NVD Changes 2026: Why public vulnerability data is no longer enough
NIST’s 2026 NVD policy limits CVE enrichment to critical categories only. Learn how this impacts vulnerability management and how Black Duck Security Advisories provide comprehensive protection.The post NVD Changes 2026: Why public vulnerability data is no longer enough appeared first on Blog ... Read More
Decoding AI-enabled dev: Top concerns, hidden benefits, and smart investment strategies
Discover where DevSecOps leaders are investing in AI security. Learn top concerns, hidden benefits, and smart investment strategies for AI-enabled development pipelines in 2025.The post Decoding AI-enabled dev: Top concerns, hidden benefits, and smart investment strategies appeared first on Blog ... Read More
Beyond Confidence: Grounding Your AI Security Strategy in Reality
Discover why DevSecOps teams' confidence in AI security may not match reality. Learn to ground your AI coding security strategy in verifiable controls.The post Beyond Confidence: Grounding Your AI Security Strategy in Reality appeared first on Blog ... Read More
Navigating the AI frontier: Risks, benefits, and uncharted territory in code development
85% of organizations use AI coding assistants, but are you managing the security risks and IP concerns? Learn how to balance AI benefits with robust DevSecOps practices. Part 2 of our 2025 State of DevSecOps series.The post Navigating the AI frontier: Risks, benefits, and uncharted territory in code development appeared ... Read More
Bridging the divide: Why friction between dev and security persists (and how to fix it)
AppSec slows 53% of dev teams despite daily releases. Discover how intelligent automation eliminates friction, cuts noise by 80%, and accelerates secure development.The post Bridging the divide: Why friction between dev and security persists (and how to fix it) appeared first on Blog ... Read More
Get the best from AI in software development without risking the worst
Discover how to harness AI in software development while minimizing risks. Learn strategies for secure coding practices, managing AI-generated code risks, and implementing effective security measures.The post Get the best from AI in software development without risking the worst appeared first on Blog ... Read More
How to secure AI-generated code with DevSecOps best practices
Discover how to secure AI generated code to protect your organization from potential risks with these four DevSecOps best practices.The post How to secure AI-generated code with DevSecOps best practices appeared first on Blog ... Read More
Security automation and integration can smooth AppSec friction
Security automation and integration can help to address the friction organizations are still facing between development and security testing.The post Security automation and integration can smooth AppSec friction appeared first on Blog ... Read More
Overcome AST noise to find and fix software vulnerabilities
Too many AST tools create noise for security and dev teams. Learn why automation is key to finding and fixing what’s important.The post Overcome AST noise to find and fix software vulnerabilities appeared first on Blog ... Read More
Artificial intelligence widens the gap between security and development
AI renews friction between security and dev according to the Global State of DevSecOps Report. Get strategies and tips for securing your AI-generated code.The post Artificial intelligence widens the gap between security and development appeared first on Blog ... Read More
