Software Integrity Blog

[Webinars] Implementing SAST, reducing open source risk in M&A

In this week’s webinars, we’ll talk about how to add static analysis to your development cycle and how to minimize open source risk in M&A transactions.

Continue Reading...

3 reasons to join us at FLIGHT Europe 2020 Virtual Conference

At FLIGHT Europe 2020, we’ll have two advanced product training sessions, tracks in application security and open source, and plenty of virtual networking.

Continue Reading...

Open source audits: The secret ingredient for successful M&A

Identifying open source in the target’s codebase is essential to M&A transactions involving software. Open source audits go far beyond what SCA can provide.

Continue Reading...

[Webinars] Static analysis best practices, remote security testing and training

In this week’s webinars, we’ll share how to get the most out of your static analysis tool and how to make the transition from on-site to remote testing.

Continue Reading...

Find more bugs by detecting failure better: An introduction to SanitizerProcessMonitorAgent

By helping your fuzzer detect failure better with agent instrumentation, you can maximize the value of fuzz testing in your secure development life cycle.

Continue Reading...

Are you following the top 10 software security best practices?

Software security isn’t simply plug-and-play. Our top 10 software security best practices show you how to get the best return on your investment.

Continue Reading...

[Webinar] Instrumentation techniques for fuzz testing

Learn more about fuzzing instrumentation techniques, ranging from simple black box approaches to deeper types that can detect subtler failure modes.

Continue Reading...

Know your code—and know your stuff!

An open source audit digs into a codebase to see what’s inside. Find out what our audit services team unearthed in the 1,250+ codebases we reviewed in 2019.

Continue Reading...

Need a vulnerability assessment yesterday? Consider a Black Duck Audit

When you don’t have any time or resources to spare, Black Duck Audits provide a deep, accurate, rapid vulnerability assessment, plus remediation guidance.

Continue Reading...

An introduction to installing Black Duck

Get started with the Dockerized Black Duck installation. This post outlines workplace specifications, tools, and steps for installing Black Duck.

Continue Reading...