-
Apr 16, 2024 | 
farrer.co.uk | Bethan Waters |Charlotte McGuinn Freeman
In recent years, we have seen lenders in the English private banking market increasingly showing an appetite for taking security over artworks. Once it has been established that English law is applicable (see below), there are several legal and practical issues which should be considered before entering into security over artworks, including those set out below. This article covers the key points to consider when taking such security.
-
Apr 8, 2024 | 
synopsys.com | Charlotte McGuinn Freeman |John Waller |Fred Bals |Tim Mackey
Enterprise organizations face big challenges in managing software application risk at scale. With hundreds of developers working on thousands of applications across numerous business units, the complexity of ensuring security throughout the software development life cycle (SDLC) is staggering.
-
Feb 7, 2024 | 
synopsys.com | Shandra Gemmiti |Charlotte McGuinn Freeman |Susan Miller |Don Mulrenan
As cloud-native applications continue to proliferate, containers are becoming the preferred option to package and deploy these applications because of the agility and scalability they offer. In fact, that 75% of global organizations are running containerized applications in production. The popularity of containers has also attracted hackers looking for new ways to exploit applications. Containers expand an organization’s attack surface and increase the risk to the applications they house.
-
Jan 23, 2024 | 
synopsys.com | Fred Bals |Shandra Gemmiti |Phil Odence |Charlotte McGuinn Freeman
Synopsys recently introduced static application security testing (SAST) support for the Dart programming language and the Flutter application frameworkto expand our coverage for mobile development teams that are tasked with delivering secure apps on multiple platforms. This builds on our support of more than 20 programming languages and 200 frameworks, and complements our existing Kotlin, Swift, and React Native support with another option for those focused on secure mobile app development.
-
Dec 14, 2023 | 
synopsys.com | Phil Odence |Charlotte McGuinn Freeman |Shandra Gemmiti |Kimm Yeo
Scattered effort leads to scattered security Navigating the complexities of modern application security presents a formidable challenge for organizations. The multitude of security tools and the effort to implement and maintain them often creates a tangled web of processes, which can result in inconsistent implementations, resource inefficiencies, and a fractured view of risk. Enterprise organizations can have hundreds of developers spread across multiple business units.
-
Dec 5, 2023 | 
synopsys.com | Charlotte McGuinn Freeman |Kimm Yeo |Vishrut Iyengar |Matthew Hogg
The latest BSIMM report, now in its 14th iteration, contains information from more than 130 companies in eight verticals about what’s working, what isn’t, what’s changing about the risks and threat landscapes they’re facing, and how they’re responding to those changes. This annual report by the Synopsys Software Integrity Group helps organizations maximize the benefits and minimize the pain of a world run by software.
-
Dec 4, 2023 | 
synopsys.com | Fred Bals |Charlotte McGuinn Freeman |Taylor Armerding
“Shifting left” is the philosophy of pushing security testing as early as possible in the development process. When the idea was first popularized, the only viable tool-based option was to run static analysis during coding, and then perform penetration testing before the application went live. Today “shifting everywhere” means automated, continuous testing throughout the software life cycle.
-
Nov 27, 2023 | 
synopsys.com | Charlotte McGuinn Freeman |Kimm Yeo |Vishrut Iyengar |Matthew Hogg
More software, more tools, more risk As the digital revolution has unfolded, the dramatic increase in the amount of code written, borrowed, and bought means that the attack surface has also increased dramatically. Software proliferation creates challenges for teams that must keep up with innovation while also securing their software.
-
Oct 30, 2023 | 
synopsys.com | Charlotte McGuinn Freeman |Taylor Armerding |John Waller
The cloud-native development model entered the mainstream in recent years, with technologies such as microservices and serverless computing, containers, APIs, and infrastructure-as-code (IaC) at the forefront of this trend. Thanks to these emerging technologies, organizations can build and run their apps fast, in a distributed manner, and without reliance on physical hardware infrastructures.
-
Oct 23, 2023 | 
synopsys.com | Matthew Hogg |Mike McGuire |Charlotte McGuinn Freeman |Moshe Apelbaum
The digital realm is an ever-expanding universe, and web applications serve as the gateway to valuable customer data, sensitive information, and financial transactions. Threat actors and cybercriminals are constantly devising new techniques to exploit vulnerabilities within these applications. Further, data privacy is a paramount concern, and organizations are entrusted with safeguarding information.
