An introduction to installing Black Duck
Get started with the Dockerized Black Duck installation. This post outlines workplace specifications, tools, and steps for installing Black Duck.
Posted in Software Composition Analysis (SCA)
Charlie Klein
As a Product Marketing/Business Rotational Program Associate at Synopsys, Charlie will rotate through the sales, marketing, sales operations, and finance departments four months at a time. He joined Black Duck Software in July, before Black Duck Software was acquired by Synopsys. During his time in sales and marketing, Charlie has researched and learned about the importance of open source risk management—especially pertaining to container security and secure DevOps practices. While in marketing, Charlie has been helping with the launch of OpsSight, a product designed for IT Operations and Infrastructure teams hoping to automate security practices in the production environment. He holds a B.A. in Political Economy from Bates College.
Posts by Charlie Klein:
How to teach developers secure coding without slowing them down
Secure coding training isn’t required in most computer science programs. How can you fill the gaps in your developers’ education without slowing them down?
Posted in Agile, CI/CD & DevOps, Developer Enablement, Security Training & Awareness
How are code quality and code security related?
Code quality and code security aren’t the same, but they’re closely related. And in the current cyberthreat environment, developers should care about both.
Posted in IoT Security, Static Analysis (SAST), Web Application Security
Announcing Code Sight 2019.4
The Code Sight IDE plugin uses the Coverity static analysis engine to find issues as developers code. Release 2019.4 supports more languages and IDEs.
Posted in Static Analysis (SAST)
How to manage web application security with Coverity
Improve your web application security management by finding and fixing security vulnerabilities earlier and achieving compliance with industry standards.
Posted in Static Analysis (SAST)
So you just bought a SAST tool. Now what?
You’ve finally purchased a static analysis solution—but do you know how to use it? Learn how to implement SAST tools in a way that best suits your environment.
Posted in Static Analysis (SAST)
Making SAST easier, faster, and more integrated with Polaris
How can development teams make SAST easier? By using a platform that’s fast, accurate, and flexible and integrates with the tools they already use.
Posted in Static Analysis (SAST)
How to automate static analysis in your SDLC
Automating static analysis in your SDLC requires a tool that integrates into daily workflows, presents results intuitively, and offers remediation guidance.
Posted in Static Analysis (SAST)
Announcing Black Duck OpsSight 2.2—Container security at scale
With containers, we’ve changed the way we deploy applications. Now it’s time to change the way we secure them, with container scanning tools for open source.
Posted in Container Security, Open Source Security
How to “shift left” with application security tools, and how not to
Organizations are starting to shift left to save time and money. But it’s critical they choose the right application security tools to support developers.
Posted in Agile, CI/CD & DevOps
How to teach developers secure coding without slowing them down
Secure coding training isn’t required in most computer science programs. How can you fill the gaps in your developers’ education without slowing them down?
Posted in Agile, CI/CD & DevOps, Developer Enablement, Security Training & Awareness
How are code quality and code security related?
Code quality and code security aren’t the same, but they’re closely related. And in the current cyberthreat environment, developers should care about both.
Posted in IoT Security, Static Analysis (SAST), Web Application Security
Announcing Code Sight 2019.4
The Code Sight IDE plugin uses the Coverity static analysis engine to find issues as developers code. Release 2019.4 supports more languages and IDEs.
Posted in Static Analysis (SAST)
How to manage web application security with Coverity
Improve your web application security management by finding and fixing security vulnerabilities earlier and achieving compliance with industry standards.
Posted in Static Analysis (SAST)
So you just bought a SAST tool. Now what?
You’ve finally purchased a static analysis solution—but do you know how to use it? Learn how to implement SAST tools in a way that best suits your environment.
Posted in Static Analysis (SAST)
Making SAST easier, faster, and more integrated with Polaris
How can development teams make SAST easier? By using a platform that’s fast, accurate, and flexible and integrates with the tools they already use.
Posted in Static Analysis (SAST)
How to automate static analysis in your SDLC
Automating static analysis in your SDLC requires a tool that integrates into daily workflows, presents results intuitively, and offers remediation guidance.
Posted in Static Analysis (SAST)
Announcing Black Duck OpsSight 2.2—Container security at scale
With containers, we’ve changed the way we deploy applications. Now it’s time to change the way we secure them, with container scanning tools for open source.
Posted in Container Security, Open Source Security
How to “shift left” with application security tools, and how not to
Organizations are starting to shift left to save time and money. But it’s critical they choose the right application security tools to support developers.
Posted in Agile, CI/CD & DevOps
