It is a time of ghouls, mischievous spirits and David S. Pumpkins. In the spirit of Halloween, here are the top five scariest limitations of software composition analysis (SCA) tools that are enough to send shivers down your spine. Read on … if you dare! 1. SCA Scans Only Your Application Code SCA’s scope is […]
Synopsys Sets Course After Agreeing to Acquire WhiteHat Security
Synopsys, Inc. plans to add dynamic application security testing (DAST) tools to its software-as-a-service (SaaS) platform in the wake of agreeing to acquire WhiteHat Security from NTT Security Corp. for approximately $330 million in cash. Jason Schmitt, general manager of the Software Integrity Group at Synopsys, said the DAST tools developed by WhiteHat will complement […]
How DevSecOps Teams Can Level Up
In 2019, I wrote a post detailing the traits of DevSecOps—the practice can be defined as the process of security automation in which IT and security are more de-siloed. DevSecOps introduces a more intentional culture wherein security-by-design principles are baked into the software development process early on. All in all, the aim is to have […]
Securing Software with Intelligent Pipelines
One of the biggest cybersecurity risks involves vulnerabilities in the application layer. After all, the best firewall is useless if the web application itself is vulnerable. Many companies have worked to mitigate these risks by investing in their AppSec programs. According to a recent whitepaper written by ESG (commissioned by Synopsys), 71% of companies surveyed now use […]
What Is AppSec? An Overview
An estimated 84% of security incidents happen at the application layer. And, with the number of cybersecurity threats steadily rising year-over-year, application security (AppSec) has become absolutely essential. Application security refers to finding, fixing and preventing cybersecurity vulnerabilities throughout the entire development life cycle. By enforcing application security measures, you are able to ensure that […]