AI in DevSecOps: A critical crossroads for security and risk management
Explore the dual impact of AI in DevSecOps: enhancing security through automation while introducing new risks. Learn how to balance AI-driven innovation with robust security measures.The post AI in DevSecOps: A critical crossroads for security and risk management appeared first on Blog ... Read More
Key findings from “The State of Embedded Software Quality and Safety 2025” report
Discover key trends and challenges in embedded software development, from AI integration to SBOM compliance. Learn how Black Duck's solutions can help ensure quality and safety.The post Key findings from “The State of Embedded Software Quality and Safety 2025” report appeared first on Blog ... Read More
What you need to know about the NIST Secure Software Development Framework
Learn about the NIST Secure Software Development Framework (SSDF) and how to implement its practices to enhance software security. Discover the benefits of SSDF for software producers and consumers.The post What you need to know about the NIST Secure Software Development Framework appeared first on Blog ... Read More
Key takeaways from the “2024 Software Vulnerability Snapshot” report
Discover the key findings from Black Duck's 2024 Software Vulnerability Snapshot report. Learn about the most common vulnerabilities, industry insights, and actionable DevSecOps strategies to enhance application security.The post Key takeaways from the “2024 Software Vulnerability Snapshot” report appeared first on Blog ... Read More
Q&A: What You Need to Know About Open Source Software Risk in 2025
Understand the key risks in open source software for 2025—from transitive dependencies to license compliance. Backed by data from the OSSRA report and expert insights.The post Q&A: What You Need to Know About Open Source Software Risk in 2025 appeared first on Blog ... Read More
The 2025 OSSRA report uncovers answers to common open source questions
Get answers to some of today's most common open source questions by examining the data in the 2025 Open Source Security Risk and Analysis (OSSRA) report.The post The 2025 OSSRA report uncovers answers to common open source questions appeared first on Blog ... Read More
Top open source licenses and legal risk for developers
Explore top open source licenses and understand their legal risks. A comprehensive guide for developers navigating the open source software landscape.The post Top open source licenses and legal risk for developers appeared first on Blog ... Read More
Software governance in the AI era: Key findings from the 2026 OSSRA report
The 2026 OSSRA report reveals open source vulnerabilities doubled to 581 per codebase as AI adoption explodes. 87% of codebases at risk, 65% hit by attacks.The post Software governance in the AI era: Key findings from the 2026 OSSRA report appeared first on Blog ... Read More
Software Vulnerability Snapshot Report Findings
Get insights from the Software Vulnerability Snapshot Report, including industry-specific challenges & AppSec recommendations for securing your software. The post Software Vulnerability Snapshot Report Findings appeared first on Blog ... Read More
Key insights from Black Duck’s 2024 Global State of DevSecOps report
Take a deep dive into the findings of Black Duck's 2024 Global State of DevSecOps Report to learn how development, operations, and security teams feel about the application security tools they use.The post Key insights from Black Duck’s 2024 Global State of DevSecOps report appeared first on Blog ... Read More
