Synopsys

synopsys

Neil Daswani talks about his big breaches book and the BSIMM

Dr. Neil Daswani, codirector of the Stanford Advanced Security Certification Program, is coauthor with Moudy Elbayadi of “Big Breaches: Cybersecurity Lessons for Everyone,” released last month by APress. He is also president of Daswani Enterprises, his security consulting and training firm.

synopsys

Integrating fuzzing into DevSecOps

Fuzzing helps detect unknown vulnerabilities before software is released. Learn when and where to integrate and automate fuzz testing in your SDLC. Fuzz testing is a highly effective technique for finding weaknesses in software. It’s performed by delivering malformed and unexpected inputs to target software while monitoring it to detect unwanted behavior and log failures.

synopsys

Don't be the weak link in your customers' supply chain security

To solve the supply chain security dilemma, producers must get back to security basics. Get best practices for securing your supply chain. Nobody wants to be known as the weak link in the chain—any chain. But too many organizations are at risk of being just that in the digital supply chain because they haven’t made the cyber security of their products a priority. The most recent evidence of that is the SolarWinds/Orion cyber attack that impacted more than 18,000 organizations.

synopsys

Medical device security in a pandemic world

The pandemic has put a lot of things on hold over the last year, but medical device security shouldn’t be one of them. The millions of medical devices that help keep people healthy—and in many cases keep them alive—have drawn mixed reviews from security experts since the internet happened. Even more so in the past year since the pandemic happened. There is just about unanimous agreement that the benefits of those devices outweigh the risks.

synopsys

Synopsys CyRC named a CVE Numbering Authority

As a CVE Numbering Authority, Synopsys can assign CVE ID numbers and publish newly discovered vulnerabilities. The Synopsys Software Integrity Group has been helping organizations find and fix vulnerabilities in their software for nearly a decade. And now it will be able to help them and the broader software industry even more.

synopsys

How to cyber security: Minimize risk and testing time with Intelligent Orchestration

Integrating AST tools into your CI/CD pipeline shouldn’t compromise your development velocity. Learn how Intelligent Orchestration can help. Sometimes it feels like software development is at the crux of the collision between an unstoppable force and an immovable object. The answer to putting security in every phase of development is partly process and partly automating and integrating security testing into the build and test phases of development.

synopsys

Hacking medical devices: Five ways to inoculate yourself from attacks

Healthcare companies must follow medical device security best practices to defend against attacks on devices and the networks and systems they connect to. It’s vital that healthcare companies follow medical device security best practices to defend against attacks on devices and the networks and systems they connect to—especially during a pandemic.

synopsys

WLAN under fuzzing with Defensics

A wireless LAN (WLAN), also commonly called Wi-Fi, is a wireless local area network defined in the various IEEE 802.11 standards and certified by Wi-Fi Alliance. WLAN capability used to be listed using the name of the IEEE standard amendment that it supports. Now the Wi-Fi Alliance uses generational numbering for corresponding technology support: Wi-Fi 4 (for devices implementing IEEE 802.11n), Wi-Fi 5 (IEEE 802.11ac), and Wi-Fi 6 (IEEE 802.11ax).