Software Integrity Blog
Top open source licenses and legal risk for developers
October 21, 2019
David Woodhouse at AWS, who maintains the open source OpenConnect VPN client, explains how he integrated Coverity Scan with GitLab CI.
![[Webinar] OWASP Top 10 for JavaScript Developers](http://www.synopsys.com/blogs/software-security/wp-content/uploads/2019/11/owasp-top-10-javascript-webinar.jpg)
The OWASP documentation doesn’t give much attention to JavaScript. This webinar explains the OWASP Top 10 in terms of JavaScript vulnerabilities.
With a software bill of materials (software BOM), you can respond quickly to the security, license, and operational risks that come with open source use.
For sustainable, long-term application security, both developers and information security professionals must embrace their new roles created by DevSecOps.
Smart organizations in the business of building software need to use a mix of application testing tools to ensure their code is high-quality and secure.
A security group should help lift the organization into a positive, proactive attitude and work security into all aspects of development and operations.
![[Infographic] 7 truths to improve your software security program](http://www.synopsys.com/blogs/software-security/wp-content/uploads/2019/11/improve-software-security-program-header.jpg)
The Building Security In Maturity Model (BSIMM) can help you improve your software security program, regardless of industry, size, or application mix.
Open source might be free, but it’s not risk-free. Let’s examine the potential legal cost of open source use associated with license noncompliance.
A number of election security bills and discussion drafts are currently before the House and Senate. If passed, could they really lead to secure elections?
![[Webinars] CI/CD optimization and automated testing, open source audit reports](http://www.synopsys.com/blogs/software-security/wp-content/uploads/2019/10/open-source-audit-webinar.jpg)
Learn how our CloudBees partnership helps users optimize CI/CD and automate AppSec Testing, and steps to take after you get an open source audit report.
- Agile, CI/CD & DevOps
- Application Security
- Automotive Cyber Security
- Cloud Security
- Container Security
- Data Breach Security
- Developer Enablement
- Featured
- Financial Cyber Security
- Fuzz Testing
- Healthcare Security & Privacy
- Interactive Application Security Testing (IAST)
- IoT Security
- Medical Device Security
- Mergers & Acquisitions
- Mobile App Security
- News & Announcements
- Open Source Security
- Security Training & Awareness
- Software Architecture & Design
- Software Compliance, Quality & Standards
- Software Composition Analysis (SCA)
- Software Security Program
- Software Security Research
- Static Analysis (SAST)
- Web Application Security
- Webinars