Software Integrity Blog

Black Duck Audits: Not just for M&A

If you don’t have an SCA tool, a software audit can give you a bill of materials needed for product releases, vendor requirements, and procuring insurance.

Continue Reading...

Why developers need a supplemental source to NVD vulnerability data

The NVD is a good source for open source vulnerability data. But with an average 27-day reporting delay, it shouldn’t be your only source of information.

Continue Reading...

[Webinars] Vulnerability reports, application security for DevOps and CI/CD

Learn how vulnerability reports can help you fix critical vulnerabilities effectively, and the essentials of application security for DevOps and CI/CD.

Continue Reading...

6 mistakes to avoid when choosing a managed services provider

It’s critical to find the right managed services provider. Here are 6 things to consider when searching for the best provider to meet your business needs.

Continue Reading...

Drop the knife and back away from the AppSec budget

Tempted to cut your application security testing budget to cover shutdown losses? Remember that compromised assets are an even greater existential threat.

Continue Reading...

[Webinar] Managing Tech Due Diligence From a Social Distance

M&A transactions have been put on hold while the parties wait to see what happens. In this webinar, we discuss tech due diligence in the new normal.

Continue Reading...

EdgeVerve completes first BSIMM assessment in India

EdgeVerve, an AI and intelligent automation company, recently underwent a BSIMM assessment to evaluate its software security program—with stellar results.

Continue Reading...

Are you ready for API security?

Modern systems rely on complex systems of APIs exposed through a variety of networks. What is API security, and how does it fit into your security program?

Continue Reading...

[Infographic] Key findings from the 2020 OSSRA report

Our 2020 OSSRA infographic shows key findings and open source trends from the Synopsys Open Source Security and Risk Analysis report. Download the free PDF.

Continue Reading...

How does a managed services partner free up your staff?

A managed services partner should do more than run the tests you choose. The right partner will work with you to shape your application security program.

Continue Reading...