Software Integrity Blog

Author Archive

Neal Goldman


Mr. Goldman’s background encompasses 25 years of product management, marketing, and business development experience at a variety of technology vendors. Prior to Black Duck, he was a principal product manager at EMC and previously was vice president of product management and marketing at Gryphon Networks. Mr. Goldman has held a variety of senior marketing and product management positions at such companies as Akamai, FTP Software, and Symantec. In addition to his product management experience, he has been an industry analyst at the Yankee Group and managed corporate development for Dr. Solomon’s Software, where he managed strategic alliances, technology licensing, and mergers and acquisitions. He is the author of "The Complete Idiot's Pocket Reference to the Internet." Mr. Goldman holds an undergraduate degree from Tufts University and an MBA from the University of North Carolina, Chapel Hill. Neal’s passion is sailboat racing. You can find him racing at MIT from April to October and in the harbor any given Saturday throughout the winter.

Posts by Neal Goldman:


Black Duck OpsSight brings open source vulnerability detection to Kubernetes

This week we released a new version of Black Duck OpsSight, a solution for vulnerability detection and alerting in production environments. When we introduced Black Duck OpsSight for OpenShift in November, we made it possible for customers who use Black Duck Hub as an integral part of their SDLC security process to also monitor the open source security of their application deployment environments.

Continue Reading...

Posted in Open source and software supply chain risks, Software Architecture & Design


Black Duck and Google Grafeas: Improving container visibility and security

Containers offer many advantages over monolithic applications, packaged as VMs. Most importantly, a container image is immutable, easily built and deployed without reliance on permanent infrastructure.

Continue Reading...

Posted in Agile, CI/CD, & DevOps, Container Security, Open source and software supply chain risks, Open Source Security