Software Integrity Blog

Author Archive

Mike McGuire

mmcguire

Mike McGuire is a product marketing manager at Synopsys where he is focused mainly on the Black Duck software composition analysis tools and audit services. After beginning his career as a software engineer, Mike transitioned into product management and marketing roles, as he enjoyed interfacing with the buyers and users of the products he worked on. Leveraging several years of development experience, Mike enjoys connecting the market’s complex AppSec problems with Synopsys’ comprehensive solutions.


Posts by Mike McGuire:

 

Managing license compliance with Black Duck SCA

Black Duck provides a comprehensive SCA solution for managing security, quality, and license compliance risks associated with open source use.

Continue Reading...

Posted in Managing security risks

 

Forrester recognizes Synopsys as a leader in Software Composition Analysis

Black Duck ranks highest in Strategy and receives highest possible scores in Product Vision, Market Approach, and Corporate Culture criteria.

Continue Reading...

Posted in Security news and research

 

Optimizing software composition analysis for developer workflows with Black Duck Rapid Scan

Black Duck Rapid Scan enables developers to check for security or policy violations without disrupting development process.

Continue Reading...

Posted in Building secure software

 

Get earlier, actionable vulnerability insights from Black Duck Security Advisories

Identifying security vulnerabilities is only half the battle. To remediate and prioritize them, you need Black Duck Security Advisories.

Continue Reading...

Posted in Managing security risks, Software Composition Analysis (SCA)

 

Discovery capabilities: A core differentiator for Black Duck SCA

Stay on top of open source vulnerabilities and license obligations with discovery capabilities from Black Duck.

Continue Reading...

Posted in Building secure software, Open Source Security, Software Composition Analysis (SCA)

 

Demystifying CVSS Scoring

The Common Vulnerability Scoring System (CVSS) can help you navigate the constantly growing ocean of open source vulnerabilities. But it’s difficult to lend your trust and put the security of your organization and your customers into the hands of a system that you may know very little about. Let’s take a closer look at the CVSS to see what it’s all about.

Continue Reading...

Posted in Open source and software supply chain risks, Open Source Security

 

Black Duck continues to expand vulnerability prioritization methods

Today’s release of Black Duck adds vulnerability impact analysis, which indicates whether your application executes vulnerable code. Let’s look at how this addition further augments your prioritization efforts.

Continue Reading...

Posted in Application Security, Security news and research, Software Composition Analysis (SCA)