software architecture

Architecture Erosion in Agile Development

Thursday, May 12, 2022

Software architecture erosion refers to the gap between the planned and actual architecture of a software system as observed in its implementation.1 Architecture erosion is a common and recurring problem faced by many agile development teams. Architecture erosion can result in lower quality, increased complexity, and harder-to-maintain software. At the beginning of a project, the source …

2022 OSSRA report

2022 OSSRA discovers 88% of organizations still behind in keeping open source updated

Thursday, May 05, 2022

Open source is everywhere, as is the need to properly manage it. Get the latest open source trends from the 2022 OSSRA report. It’s the time of the year when Spring is springing, and we release the annual Synopsys Open Source Security and Risk (OSSRA) report, with the 7th edition of OSSRA out this week. This year’s …

Synopsys Named a Leader in the 2022 Gartner Magic Quadrant for Application Security Testing for the Sixth Year

Monday, April 25, 2022

In the 2022 Gartner® Magic QuadrantTM for Application Security Testing, Synopsys placed highest and farthest right for the fourth consecutive year for our Ability to Execute and our Completeness of Vision. What does it take to be a leader? Leadership is a funny thing. It’s often difficult to define in the abstract but easy to …

AppSec program

What is the maturity level of your AppSec program?

Thursday, April 21, 2022

Using the Forrester assessment, you can measure the maturity of your AppSec program to help identify areas for improvement. Any organization that wants to secure its software should make maturity of its AppSec program its holy grail. Maturity means making security the first thought, not an afterthought. It means embedding security into software throughout the …

AppSec Decoded

AppSec Decoded: Building security into DevSecOps

Thursday, April 14, 2022

Our experts discuss the changes organizations are making to their processes and AST tool management to achieve more effective DevSecOps. Application security testing is evolving to meet the speed at which DevOps teams operate. Processes and tools are more fast-paced and rely on integration and automation to maintain efficiency throughout the software development life cycle (SDLC). But …

API

Ensuring Quality in Microservices Architecture with Support for gRPC Testing

Thursday, March 31, 2022

Lock in quality if you try gRPC Microservices architecture. Many organizations today recognize it enables faster and easier software changes over more traditional monoliths. Microservices have become the backbone for how organizations develop cloud-native applications – programs that run independently in containers designed for cloud computing architectures. Companies of every size are rethinking how they …

software testing

Test Automation 101

Thursday, March 24, 2022

Every company is a digital company. Whether you are a traditional e-commerce company who has been selling goods online for years, a healthcare company who recently needed to accelerate online visits for telehealth, or a company whose business model has drastically shifted due to Covid, the need for digital transformation is here. Chapter 1 of our eBook The Future of Test Automation goes …

software testing team at work

How to Get Started Testing: Best Test Cases to Automate

Thursday, March 10, 2022

Testing is a critical step if you want to ensure quality in your products. It’s crucial to test your applications to make sure they work properly – otherwise, customers are less likely to buy or continue to use them. While important, software testing can be a repetitive process that takes time and resources you’d probably rather use for tasks that deliver innovation to the functionality or performance. This is where test automation comes in. In order …

Apache log4j uses

How Lattix handled the Log4j security vulnerability

Thursday, March 03, 2022

“The log4j vulnerability is the most serious vulnerability I have seen in my decades-long career”, Jen Easterly US Cybersecurity and Infrastructure Security Agency Director Log4j is a Java-based logging utility part of the Apache logging services. This is a popular logging tool used in tens of thousands of software packages. Google estimates that 8% of Maven Central Repository was …

API developer using Swaggerhub

“Plug In” to SwaggerHub for IntelliJ IDEA: A Java Developer’s New Best Friend

Thursday, February 24, 2022

Integrated development environments, or IDEs as most people call them, are the go-to tool for the majority of software developers creating, compiling, and testing code. In fact, IDEs are one of the most commons tools that developers will use when designing their API (Application Programming Interfaces) documentation. According to the 2020 State of the API Report, …