Shandra Gemmiti

Feb 7, 2024 | synopsys.com | Shandra Gemmiti |Charlotte McGuinn Freeman |Susan Miller |Don Mulrenan

As cloud-native applications continue to proliferate, containers are becoming the preferred option to package and deploy these applications because of the agility and scalability they offer. In fact,  that 75% of global organizations are running containerized applications in production. The popularity of containers has also attracted hackers looking for new ways to exploit applications. Containers expand an organization’s attack surface and increase the risk to the applications they house.

Feb 7, 2024 | synopsys.com | Taylor Armerding |Fred Bals |Shandra Gemmiti

In the world of software development, the need for speed often clashes with the need for security. The concept of DevSecOps aims to bridge this gap by integrating security practices into DevOps processes. In a discussion with Steven Zimmerman, a DevSecOps security solutions manager at the Synopsys Software Integrity Group, he explores the challenges and solutions related to implementing effective DevSecOps. The perception that security testing slows down the development process is a common one.

Jan 29, 2024 | synopsys.com | Fred Bals |Shandra Gemmiti

In a recent episode of AppSec Decoded, Taylor Armerding, a security advocate with the Synopsys Software Integrity Group, spoke with resident expert Stephen Zimmerman about DevSecOps. Zimmerman discusses the common perception among developers and operations teams alike that security testing adds friction, hindering development velocity. He offers insights and recommendations on how to properly plan and implement a DevSecOps strategy.

Jan 23, 2024 | synopsys.com | Fred Bals |Shandra Gemmiti |Phil Odence |Charlotte McGuinn Freeman

Synopsys recently introduced static application security testing (SAST) support for the Dart programming language and the Flutter application frameworkto expand our coverage for mobile development teams that are tasked with delivering secure apps on multiple platforms. This builds on our support of more than 20 programming languages and 200 frameworks, and complements our existing Kotlin, Swift, and React Native support with another option for those focused on secure mobile app development.

Jan 4, 2024 | synopsys.com | Fred Bals |Shandra Gemmiti

By introducing a culture of security into DevOps environments, DevSecOps is designed to address security risks early and consistently. According to the SANS 2023 DevSecOps survey, DevSecOps is a business-critical practice and risk management concern in all organizations focused on software development.