Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

TECH DIGITAL RESOURCE LIBRARY

Synopsys, Inc


Latest Content From Synopsys, Inc

E-Book: Are SAST Tools Glorified Grep?

by Synopsys, IncJan 15, 2020

Even with a strong architecture and design, application code can still harbor vulnerabilities. Developers can make unintentional mistakes. Teams can also take shortcuts to achieve milestones or enhanced functionalities.

Static application security testing (SAST) is a form of white box testing that discovers such vulnerabilities in an application's code. Using SAST tools to identify bugs early in the development life cycle reduces the time and cost of remediation.

This resource takes a deeper look into the common question of whether SAST tools do more than simple pattern matching—and the many types of analysis a good SAST tool can provide.

DOWNLOAD THE COMPLETE EBOOK TO:

  • Compare the strengths and weaknesses of SAST tools.
  • Visualize where SAST fits into the software development process.
  • Learn about the different types of SAST tool analysis engines and how to lay the foundations for success.

E-Book: Building security into the DevOps life cycle

by Synopsys, IncJan 15, 2020

The primary goal when breaking the build in the CI/CD DevOps life cycle is to treat security issues with the same level of importance as quality and business requirements. If quality or security tests fail, the continuous integration server breaks the build.

When the build breaks, the CI/CD pipeline also breaks. Based on the reason for the broken build, appropriate activities such as architecture risk analysis (ARA), threat modeling, or a manual code review are triggered.

ENSURE THAT YOUR DEVOPS SECURITY STRATEGY IS ON THE RIGHT TRACK

This eBook provides actionable insight into:

  • Building security into your DevOps SDLC
  • Understanding the relationship between security and quality in the CI/CD pipeline
  • Coordinating various teams to ensure that the process is well defined, tools are properly configured, and developers are ready to resolve issues when the build breaks

E-Book: How to Navigate the Intersection of DevOps and Security

by Synopsys, IncJan 15, 2020

As organizations embrace DevOps, developers and operations work closely together to push new software out rapidly, while improving the quality and making customers happy. However, with speed comes risk. How can these teams build security into their new DevOps culture to ensure secure, high-quality software?

This eBook provides actionable insight into:

  • What DevOps is and how security fits in
  • The tools you need to implement DevSecOps
  • How to train your team in the culture of DevSecOps