Software Integrity Blog

Q&A: Fuzz testing, agent instrumentation, and Defensics

Do you have questions about fuzz testing? We’ve got answers, explanations, and recommendations from our last webinar on fuzzing using agent instrumentation.

Continue Reading...

Introducing Black Duck for Google Cloud Build

To support the launch of Binary Authorization, we’re releasing Black Duck for Google Cloud Build to help ensure your images are free of policy violations.

Continue Reading...

The False Claims Act: 156 years old and newly relevant to software security

We recently saw the first settlement by a company charged under the False Claims Act for failing to meet cyber security standards. Is there more to come?

Continue Reading...

[Webinar] M&A tech due diligence from the seller’s perspective

In technology M&A transactions, what do buyers need, and what can sellers do to prepare? We discuss how to prepare for the M&A tech due diligence process.

Continue Reading...

Let’s Talk Licenses: Beware the Beerware License

Many companies are relaxed about reusing software under the Beerware License and similar open source licenses. But not all such licenses are created equal.

Continue Reading...

[Infographic] BSIMM10 by the numbers

How many BSIMM participants have a software security group? How many think it’s key to their success? How many people are in the average SSG? Get the facts.

Continue Reading...

Awash in regulations, companies struggle with compliance

The list of regulatory compliance challenges facing companies grows longer every time a new regulation is introduced. But do security regulations even work?

Continue Reading...

[Webinar] Bring container security into OpenShift with Synopsys Operator

Modern applications contain over 50% open source components. Do you have an open source vulnerability management solution for your container environment?

Continue Reading...

Software security program checklist: Kick off your program with a bang

If you want to enjoy your Sunday kickoffs, our software security program checklist of five activities will help you kick off your program successfully.

Continue Reading...

Chain Heist and blockchain security at DEF CON 2019

Chain Heist, our blockchain capture-the-flag at DEF CON 2019, showed that vulnerability detection tooling for blockchain security still has a way to go.

Continue Reading...