Software Integrity Blog

Author Archive

Damon Weinstein


Damon is a Software Architect for Black Duck by Synopsys. He has a passion for innovation and invention. He also works on the design and development of efficient data-structures, methodologies and algorithms for identifying open source code. Cyber-security, sailing and Jujitsu are among his recent interests. Previously, Damon worked at Mobile Messenger/PAYVIA, Soundbite Communications and Harmonix Music.

Posts by Damon Weinstein:


Pandora’s box: Exploits show package manager blind spots

We ran an experiment to find vulnerabilities in open source code using package manager data vs. signature-based detection. See our examples and results.

Continue Reading...

Posted in Open source and software supply chain risks, Open Source Security