Fred is a senior technical writer at Synopsys. He is a Mini Cooper fanboy and has worked for both Google and Bob Dylan at various points in his career.
Synopsys surveyed 1,500 IT professionals working in cyber security to analyze the DevSecOps practices used to address open source vulnerability management.
Posted in Open Source Security
Open source software is now used in nearly every organization, which makes it critical to know your code. Learn how an SCA tool can help you.
Posted in Software Composition Analysis (SCA)
Open source projects can become victims of their own success. What can developers do to secure their open source software?
Posted in Application Security, Open Source Security
The NVD is a good source for open source vulnerability data. But with an average 27-day reporting delay, it shouldn’t be your only source of information.
Posted in Open Source Security, Software Composition Analysis (SCA)
Our analysis of 1,250+ codebases reveals trends in open source use, security, and license compliance that affect development, security, and legal teams.
Posted in Open Source Security
A new report from Bitkom reveals that among companies that use open source, many aren’t sure of the best way to approach open source risk management.
Posted in Open Source Security
You know that static analysis can find code quality defects in your proprietary code. But what are you doing to manage your open source code quality risk?
Posted in Open Source Security, Software Composition Analysis (SCA)
“Vulnerabilities in the Core,” a report from the Linux Foundation and the Laboratory for Innovation Science at Harvard, offers insight into open source use.
Posted in Open Source Security
Already using static code analysis? Try boosting your application security program with software composition analysis to automate open source management.
Posted in Application Security, Open Source Security, Software Composition Analysis (SCA)
Using static code analysis (SAST) and software composition analysis (SCA) together makes your software development process better, faster, and stronger.
Posted in Application Security, Open Source Security, Software Composition Analysis (SCA), Static Analysis (SAST)