All Synopsys
Silicon Design & Verification Silicon IP Software Integrity About Us
Support
SolvNet Software Integrity
Global Sites
日本サイ ト 中文网站 中文網站 Сайт Россия

Software Integrity Blog

Author Archive

Damon Weinstein

damon-weinstein

Damon is a Software Architect for Black Duck by Synopsys. He has a passion for innovation and invention. He also works on the design and development of efficient data-structures, methodologies and algorithms for identifying open source code. Cyber-security, sailing and Jujitsu are among his recent interests. Previously, Damon worked at Mobile Messenger/PAYVIA, Soundbite Communications and Harmonix Music.

Posts by Damon Weinstein:

 

Pandora’s box – Exploits show package manager blind spots

As open source development has become mainstream, developers have been able to benefit from a growing number of application development and security solutions that help them build secure, high-quality software fast. Several new open source vulnerability management (a.k.a. software composition analysis) solutions have emerged, and at first glance, it can be hard to determine what differentiates them — at some level, they all claim to help you catalog your open source and show you information about the current known vulnerabilities.

Continue Reading...

Posted in Open Source Security | Comments Off on Pandora’s box – Exploits show package manager blind spots

 
Be the first to know

Don’t miss the latest AppSec news and trends every Friday.