From vulnerability detection to API security, these nine topics hit the highlights from our coverage of software security and quality this year.
1. The year 2017 broke records for the number of reported security vulnerabilities in software. We also saw one of the worst data breaches ever in terms of impact. At the end of 2017, we looked back at some of the security news over the year and evaluated how our predictions panned out. We also made some predictions for 2018.
2. Application security gets all the press, but vulnerable APIs can expose your data to anyone who knows how to ask for it. API security starts with the basics. Synopsys senior InfoSec writer Taylor Armerding explores why it’s past time to pay attention to API security.
3. We sat down with Dr. Gary McGraw, Synopsys VP of security technology, to discuss his latest research effort. In addition to publishing the annual Building Security In Maturity Model (BSIMM) report, McGraw has set out to identify the ways in which CISOs approach their job role with the 2018 CISO Report.
6. Consider the 23 versions of Struts discovered by the Synopsys Cybersecurity Research Center to be vulnerable to CVE-2018-11776, and ask yourself: “How am I protecting my code if I don’t have Black Duck Security Advisories?”
7. Were you lucky enough to attend this year’s FLIGHT East? If so, you heard about tips, techniques, applications, and solutions to deliver secure, high-quality software at the speed of DevOps. But if you couldn’t attend FLIGHT East 2018, here’s the next best thing: Many of the presentations are now online.
8. Finding the perfect IAST solution for your organization’s needs can be difficult. Here’s a checklist of 8 must-have features for any good IAST tool.
*** This is a Security Bloggers Network syndicated blog from Software Integrity Blog authored by Fred Bals. Read the original post at: https://www.synopsys.com/blogs/software-security/9-highlights-2018-software-integrity-blog/