Sorry, not available in this language yet

Compliance

The road to software compliance, quality, and standards can be difficult to navigate. Read articles from Synopsys cyber security experts for guidance and best practices on getting your AppSec program on the right track.

Stories

Writers

Top Writers

Synopsys Editorial Team

Taylor Armerding

Phil Odence

Last Published

Jun 18, 2024/8 min read

SSDF BSIMM mapping updated for BSIMM14

By Mike Lyman

Tags: Program Strategy & Planning, Compliance, Manage Security Risks

Apr 20, 2024/5 min read

Building a software Bill of Materials with Black Duck

By Mike McGuire

Tags: SCA, Software Integrity, Secure the Software Supply Chain, Compliance

Dec 13, 2023/4 min read

Making intelligent tradeoffs in software due diligence

By Phil Odence

Tags: SCA, M&A, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance

Sep 08, 2023/2 min read

Black Duck audits reporting update: Streamlined view of risks and remediation steps

By Phil Odence

Tags: M&A, Software Integrity, Compliance

Aug 25, 2023/4 min read

The parallels of AI and open source in software development

By Phil Odence

Tags: M&A, Artificial Intelligence, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance

Aug 11, 2023/1 min read

The rise of AI in software development

By Phil Odence

Tags: M&A, Artificial Intelligence, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance

Jul 28, 2023/3 min read

Software due diligence for PE & VC investors

By Zvi Levitas

Tags: M&A, Software Integrity, Compliance, OSS License Compliance

Jul 14, 2023/2 min read

Why nontechnical organizations need due diligence

By Don Mulrenan

Tags: M&A, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance

Jun 08, 2023/4 min read

Software quality: Diligence prep for sellers

By Chris Boyd

Tags: M&A, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance

May 26, 2023/2 min read

Connecting the dots: Development + business risk + due diligence

By Phil Odence

Tags: M&A, Software Integrity, Compliance, Manage Security Risks, OSS License Compliance

Mar 07, 2023/2 min read

Secure software development for modern vehicles

By Dr. Dennis Kengo Oka

Tags: Software Integrity, Security News & Trends, Compliance, Automotive

Oct 25, 2022/6 min read

New government directives and persistent threats reinforce urgency of securing software

By Synopsys Editorial Team

Tags: Software Integrity, Compliance, Public Sector

Aug 28, 2022/4 min read

Synopsys and the new Automated Source Code Data Protection Measure have you covered

By Charlotte Freeman

Tags: Software Integrity, Security News & Trends, Compliance

May 18, 2022/5 min read

Tech tales: Achieving PCI compliance with application security testing

By Chai Bhat

Tags: Software Integrity, Financial Services, Compliance, Pen Testing, Manage Security Risks

Apr 05, 2022/1 min read

AppSec Decoded: Is an SBOM a silver bullet for software supply chain security?

By Synopsys Editorial Team

Tags: SCA, Software Integrity, Secure the Software Supply Chain, Compliance

Mar 14, 2022/7 min read

NIST provides recommended criteria for cybersecurity labeling for consumer software and IoT products

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, Internet of Things

Feb 14, 2022/3 min read

What the cybersecurity executive order means for the private sector

By Mike McGuire

Tags: Software Integrity, Compliance, Public Sector

Dec 20, 2021/1 min read

AppSec Decoded: A proactive approach to building trust in your software supply chain

By Synopsys Editorial Team

Tags: Software Integrity, Secure the Software Supply Chain, Compliance, Public Sector

Dec 15, 2021/8 min read

Detecting Log4j (Log4Shell): Mitigating the impact on your organization

By Michael White

Tags: SCA, Software Integrity, Compliance, SAST

Oct 24, 2021/8 min read

How to cybersecurity: Heartbleed deep dive

By Jonathan Knudsen

Tags: Software Integrity, Compliance

Jul 28, 2021/1 min read

AppSec Decoded: New executive order changes dynamic of software security standards

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Build Security into DevOps, Secure the Software Supply Chain, Compliance, Manage Security Risks, Public Sector

Jul 19, 2021/4 min read

Practical solutions for a secure automotive software development process following ISO/SAE 21434

By Dr. Dennis Kengo Oka

Tags: Software Integrity, Build Security into DevOps, Compliance, Automotive

Jun 14, 2021/4 min read

Data privacy laws drive urgency to create a data security strategy

By Anna Chiang

Tags: Software Integrity, Compliance, Manage Security Risks

Jun 10, 2021/6 min read

How to achieve MISRA and AUTOSAR coding compliance

By Dr. Dennis Kengo Oka

Tags: Software Integrity, Build Security into DevOps, Compliance, Automotive

Jun 07, 2021/1 min read

CyRC Vulnerability Advisory: Denial of service vulnerabilities in RabbitMQ, EMQ X, and VerneMQ

By Jonathan Knudsen

Tags: Software Integrity, Fuzzing, Security News & Trends, Compliance, CyRC

May 25, 2021/4 min read

A CISO’s guide to sensitive data protection

By Anna Chiang

Tags: Software Integrity, Compliance, Manage Security Risks

May 12, 2021/4 min read

Cybersecurity Executive Order requires new software security standards

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Compliance, Public Sector

Mar 28, 2021/2 min read

Synopsys CyRC named a CVE Numbering Authority

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Program Strategy & Planning, Compliance, CyRC

Jan 26, 2021/7 min read

Securing your code: GDPR best practices for application security

By Taylor Armerding

Tags: Software Integrity, Program Strategy & Planning, Compliance, AppSec Best Practices, Manage Security Risks

Dec 16, 2020/2 min read

CyRC analysis: Authentication bypass vulnerability in Bouncy Castle

By Synopsys Cybersecurity Research Center

Tags: Software Integrity, Security News & Trends, Compliance, CyRC

Nov 17, 2020/3 min read

Automotive threat analysis and risk assessment method

By Jacob Wilson

Tags: Software Integrity, Compliance, Manage Security Risks, Automotive

Nov 04, 2020/4 min read

Cyber security assurance levels in the automotive supply chain

By Jacob Wilson

Tags: Software Integrity, Compliance, Manage Security Risks, Automotive

Oct 28, 2020/5 min read

CyRC analysis: Circumventing WPA authentication in wireless routers with Defensics fuzz testing

By Tuomo Untinen, Kari Hulkko

Tags: Software Integrity, Fuzzing, Security News & Trends, Compliance

Oct 11, 2020/3 min read

Are you ready for ISO SAE 21434 Cybersecurity of Road Vehicles?

By Jacob Wilson

Tags: Software Integrity, Compliance, Manage Security Risks, Automotive

Sep 17, 2020/5 min read

MITRE releases 2020 CWE Top 25 most dangerous software weaknesses

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, AppSec Best Practices

Aug 02, 2020/12 min read

Apache Struts research at scale, Part 3: Exploitation

By Christopher Fearon

Tags: Software Integrity, Security News & Trends, Compliance, CyRC

May 05, 2020/4 min read

3 ways to boost your security with role-based security compliance training

By Synopsys Editorial Team

Tags: Software Integrity, Build Security into DevOps, Compliance, AppSec Best Practices, Training

Apr 27, 2020/15 min read

CyRC analysis: CVE-2020-7958 biometric data extraction in Android devices

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Compliance, CyRC

Mar 31, 2020/3 min read

What is the Ghostcat vulnerability (CVE-2020-1938)?

By Tanay Sethi

Tags: SCA, Software Integrity, Security News & Trends, Compliance

Mar 10, 2020/7 min read

Apache Struts research at scale, Part 2: Execution environments

By Christopher Fearon

Tags: Software Integrity, Security News & Trends, Compliance, CyRC

Feb 19, 2020/6 min read

Want to comply with privacy laws? Start with security

By Taylor Armerding

Tags: Software Integrity, Program Strategy & Planning, Compliance, Manage Security Risks, Public Sector

Dec 10, 2019/7 min read

Cost of data breaches in 2019: The 4 worst hits on the corporate wallet

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, Public Sector

Oct 24, 2019/11 min read

Apache Struts research at scale, Part 1: Building 115 versions of Struts

By Christopher Fearon

Tags: Software Integrity, Security News & Trends, Compliance, CyRC

Oct 09, 2019/8 min read

Best practices for secure application development

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, AppSec Best Practices

Sep 26, 2019/2 min read

Coverity release ties in well to the latest MITRE CWE Top 25

By Synopsys Editorial Team

Tags: SCA, Software Integrity, Security News & Trends, Compliance, SAST

Sep 10, 2019/7 min read

Awash in regulations, companies struggle with compliance

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, Public Sector

Jul 30, 2019/7 min read

Apollo 11 software lessons still relevant today

By Taylor Armerding

Tags: Software Integrity, Compliance, Manage Security Risks, Public Sector

Jul 16, 2019/5 min read

Securing software development: NIST joins the parade

By Taylor Armerding

Tags: Software Integrity, Program Strategy & Planning, Compliance, Manage Security Risks

Jun 10, 2019/8 min read

Ask the Experts: Should the US have a data privacy law similar to GDPR?

By Synopsys Editorial Team

Tags: Software Integrity, Compliance, Manage Security Risks, Public Sector

Apr 18, 2019/2 min read

Are you making these software standards compliance mistakes?

By Synopsys Editorial Team

Tags: Software Integrity, Compliance, Manage Security Risks

Nov 28, 2018/5 min read

Hard questions raised when a software ‘glitch’ takes down an airliner

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, Public Sector

Nov 15, 2018/6 min read

WPA2 encryption bypass: Using Defensics to uncover behavioral vulnerabilities

By Tuomo Untinen

Tags: Software Integrity, Fuzzing, Build Security into DevOps, Compliance

Nov 14, 2018/1 min read

CyRC Vulnerability Advisory: CVE-2018-18907 authentication bypass vulnerability in D-Link DIR-850L wireless router

By Synopsys Cybersecurity Research Center

Tags: Software Integrity, Fuzzing, Security News & Trends, Compliance

Nov 14, 2018/5 min read

Don’t expect jailed CEOs, but Wyden at least puts consumer privacy on the table

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, Public Sector

Jul 31, 2018/2 min read

LifeLock lesson—Third party security is your security

By Tim Mackey

Tags: Software Integrity, Security News & Trends, Secure the Software Supply Chain, Compliance

Apr 12, 2018/2 min read

Data breaches and more data breaches—oh my!

By Tim Mackey

Tags: Software Integrity, Security News & Trends, Compliance

Mar 16, 2018/6 min read

Still just recommendations, not regulation, for IoT security

By Taylor Armerding

Tags: Software Integrity, Security News & Trends, Compliance, Internet of Things, Public Sector

Jan 18, 2018/6 min read

The Data Protection Directive versus the GDPR: Understanding key changes

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Compliance

Jan 08, 2018/4 min read

What does GDPR enforcement mean for your business?

By Stephen Gardner

Tags: Software Integrity, Security News & Trends, Compliance

Mar 26, 2017/4 min read

Does software quality equal software security? It depends

By Synopsys Editorial Team

Tags: SCA, Software Integrity, Fuzzing, Compliance, Manage Security Risks

Jan 31, 2017/3 min read

An overview of open standards for IoT communication protocols

By Synopsys Editorial Team

Tags: Software Integrity, Compliance, Internet of Things

Nov 28, 2016/4 min read

5 reasons to use third-party authentication instead of creating your own

By Synopsys Editorial Staff

Tags: Software Integrity, Build Security into DevOps, Compliance, SAST

Sep 24, 2016/1 min read

AAMI TIR57 recognized by the FDA as a foundational cybersecurity standard for medical devices

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Compliance, Medical Devices

Sep 15, 2016/1 min read

Software testing included in final ISA / IEC 62443-4-1

By Synopsys Editorial Team

Tags: Software Integrity, Security News & Trends, Compliance

May 28, 2014/3 min read

Standard versus proprietary security protocols

By Chandu Ketkar

Tags: Software Integrity, Compliance, Mobile, Manage Security Risks, Internet of Things

Jan 20, 2014/2 min read

SHA2 ‘vs.’ SHA1

By John Steven

Tags: Software Integrity, Program Strategy & Planning, Build Security into DevOps, Compliance

Stories

Writers

Top Writers

Synopsys Editorial Team

Taylor Armerding

Phil Odence

Last Published