Software Integrity Blog

Top 10 FOSS legal developments in 2019

2019 saw developments in many free and open source software legal issues, including new models, ethical restrictions, blockchain, and data and cryptography.

Continue Reading...

3 reasons DevSecOps is getting so much attention

Interest in DevSecOps is on the rise. What’s driving this interest? And how can teams use this knowledge to modernize their application security programs?

Continue Reading...

[Webinars] Black Duck on VMware Cloud and open source scans

Learn about the addition of Black Duck to VMware Cloud Marketplace and the benefits and limitations of different types of open source scans.

Continue Reading...

Extending Black Duck’s capability with Red Hat OpenShift to scan Red Hat Quay images

The Black Duck Connector for OpenShift, which identifies and tags open source components, can now scan Red Hat Quay container registry images via a webhook.

Continue Reading...

Which application security tools should you choose?

There’s no single silver bullet for application security. Instead, you need a combination of application security tools and services. Here’s an overview.

Continue Reading...

[Webinars] “Open source” management and secure development

Learn about management practices inspired by open source principles and how a structured approach to secure software development is the best way forward.

Continue Reading...

PCI DSS compliance isn’t security, but security can boost compliance

The downward trend in organizations passing PCI DSS interim security testing is worrying. PCI DSS compliance requires security every day, not once a year.

Continue Reading...

Privacy still eroding on National Data Privacy Day

On National Data Privacy Day, we find little has changed in what numerous privacy advocates and experts have called “the golden age of surveillance.”

Continue Reading...

Taking the next step in your application security program

Already using static code analysis? Try boosting your application security program with software composition analysis to automate open source management.

Continue Reading...

Synopsys adds world-class security to Finastra’s banking app ecosystem FusionFabric.cloud

Finastra, a leading global Fintech company, has entered a partnership with the Synopsys Software Integrity Group to bring security to its app ecosystem.

Continue Reading...