Black Duck SCA takes on AI: Securing the future of software with model scanning
Discover how Black Duck's AI Model Scanning helps you identify and manage AI/ML models in your software supply chain. Ensure license compliance, detect obscured models, and stay ahead of emerging AI regulations.The post Black Duck SCA takes on AI: Securing the future of software with model scanning appeared first on ... Read More
The Shai-Hulud npm malware attack: A wake-up call for supply chain security
Discover how the Shai-Hulud npm malware attack compromised over 180 packages through sophisticated supply chain tactics. Learn mitigation strategies to protect your projects from similar npm malware threats.The post The Shai-Hulud npm malware attack: A wake-up call for supply chain security appeared first on Blog ... Read More
The recent npm supply chain attack: Lessons in securing your software dependencies
Discover how the recent npm software supply chain attack compromised 18 widely used packages and learn key strategies to strengthen your software supply chain security.The post The recent npm supply chain attack: Lessons in securing your software dependencies appeared first on Blog ... Read More
Understanding Section 524B of the FD&C Act
Discover FDA Section 524B requirements for medical device cybersecurity, SBOM mandates, post-market monitoring, and how to ensure compliance. The post Understanding Section 524B of the FD&C Act appeared first on Blog ... Read More
Beyond detection: Understanding vulnerability reachability in SCA
Explore how vulnerability reachability enhances SCA risk prioritization by distinguishing exploitable versus non-exploitable open source vulnerabilities. The post Beyond detection: Understanding vulnerability reachability in SCA appeared first on Blog ... Read More
Transitive dependencies are exponentially increasing open source software risk
Learn how transitive dependencies increase risk in open source software and how to manage them. The post Transitive dependencies are exponentially increasing open source software risk appeared first on Blog ... Read More
Analyze AI-Generated Code with the Black Duck Snippet API
Black Duck Snippet Analysis is available via API as a more scalable solution for analyzing AI-generated code for open source license compliance.The post Analyze AI-Generated Code with the Black Duck Snippet API appeared first on Blog ... Read More
Forrester recognizes Black Duck as a Leader in software composition analysis
Explore why Forrester recognizes Black Duck as a leader in Software Composition Analysis. Discover our top scores in Current Offering and Strategy.The post Forrester recognizes Black Duck as a Leader in software composition analysis appeared first on Blog ... Read More
Building a software Bill of Materials with Black Duck
Explore how Black Duck's SBOM export capabilities foster compliance with standards, customer trust, and enhance software supply chain security.The post Building a software Bill of Materials with Black Duck appeared first on Software Security ... Read More
Securing the software supply chain with Black Duck Supply Chain Edition
New Black Duck Supply Chain Edition offers complete visibility into your software supply chain, giving you the ability to act, quickly. The post Securing the software supply chain with Black Duck Supply Chain Edition appeared first on Software Security ... Read More
