What’s new in the 2021 ‘Open Source Security and Risk Analysis’ report
As the use of open source has grown, so has the number of vulnerabilities. Uncover the latest findings from the 2021 OSSRA report.
Fred Bals
Fred is a senior technical writer at Synopsys. He is a Mini Cooper fanboy and has worked for both Google and Bob Dylan at various points in his career.
Posts by Fred Bals:
What the 2021 OSSRA report tells us about the state of open source in commercial software
Open source vulnerabilities are on the rise according to the new OSSRA report. Get the latest information on open source security, compliance, and code quality risk.
Six key findings from the ‘DevSecOps Practices and Open Source Management in 2020’ report
Synopsys surveyed 1,500 IT professionals working in cyber security to analyze the DevSecOps practices used to address open source vulnerability management.
Making SCA part of your AST Strategy
Open source software is now used in nearly every organization, which makes it critical to know your code. Learn how an SCA tool can help you.
Posted in Security news and research, Software Composition Analysis (SCA)
TANSTAAFL! The tragedy of the commons meets open source software
Open source projects can become victims of their own success. What can developers do to secure their open source software?
Posted in Open source and software supply chain risks, Open Source Security
Why developers need a supplemental source to NVD vulnerability data
The NVD is a good source for open source vulnerability data. But with an average 27-day reporting delay, it shouldn’t be your only source of information.
Posted in Open source and software supply chain risks, Open Source Security, Software Composition Analysis (SCA)
5 key takeaways from the 2020 Open Source Security and Risk Analysis report
Our analysis of 1,250+ codebases reveals trends in open source use, security, and license compliance that affect development, security, and legal teams.
Posted in Open Source Security, Security news and research
Open source software use grows in Germany, but compliance and risk management need improvement
A new report from Bitkom reveals that among companies that use open source, many aren’t sure of the best way to approach open source risk management.
Posted in Open Source Security, Security news and research
Code quality and maintenance: Emerging risks of open source use
You know that static analysis can find code quality defects in your proprietary code. But what are you doing to manage your open source code quality risk?
Posted in Open source and software supply chain risks, Open Source Security, Software Composition Analysis (SCA)
There’s no such thing as TMI when it comes to open source software
“Vulnerabilities in the Core,” a report from the Linux Foundation and the Laboratory for Innovation Science at Harvard, offers insight into open source use.
Posted in Open Source Security, Security news and research
What the 2021 OSSRA report tells us about the state of open source in commercial software
Open source vulnerabilities are on the rise according to the new OSSRA report. Get the latest information on open source security, compliance, and code quality risk.
Six key findings from the ‘DevSecOps Practices and Open Source Management in 2020’ report
Synopsys surveyed 1,500 IT professionals working in cyber security to analyze the DevSecOps practices used to address open source vulnerability management.
Making SCA part of your AST Strategy
Open source software is now used in nearly every organization, which makes it critical to know your code. Learn how an SCA tool can help you.
Posted in Security news and research, Software Composition Analysis (SCA)
TANSTAAFL! The tragedy of the commons meets open source software
Open source projects can become victims of their own success. What can developers do to secure their open source software?
Posted in Open source and software supply chain risks, Open Source Security
Why developers need a supplemental source to NVD vulnerability data
The NVD is a good source for open source vulnerability data. But with an average 27-day reporting delay, it shouldn’t be your only source of information.
Posted in Open source and software supply chain risks, Open Source Security, Software Composition Analysis (SCA)
5 key takeaways from the 2020 Open Source Security and Risk Analysis report
Our analysis of 1,250+ codebases reveals trends in open source use, security, and license compliance that affect development, security, and legal teams.
Posted in Open Source Security, Security news and research
Open source software use grows in Germany, but compliance and risk management need improvement
A new report from Bitkom reveals that among companies that use open source, many aren’t sure of the best way to approach open source risk management.
Posted in Open Source Security, Security news and research
Code quality and maintenance: Emerging risks of open source use
You know that static analysis can find code quality defects in your proprietary code. But what are you doing to manage your open source code quality risk?
Posted in Open source and software supply chain risks, Open Source Security, Software Composition Analysis (SCA)
There’s no such thing as TMI when it comes to open source software
“Vulnerabilities in the Core,” a report from the Linux Foundation and the Laboratory for Innovation Science at Harvard, offers insight into open source use.
Posted in Open Source Security, Security news and research