{"id":37981,"date":"2023-11-02T15:33:00","date_gmt":"2023-11-02T15:33:00","guid":{"rendered":"https:\/\/zpesystems.com\/?p=37981"},"modified":"2023-11-08T21:32:07","modified_gmt":"2023-11-08T21:32:07","slug":"nodegrid-os-and-zpe-cloud-achieve-industrys-highest-security-with-synopsys","status":"publish","type":"post","link":"https:\/\/zpesystems.com\/nodegrid-os-and-zpe-cloud-achieve-industrys-highest-security-with-synopsys\/","title":{"rendered":"Nodegrid OS and ZPE Cloud achieve industry’s highest security with Synopsys"},"content":{"rendered":"

[et_pb_section fb_built=”1″ _builder_version=”4.17.6″ _module_preset=”default” custom_margin=”0px||||false|false” custom_padding=”0px||||false|false” da_disable_devices=”off|off|off” global_colors_info=”{}” da_is_popup=”off” da_exit_intent=”off” da_has_close=”on” da_alt_close=”off” da_dark_close=”off” da_not_modal=”on” da_is_singular=”off” da_with_loader=”off” da_has_shadow=”on”][et_pb_row _builder_version=”4.17.6″ _module_preset=”default” width=”100%” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.17.6″ _module_preset=”default” global_colors_info=”{}”][et_pb_image src=”https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/11\/Synopsys-and-ZPE-validation.jpg” alt=”Synopsys and ZPE validation” title_text=”Synopsys and ZPE validation” _builder_version=”4.23″ _module_preset=”default” global_colors_info=”{}”][\/et_pb_image][et_pb_text admin_label=”Text” _builder_version=”4.23.1″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]<\/p>\n

How do you address security across the software development life cycle?<\/h3>\n

\u201cSecurity is the cornerstone of ZPE\u2019s infrastructure management solutions,\u201d says Koroush Saraf, Vice President of Product Management and Marketing at ZPE Systems. \u201cOur automation platform touches every aspect of our customers\u2019 critical infrastructure, from networking and firewall gear, to servers, smart PDUs, and everything else in their production network. The ZPE portfolio is architected with the strongest security and implemented with the same level of scrutiny.\u201d<\/span><\/p>\n

Given the critical nature of enterprise networking, security is paramount to ZPE\u2019s customers.<\/span><\/p>\n

\u201cThe average time taken to apply patches and fix vulnerabilities can be more than 205 days,\u201d says Saraf. \u201cThis is due to many reasons: limited resources and time, concerns that something may break, or in some cases, admins don\u2019t even know that a critical patch is available. That\u2019s why ZPE takes on the responsibility for customers. They\u2019re assured that the systems running their infrastructure are running the latest, most secure software. And if a patch fails, our built-in undo button reverts to a safe configuration before any damage can be done.\u201d<\/span><\/p>\n

Saraf adds, \u201cLike with all modern organizations, ZPE uses a complex mix of proprietary, open source, and third-party software obtained through a variety of sources from the software supply chain. Think third-party libraries, packaged software from ISVs, IoT and embedded firmware, and especially open source components. In fact, studies show that over three-quarters of the code in any given application is likely to be open source.\u201d<\/span><\/p>\n

\u201cMost third parties won\u2019t provide the source code behind their software,\u201d notes Saraf. \u201cBut the question remains whether that supplier is as security-conscious as ZPE. Again, we found the solution with Synopsys, which gives us insight into any third-party software we include without requiring access to the source code.\u201d<\/span><\/p>\n

The solution: Comprehensive security testing with Synopsys AST<\/h3>\n

Different security solutions focus on different aspects of vulnerability detection and risk mitigation. By layering multiple solutions such as static analysis, dynamic analysis, and software composition analysis, ZPE covers a wide range of potential vulnerabilities, ensuring that code quality and security issues are identified at various stages during the software development life cycle and across different types of code.<\/span><\/p>\n

\"Table<\/p>\n

Coverity<\/b>\u00ae<\/b> provides the speed, ease of use, accuracy, industry standards compliance, and scalability to develop high-quality, secure applications. Coverity identifies critical quality defects and security vulnerabilities as code is written, early in ZPE\u2019s development process when they are easiest to fix. Coverity seamlessly integrates automated security testing into CI\/CD pipelines, supports existing development tools and workflows, and can be deployed either on-premises or in the cloud.<\/span><\/p>\n

WhiteHat\u2122 Dynamic<\/b> is a software-as-a-service dynamic application security testing solution that allows businesses to quickly deploy a scalable web security program. No matter how many websites or how often they change, WhiteHat Dynamic can scale to meet any demand. It provides security and development teams with fast, accurate, and continuous vulnerability assessments of applications in QA and production, applying the same techniques hackers use to find weaknesses This enables ZPE to streamline the remediation process, prioritize vulnerabilities based on severity and threat, and focus on remediation and its overall security posture.<\/span><\/p>\n

Black Duck<\/b>\u00ae<\/b> helps ZPE identify supply chain security and license risks even when it doesn\u2019t have access to the underlying software\u2019s code. This is a critical security tool for the modern software supply chain. Black Duck Binary Analysis can scan virtually any software, including desktop and mobile applications, third-party libraries, packaged software, and embedded system firmware. It quickly generates a complete Software Bill of Materials (SBOM), which tracks third-party and open source components, and identifies known security vulnerabilities, associated licenses, and code quality risks.<\/span><\/p>\n

The result: A notable reduction of CVEs<\/h3>\n

\u201cOne of the outcomes from taking a comprehensive, layered approach to security testing has been a notable reduction in CVEs on the systems we deploy,\u201d says Saraf.<\/span><\/p>\n

\u201cI think a lot of industry players don\u2019t give enough attention to patching CVEs. They wait until after a security incident, or until a customer specifically asks. Unfortunately, it\u2019s normal to see unpatched, outdated software running on critical infrastructure. The Equifax breach of 2017 is just one example that exposed the personal data of millions. It\u2019s a particular problem with IoT and embedded devices\u2014many of those systems get installed and forgotten. But it\u2019s another attack surface, especially if you use the equipment for critical infrastructure automation.\u201d<\/span><\/p>\n

\u201cZPE\u2019s goal is to reduce the attack surface of our systems to as close to zero as possible, either by making sure that software vulnerabilities are identified and addressed, and that our software is running the most secure and up-to-date versions. It\u2019s an ongoing process\u2014 what is vulnerability-free today won\u2019t necessarily be so tomorrow\u2014which is why ZPE always stays security-conscious. I think the company\u2019s commitment to security has positioned ZPE as a trusted partner for enterprises seeking secure automation solutions for their critical infrastructure needs.<\/span><\/p>\n

[\/et_pb_text][et_pb_text admin_label=”Text” _builder_version=”4.23″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]<\/p>\n

 <\/p>\n

Download the document for details about Synopsys and ZPE Systems<\/h3>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.17.6″ _module_preset=”default” width=”100%” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.17.6″ _module_preset=”default” global_colors_info=”{}”][et_pb_button button_url=”https:\/\/www.synopsys.com\/content\/dam\/synopsys\/sig-assets\/case-studies\/cs-zpe-systems.pdf” button_text=”Download” _builder_version=”4.23″ _module_preset=”default” global_colors_info=”{}”][\/et_pb_button][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.17.6″ _module_preset=”default” width=”100%” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.17.6″ _module_preset=”default” global_colors_info=”{}”][et_pb_text admin_label=”Text” _builder_version=”4.23″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]<\/p>\n

How to Fight the latest Ransomware Attacks<\/h3>\n

Nodegrid plus Synopsys is the most secure platform for Isolated Management Infrastructure (IMI). This architecture is recommended by the FBI and CISA, and allows you to fight back when ransomware strikes. Check out our latest IMI articles from cybersecurity veterans James Cabe and Koroush Saraf, who have helped companies including Fortinet, Microsoft, and Palo Alto Networks.<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=”1_2,1_2″ _builder_version=”4.17.6″ _module_preset=”default” width=”100%” global_colors_info=”{}”][et_pb_column type=”1_2″ _builder_version=”4.17.6″ _module_preset=”default” global_colors_info=”{}”][et_pb_text admin_label=”Text” _builder_version=”4.23″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]<\/p>\n