Four requirements for open source vulnerability management in a DevOps environment

Four requirements for open source vulnerability management in a DevOps environment

| | Open Source Security
Most applications contain open source code, which can expose companies to risks if left unchecked. Make the most of your open source vulnerability management with the right approach and tooling. The post Four requirements for open source vulnerability management in a DevOps environment appeared first on Software Integrity Blog ... Read More
Need a vulnerability assessment yesterday? Consider a Black Duck Audit

Need a vulnerability assessment yesterday? Consider a Black Duck Audit

When you don’t have any time or resources to spare, Black Duck Audits provide a deep, accurate, rapid vulnerability assessment, plus remediation guidance. The post Need a vulnerability assessment yesterday? Consider a Black Duck Audit appeared first on Software Integrity Blog ... Read More
The advanced license compliance functionality you didn’t know your SCA tool needed

The advanced license compliance functionality you didn’t know your SCA tool needed

Open source license noncompliance can have severe implications. Here are four advanced license compliance features that help protect your proprietary code. The post The advanced license compliance functionality you didn’t know your SCA tool needed appeared first on Software Integrity Blog ... Read More
Black Duck Audits: Not just for M&A

Black Duck Audits: Not just for M&A

If you don’t have an SCA tool, a software audit can give you a bill of materials needed for product releases, vendor requirements, and procuring insurance. The post Black Duck Audits: Not just for M&A appeared first on Software Integrity Blog ... Read More
How do you effectively remediate the increasing sea of vulnerabilities?

How do you effectively remediate the increasing sea of vulnerabilities?

With applications containing more and more open source, and 40+ open source vulnerabilities disclosed daily, how do you prioritize your remediation efforts? The post How do you effectively remediate the increasing sea of vulnerabilities? appeared first on Software Integrity Blog ... Read More
Cyber security audits top due diligence checklists

Cyber security audits top due diligence checklists

In a study by (ISC)2, all executives and M&A professionals surveyed agreed that cyber security audits have become standard practice in tech due diligence. The post Cyber security audits top due diligence checklists appeared first on Software Integrity Blog ... Read More
Top 3 reasons to choose Black Duck

Top 3 reasons to choose Black Duck

What sets Black Duck apart from other SCA solutions? Industry-leading innovation, extensive vulnerability detection, and a broad range of integrations. The post Top 3 reasons to choose Black Duck appeared first on Software Integrity Blog ... Read More
3 use cases where source code scanning doesn’t cut it

3 use cases where source code scanning doesn’t cut it

Binary code analysis tools are essential when you don’t have access to a build environment or source code. Here are some use cases for scanning binary code. The post 3 use cases where source code scanning doesn’t cut it appeared first on Software Integrity Blog ... Read More
Open source audits: The secret ingredient for successful M&A

Open source audits: The secret ingredient for successful M&A

Identifying open source in the target’s codebase is essential to M&A transactions involving software. Open source audits go far beyond what SCA can provide. The post Open source audits: The secret ingredient for successful M&A appeared first on Software Integrity Blog ... Read More
Open Source Security Risk - Managing the Threat in Mergers & Acquisitions | Synopsys

Open source security risk: Managing the threat in mergers and acquisitions

I have blogged before about the pervasiveness of open source in applications today. Synopsys and other organizations have been tracking its growth for years, particularly as it relates to the amount of open source code we find in the applications we scan. Our Black Duck On-Demand Audit team scans thousands ... Read More