Key deadlines and reporting requirements for the EU Cyber Resilience Act (CRA)
The EU Cyber Resilience Act enforcement clock is ticking. Understand CRA vulnerability reporting timelines, product conformity requirements, and how to prepare before September 2026.The post Key deadlines and reporting requirements for the EU Cyber Resilience Act (CRA) appeared first on Blog ... Read More
Why LLM API keys should be treated like tier‑zero secrets
LLM API keys for OpenAI, Anthropic, Perplexity, and Gemini are now business-critical secrets. Learn how hardcoded AI credentials leak, the risks they create, and how to detect them before attackers do.The post Why LLM API keys should be treated like tier‑zero secrets appeared first on Blog ... Read More
Catch critical defects before embedded software ships
Prevent costly post-deployment failures in embedded software. Learn how "shift everywhere" strategies and automated testing catch defects early in the SDLC.The post Catch critical defects before embedded software ships appeared first on Blog ... Read More
AI coding security gap: 76% of orgs expose software supply chain to risk
95% of organizations use AI for development, but only 24% properly evaluate AI-generated code for security, IP, and quality risks. Learn how to protect your software supply chain.The post AI coding security gap: 76% of orgs expose software supply chain to risk appeared first on Blog ... Read More
Embracing AI in embedded software development: A balanced approach
Discover how organizations are leveraging AI in embedded software development, the confidence gap between executives and developers, and best practices for safely integrating AI coding assistants. Learn more about the latest trends and challenges in AI adoption.The post Embracing AI in embedded software development: A balanced approach appeared first on ... Read More
Accelerate onboarding and testing of GitHub repos with the Black Duck Security app
Discover how the Black Duck Security GitHub app simplifies onboarding and continuous synchronization of GitHub repositories with Black Duck SCA, Coverity, and Polaris for enhanced application security.The post Accelerate onboarding and testing of GitHub repos with the Black Duck Security app appeared first on Blog ... Read More
Remain code-compliant in a regulated, AI-powered world
Discover practical strategies to maintain code compliance in AI-driven development, from SAST/DAST to AppSec tools and compliance training. The post Remain code-compliant in a regulated, AI-powered world appeared first on Blog ... Read More
Detecting compromised source code using Rapid Scan Static’s Malicious URLs feature
Learn how Rapid Scan Static's Malicious URLs feature detects compromised source code from CDN and supply chain attacks like Polyfill.io, helping you shift security left. The post Detecting compromised source code using Rapid Scan Static’s Malicious URLs feature appeared first on Blog ... Read More
Three steps to ensuring the reliability and security of your C++ projects
Learn how to secure your C++ software with automated scans, real-time SBOMs, and license compliance—without slowing development or risking noncompliance.The post Three steps to ensuring the reliability and security of your C++ projects appeared first on Blog ... Read More
How to build reliability into developer workflows without slowing down
Learn how to integrate static code analysis into your developer workflow to improve software reliability without slowing delivery. Discover how Coverity and Black Duck enable secure, high-quality development in CI/CD pipelines.The post How to build reliability into developer workflows without slowing down appeared first on Blog ... Read More
