Software Integrity

Today is International Women’s Day. The UN theme for 2017 is Empowering Women: Empowering Humanity #BeBoldForChange. What better way to celebrate it than by writing a blog post about the women of Synopsys who are achieving great success?! The women of Synopsys had a banner year. In 2016, we spoke at conferences across the world, […]

Continue Reading...

Synopsys Principal Security Consultant, Ksenia Dmitrieva-Peguero, recently posed the question at the information security conference, Securi-Tay: How secure is AngularJS? With seven years of experience in the AppSec space, and five years of software development experience, Ksenia’s current concentration centers on the analysis of JavaScript frameworks–researching their security implications, vulnerability discovery, and remediation. In her latest […]

Continue Reading...

Howard A. Schmidt, a friend to many in the security community, has died. A statement on his Facebook page says that he died today “in the presence of his wife and four sons … following a long battle with cancer.” Schmidt served as the White House Cybersecurity Advisor to Presidents Barack Obama and George W. […]

Continue Reading...

Synopsys has moved into the “Leaders” quadrant for Application Security Testing (AST) in a new report. Five of 18 vendors analyzed were named Leaders in 2017. This move comes shortly after the recent acquisition of Cigital and Codiscope.  “We believe Gartner recognizes the capabilities of the combined companies and the value that we provide to […]

Continue Reading...

In response to its haphazard patch release cycle in the late 1990s, Microsoft launched an every second-Tuesday-of-the-month “Patch Tuesday” program in 2004. Last week, on February 14 to be exact, Microsoft abruptly canceled its current monthly set of patches and said that its slate of new patches would return on March 14. The problem is […]

Continue Reading...

A researcher from Google disclosed on Thursday that private messages, API keys, and other sensitive data were being leaked by a major content delivery network to random requesters, a leakage that could affect up to 5.5 million websites. Like Heartbleed, which was co-discovered by the Synopsys team in Oulu, Finland, and Google in April 2014, […]

Continue Reading...

Welcome to the first part in our AngularJS Security Series. Here, we’ll discuss the various solutions to write more secure applications. Our goal is simple: to help developers better understand Angular and embrace the practice of writing more secure code. – Stephen Teilhet, Lewis Ardern, & David Johansson The AngularJS Module is the basic building block of […]

Continue Reading...

When it comes to software vulnerabilities, Dr. Jared DeMott knows his stuff. Formerly a vulnerability analyst with the National Security Agency (NSA), Dr. DeMott holds his Phd. from Michigan State University. He has been on three winning DEF CON capture-the-flag (CTF) teams and talks about his vulnerability research at conferences like DerbyCon, BlackHat, ToorCon, GrrCon, […]

Continue Reading...

Each year the Embedded World Exhibition and Conference in Nuremberg offers the embedded community an opportunity to gather information about new products and innovations, and to develop valuable contacts with others in the industry. An estimated 930 exhibitors will be presenting state-of-the-art embedded technologies at this year’s event. Embedded World Conference 2017 Join us in […]

Continue Reading...

We’re excited to announce a new addition to our eLearning library: Attack & Defense. What’s this course all about? Web applications are becoming an increasingly high-value target for hackers looking to make a quick buck, damage reputations, or just boost their “street cred.” There is no shortage of publicly known attack tools and techniques, and software developers are outnumbered at the […]

Continue Reading...