Software Integrity Blog

Author Archive

Baljeet Malhotra

baljeet-malhotra

Baljeet Malhotra is Vice President of Research at Black Duck Software and leads Black Duck Software Canada, a research division of Black Duck. Previously, he was Research Director at SAP, where he derived IoT standards strategy. Before that he was a Computational Scientist with the Earth Observation Systems Laboratory and a Senior Software Engineer at Satyam Computers. He holds a PhD in Computing Science from the University of Alberta. Baljeet did his post-doc work at the National University of Singapore. He has published numerous scientific reports and patents. He was NSERC Canada scholar during 2005-2010, and awarded Global Young Scientist by the Government of Singapore in 2011 and 2012.


Posts by Baljeet Malhotra:

 

Artificial intelligence for open source risk management

Artificial Intelligence (AI) is revolutionizing the way we live, work and think. In recent times, computing machines have become intelligent enough to recognize real world objects, recognize speech, learn programs, paint like an artist, or even dream like humans.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Open Source Security | Comments Off on Artificial intelligence for open source risk management

 

A methodology for quantifying risks from web services

In the past, I have explored the challenges of managing Web Services in applications, including the ones that use Open Source. In this blog, I describe a methodology that our research team has developed to quantify the risks that come with using Web Services that make calls to various APIs available commercially and in public domain for “free” usage.

Continue Reading...

Posted in Mergers & Acquisitions, Open Source Security | Comments Off on A methodology for quantifying risks from web services

 

An overview of open standards for IoT communication protocols

The number of “smart” applications will only increase in 2017 as vendors seek to differentiate themselves in their various marketplaces. This point was made abundantly clear at CES recently as part of the “Trillion Dollar IoT Opportunity.” With an explosion of vendors seeking to make our homes, factories, vehicles and healthcare more connected and thus “smarter,” it’s important to understand the various standards in play when looking at incorporating IoT communication protocols.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Internet of Things, Open Source Security | Comments Off on An overview of open standards for IoT communication protocols

 

Top open source licenses and their legal risk categories

Before using an open source component, you should know what legal risk it carries. Here are the top 31 open source licenses and their risk categories.

Continue Reading...

Posted in Open Source Security, Software Composition Analysis | Comments Off on Top open source licenses and their legal risk categories