How to manage open source risks using Black Duck SCA
Open source risk goes beyond application security. Legal, operational, and supply chain implications demand a capable solution like Black Duck SCA.
Posted in Software Composition Analysis (SCA)
Shandra Gemmiti
Shandra is Director of Marketing for Black Duck’s On-Demand Audit business. She is responsible for developing and executing marketing strategies that drive Black Duck On-Demand product adoption. She spent the last 13 years in the technology industry both as a marketer and a corporate strategy professional and especially enjoys being able to use that experience to understand the Black Duck On-Demand customer and their unique tech diligence needs.
Posts by Shandra Gemmiti:
Things to consider when choosing a software composition analysis tool
The rise of open source software is not without risks for today’s applications. Use a software composition analysis tool to mitigate these risks.
Posted in Software Composition Analysis (SCA)
Four requirements for open source vulnerability management in a DevOps environment
Most applications contain open source code, which can expose companies to risks if left unchecked. Make the most of your open source vulnerability management with the right approach and tooling.
Posted in Open Source Security
Open source audits: The secret ingredient for successful M&A
Identifying open source in the target’s codebase is essential to M&A transactions involving software. Open source audits go far beyond what SCA can provide.
Posted in Mergers & Acquisitions, Open Source Security
Need a vulnerability assessment yesterday? Consider a Black Duck Audit
When you don’t have any time or resources to spare, Black Duck Audits provide a deep, accurate, rapid vulnerability assessment, plus remediation guidance.
Posted in Open Source Security
The advanced license compliance functionality you didn’t know your SCA tool needed
Open source license noncompliance can have severe implications. Here are four advanced license compliance features that help protect your proprietary code.
Posted in Software Composition Analysis (SCA)
Black Duck Audits: Not just for M&A
If you don’t have an SCA tool, a software audit can give you a bill of materials needed for product releases, vendor requirements, and procuring insurance.
Posted in Mergers & Acquisitions, Open Source Security
How do you effectively remediate the increasing sea of vulnerabilities?
With applications containing more and more open source, and 40+ vulnerabilities disclosed daily, how do you prioritize your remediation efforts?
Posted in Application Security, Open Source Security, Software Composition Analysis (SCA)
Cyber security audits top due diligence checklists
In a study by (ISC)2, all executives and M&A professionals surveyed agreed that cyber security audits have become standard practice in tech due diligence.
Posted in Mergers & Acquisitions, Open Source Security
Top 3 reasons to choose Black Duck
What sets Black Duck apart from other SCA solutions? Industry-leading innovation, extensive vulnerability detection, and a broad range of integrations.
Posted in Open Source Security, Software Composition Analysis (SCA)
Things to consider when choosing a software composition analysis tool
The rise of open source software is not without risks for today’s applications. Use a software composition analysis tool to mitigate these risks.
Posted in Software Composition Analysis (SCA)
Four requirements for open source vulnerability management in a DevOps environment
Most applications contain open source code, which can expose companies to risks if left unchecked. Make the most of your open source vulnerability management with the right approach and tooling.
Posted in Open Source Security
Open source audits: The secret ingredient for successful M&A
Identifying open source in the target’s codebase is essential to M&A transactions involving software. Open source audits go far beyond what SCA can provide.
Posted in Mergers & Acquisitions, Open Source Security
Need a vulnerability assessment yesterday? Consider a Black Duck Audit
When you don’t have any time or resources to spare, Black Duck Audits provide a deep, accurate, rapid vulnerability assessment, plus remediation guidance.
Posted in Open Source Security
The advanced license compliance functionality you didn’t know your SCA tool needed
Open source license noncompliance can have severe implications. Here are four advanced license compliance features that help protect your proprietary code.
Posted in Software Composition Analysis (SCA)
Black Duck Audits: Not just for M&A
If you don’t have an SCA tool, a software audit can give you a bill of materials needed for product releases, vendor requirements, and procuring insurance.
Posted in Mergers & Acquisitions, Open Source Security
How do you effectively remediate the increasing sea of vulnerabilities?
With applications containing more and more open source, and 40+ vulnerabilities disclosed daily, how do you prioritize your remediation efforts?
Posted in Application Security, Open Source Security, Software Composition Analysis (SCA)
Cyber security audits top due diligence checklists
In a study by (ISC)2, all executives and M&A professionals surveyed agreed that cyber security audits have become standard practice in tech due diligence.
Posted in Mergers & Acquisitions, Open Source Security
Top 3 reasons to choose Black Duck
What sets Black Duck apart from other SCA solutions? Industry-leading innovation, extensive vulnerability detection, and a broad range of integrations.
Posted in Open Source Security, Software Composition Analysis (SCA)