"Black Duck SCA" Archives

Transitive dependencies are exponentially increasing open source software risk

Mike McGuire | June 9, 2025 | "AppSec Risk Management", "Black Duck SCA"

Learn how transitive dependencies increase risk in open source software and how to manage them. The post Transitive dependencies are exponentially increasing open source software risk appeared first on Blog ...

Blog

Three steps to ensuring the reliability and security of your C++ projects

Corey Hamilton | June 3, 2025 | "Black Duck SCA", "Build Security into DevOps", "Coverity SAST", DevSecOps, SAST, SCA

Learn how to secure your C++ software with automated scans, real-time SBOMs, and license compliance—without slowing development or risking noncompliance.The post Three steps to ensuring the reliability and security of your C++ ...

Blog

How to secure AI-generated code with DevSecOps best practices

Steven Zimmerman | May 8, 2025 | "AI & Machine Learning", "Black Duck SCA", "Build Security into DevOps", "Coverity SAST", Artificial Intelligence, DevSecOps, polaris, Security Training

Discover how to secure AI generated code to protect your organization from potential risks with these four DevSecOps best practices.The post How to secure AI-generated code with DevSecOps best practices appeared first ...

Blog

The 2025 OSSRA report uncovers answers to common open source questions

Fred Bals | March 12, 2025 | "Black Duck SCA", "Secure the Software Supply Chain", SCA, software supply chain security

Get answers to some of today's most common open source questions by examining the data in the 2025 Open Source Security Risk and Analysis (OSSRA) report.The post The 2025 OSSRA report uncovers ...

Blog