Application Security & Software Security Blog

[Webinars] Implementing SAST, reducing open source risk in M&A

In this week’s webinars, we’ll talk about how to add static analysis to your development cycle and how to minimize open source risk in M&A transactions.

3 reasons to join us at FLIGHT Europe 2020 Virtual Conference

At FLIGHT Europe 2020, we’ll have two advanced product training sessions, tracks in application security and open source, and plenty of virtual networking.

Open source audits: The secret ingredient for successful M&A

Identifying open source in the target’s codebase is essential to M&A transactions involving software. Open source audits go far beyond what SCA can provide.

[Webinars] Static analysis best practices, remote security testing and training

In this week’s webinars, we’ll share how to get the most out of your static analysis tool and how to make the transition from on-site to remote testing.

Find more bugs by detecting failure better: An introduction to SanitizerProcessMonitorAgent

By helping your fuzzer detect failure better with agent instrumentation, you can maximize the value of fuzz testing in your secure development life cycle.

Are you following the top 10 software security best practices?

Software security isn’t simply plug-and-play. Our top 10 software security best practices show you how to get the best return on your investment.

[Webinar] Instrumentation techniques for fuzz testing

Learn more about fuzzing instrumentation techniques, ranging from simple black box approaches to deeper types that can detect subtler failure modes.

Know your code—and know your stuff!

An open source audit digs into a codebase to see what’s inside. Find out what our audit services team unearthed in the 1,250+ codebases we reviewed in 2019.

Need a vulnerability assessment yesterday? Consider a Black Duck Audit

When you don’t have any time or resources to spare, Black Duck Audits provide a deep, accurate, rapid vulnerability assessment, plus remediation guidance.