Software Integrity Blog

Search Results for 'legal'


Top 10 FOSS legal developments in 2018

2018 saw developments in many free and open source software legal issues, including copyright, license compliance, patent nonaggression, and antitrust law.

Continue Reading...

Posted in General, Open Source Security, Webinars


Webinar: Black Duck Legal Certification Course

In our Nov. 14 Black Duck Legal Certification Course with Hal Hearst and Phil Odence (Synopsys), you’ll learn about software due diligence and how to answer your clients’ open source questions.

Continue Reading...

Posted in General, Open Source Security, Webinars


Enhanced legal tab in Black Duck On-Demand audit reports

If you have reviewed any Black Duck On-Demand audit reports recently, you may have noticed improvements in the legal tab and the way we report on findings. The new report format has received some very positive reviews, the theme being that it makes reported results more actionable.

Continue Reading...

Posted in General, Open Source Security


3 areas of open source risk: Legal, security…Do you know the third?

Looking back five or ten years, companies managing open source risk were squarely focused on license risk associated with complying with open source licenses. Beginning in 2014, when open source security vulnerabilities began to get names (like Heartbleed, Shellshock and Poodle), open source security rose in importance as companies addressed vulnerabilities in their code. Black Duck […]

Continue Reading...

Posted in General, Open Source Security, Security Standards and Compliance


Why your development team should care about software compliance

Software compliance isn’t just a concern of security, development, and legal executives. Your developers and development managers should care about it too. Here’s why.

Continue Reading...

Posted in Security Standards and Compliance


Connected cars: Security and privacy are both trust hurdles

The world is clamoring for connected vehicles, even with their persistent cyber security and privacy issues. What does the future of V2X have in store?

Continue Reading...

Posted in Automotive Security


How to manage web application security with Coverity

Improve your web application security management by finding and fixing security vulnerabilities earlier and achieving compliance with industry standards.

Continue Reading...

Posted in Static Analysis (SAST)


How to protect sensitive data by managing your risk

Want to know how to protect sensitive data? You need a solution to manage risk across your enterprise applications so you can secure them before they go live.

Continue Reading...

Posted in General


The cyber-physical convergence is accelerating—and so are the risks

Cyber-physical attacks are on the rise. As the IoT creeps further into our daily lives, so does the attack surface. What can we do to keep ourselves safe?

Continue Reading...

Posted in Internet of Things


Sorting through open source license risks

Software audits are the best way to uncover open source license risks before you go to production. Here’s how our audit group categorizes license risks.

Continue Reading...

Posted in Open Source Security