Software Integrity Blog

Author Archive

Shandra Gemmiti

shandra-gemmiti

Shandra is Director of Marketing for Black Duck’s On-Demand Audit business. She is responsible for developing and executing marketing strategies that drive Black Duck On-Demand product adoption. She spent the last 13 years in the technology industry both as a marketer and a corporate strategy professional and especially enjoys being able to use that experience to understand the Black Duck On-Demand customer and their unique tech diligence needs.


Posts by Shandra Gemmiti:

 

Open source audits: The secret ingredient for successful M&A

Identifying open source in the target’s codebase is essential to M&A transactions involving software. Open source audits go far beyond what SCA can provide.

Continue Reading...

Posted in Mergers & Acquisitions, Open Source Security | Comments Off on Open source audits: The secret ingredient for successful M&A

 

Need a vulnerability assessment yesterday? Consider a Black Duck Audit

When you don’t have any time or resources to spare, Black Duck Audits provide a deep, accurate, rapid vulnerability assessment, plus remediation guidance.

Continue Reading...

Posted in Open Source Security | Comments Off on Need a vulnerability assessment yesterday? Consider a Black Duck Audit

 

The advanced license compliance functionality you didn’t know your SCA tool needed

Open source license noncompliance can have severe implications. Here are four advanced license compliance features that help protect your proprietary code.

Continue Reading...

Posted in Software Composition Analysis (SCA) | Comments Off on The advanced license compliance functionality you didn’t know your SCA tool needed

 

Black Duck Audits: Not just for M&A

If you don’t have an SCA tool, a software audit can give you a bill of materials needed for product releases, vendor requirements, and procuring insurance.

Continue Reading...

Posted in Mergers & Acquisitions, Open Source Security | Comments Off on Black Duck Audits: Not just for M&A

 

How do you effectively remediate the increasing sea of vulnerabilities?

With applications containing more and more open source, and 40+ vulnerabilities disclosed daily, how do you prioritize your remediation efforts?

Continue Reading...

Posted in Application Security, Open Source Security, Software Composition Analysis (SCA) | Comments Off on How do you effectively remediate the increasing sea of vulnerabilities?

 

Cyber security audits top due diligence checklists

In a study by (ISC)2, all executives and M&A professionals surveyed agreed that cyber security audits have become standard practice in tech due diligence.

Continue Reading...

Posted in Mergers & Acquisitions, Open Source Security | Comments Off on Cyber security audits top due diligence checklists

 

Top 3 reasons to choose Black Duck

What sets Black Duck apart from other SCA solutions? Industry-leading innovation, extensive vulnerability detection, and a broad range of integrations.

Continue Reading...

Posted in Open Source Security, Software Composition Analysis (SCA) | Comments Off on Top 3 reasons to choose Black Duck

 

3 use cases where source code scanning doesn’t cut it

Binary code analysis tools are essential when you don’t have access to a build environment or source code. Here are some use cases for scanning binary code.

Continue Reading...

Posted in Open Source Security | Comments Off on 3 use cases where source code scanning doesn’t cut it

 

Open source security risk: Managing the threat in mergers and acquisitions

The prevalence of open source is a potential M&A risk, as buyers are often not aware that more than 50% of the code they acquire is made up of open source.

Continue Reading...

Posted in Mergers & Acquisitions, Open Source Security, Software Composition Analysis (SCA) | Comments Off on Open source security risk: Managing the threat in mergers and acquisitions