers Together in Las Vegas

Once again Synopsys will host an elite group of cybersecurity professionals during Black Hat for an evening of thought leadership, networking, and entertainment. For the past half dozen years, CodenomiCONs have been held the evening before the start of the Black Hat briefings during the Black Hat conference. This year’s 8th annual CodenomiCON will be […]

Continue Reading...

Posted in Automotive Security, Internet of Things, Medical Device Security, Security Standards and Compliance | Comments Off on CodenomiCON 2016 Brings Elite Hackers Together in Las Vegas