2018 saw developments in many free and open source software legal issues, including copyright, license compliance, patent nonaggression, and antitrust law.
In our Nov. 14 Black Duck Legal Certification Course with Hal Hearst and Phil Odence (Synopsys), you’ll learn about software due diligence and how to answer your clients’ open source questions.
If you have reviewed any Black Duck On-Demand audit reports recently, you may have noticed improvements in the legal tab and the way we report on findings. The new report format has received some very positive reviews, the theme being that it makes reported results more actionable.
Looking back five or ten years, companies managing open source risk were squarely focused on license risk associated with complying with open source licenses. Beginning in 2014, when open source security vulnerabilities began to get names (like Heartbleed, Shellshock and Poodle), open source security rose in importance as companies addressed vulnerabilities in their code. Black Duck […]
Software compliance isn’t just a concern of security, development, and legal executives. Your developers and development managers should care about it too. Here’s why.
Posted in Security Standards and Compliance
The world is clamoring for connected vehicles, even with their persistent cyber security and privacy issues. What does the future of V2X have in store?
Posted in Automotive Security
Improve your web application security management by finding and fixing security vulnerabilities earlier and achieving compliance with industry standards.
Posted in Static Analysis (SAST)
Want to know how to protect sensitive data? You need a solution to manage risk across your enterprise applications so you can secure them before they go live.
Posted in General
Cyber-physical attacks are on the rise. As the IoT creeps further into our daily lives, so does the attack surface. What can we do to keep ourselves safe?
Posted in Internet of Things
Software audits are the best way to uncover open source license risks before you go to production. Here’s how our audit group categorizes license risks.
Posted in Open Source Security