Jun 30, 2023/2 min read Defending against malicious packages in the npm ecosystem and beyond By Fred Bals Tags: SCA, Software Integrity, Manage Security Risks
Jun 26, 2023/6 min read 2023 OSSRA deep dive: High-risk vulnerabilities By Fred Bals Tags: Software Integrity, Manage Security Risks, OSS License Compliance
May 10, 2023/4 min read 2023 OSSRA deep dive: jQuery and open source security By Fred Bals Tags: SCA, Software Integrity, Software Supply Chain, OSS License Compliance
Mar 26, 2023/2 min read Synopsys Global Partner Program Receives CRN® 5-Star Rating for Second Consecutive Year By Fred Bals Tags: Software Integrity, Security News & Research
Nov 14, 2022/3 min read The “Software Vulnerability Snapshot” reports that 95% of tests uncovered vulnerabilities in target apps By Fred Bals Tags: DAST, Software Integrity, Security News & Research, Pen Testing, Web AppSec
Mar 15, 2022/4 min read What is a software bill of materials? By Fred Bals Tags: SCA, Software Integrity, Software Supply Chain
Dec 07, 2020/4 min read 6 Findings from DevSecOps Practices' Survey By Fred Bals Tags: Software Integrity, AppSec Best Practices, DevSecOps, Manage Security Risks
Sep 30, 2020/3 min read Making SCA part of your AST Strategy By Fred Bals Tags: SCA, Software Integrity, Security News & Research, Software Supply Chain
Sep 10, 2020/4 min read TANSTAAFL! The tragedy of the commons meets open source software By Fred Bals Tags: Software Integrity, Manage Security Risks
Jun 01, 2020/3 min read Why developers need a supplemental source to NVD vulnerability data By Fred Bals Tags: SCA, Software Integrity, Build Secure Software
Feb 18, 2020/5 min read There’s no such thing as TMI when it comes to open source software By Fred Bals Tags: SCA, Software Integrity, Security News & Research
Jan 22, 2020/5 min read Coverity & Black Duck together. Better. Faster. Stronger. By Fred Bals Tags: SCA, Software Integrity, Build Secure Software, SAST
Nov 12, 2019/3 min read Blue Yonder: Extending their SDLC to remediate open source issues By Fred Bals Tags: SCA, Software Integrity
Feb 11, 2019/2 min read 3 takeaways from “Managing the Business Risks of Open Source” webinar By Fred Bals Tags: SCA, Software Integrity, Security News & Research, Manage Security Risks, OSS License Compliance
Oct 09, 2018/2 min read Why you need to perform open source due diligence in an M&A transaction By Fred Bals Tags: M&A, Software Integrity, OSS License Compliance
Oct 01, 2018/3 min read CVE-2018-11776 and why you need Black Duck Security Advisories By Fred Bals Tags: SCA, Software Integrity, Security News & Research
Aug 28, 2018/2 min read CVE-2018-11776: The latest Apache Struts vulnerability By Fred Bals Tags: SCA, Software Integrity, Security News & Research, CyRC
Aug 14, 2018/2 min read The AppSec alphabet soup: A guide to SAST, IAST, DAST, and RASP By Fred Bals Tags: Software Integrity, IAST, SAST, Web AppSec, Manage Security Risks
Jan 23, 2018/2 min read When software is the company, tech due diligence is critical By Fred Bals Tags: SCA, M&A, Software Integrity, OSS License Compliance
Sep 15, 2017/3 min read Equifax, Apache Struts, and CVE-2017-5638 vulnerability By Fred Bals Tags: Software Integrity, Security News & Research, Software Supply Chain, Manage Security Risks
Apr 05, 2017/3 min read Cloudera IPO: Risk for cyber attacks, lawsuits, and loss of IP? By Fred Bals Tags: M&A, Software Integrity, Manage Security Risks, OSS License Compliance