Software Integrity

Archive for the 'GDPR' Category


GDPR raises the stakes on data breaches

Another week, another list of data breaches resulting from vulnerabilities in third-party contractors for high-profile companies. But since May 25, at least in the European Union (EU), it is more than just another week. There is the potential for something both more harsh and more expensive than unhappy customers, brand damage, or even class action […]

Continue Reading...

Posted in Data Breach, GDPR


Timehop breach provides GDPR response template

With the disclosure of 21 million individuals’ account information being accessed in a data breach at Timehop, we now have a blueprint for what public disclosure of a breach might look like under the new GDPR rules. In their disclosure, Timehop stated that on July 4, malicious actors gained access to account information for 21 […]

Continue Reading...

Posted in Data Breach, GDPR


Who owns Linux? TRITON attack, app security testing, future of GDPR

We look at the three reasons you must attend the FLIGHT Amsterdam conference; how to build outstanding projects in the open source community; and why isn’t every app being security tested? Plus, in-depth into the TRITON attack; why 2018 is the year of open source; how open source is driving both IoT and AI and […]

Continue Reading...

Posted in Automotive Security, Data Breach, DevOps, GDPR, Open Source Security


AppSec for DevOps, open source vs proprietary, malicious AIs and GDPR

Welcome to the March 2nd edition of Open Source Insight from Black Duck by Synopsys! We look at places you’d never expect to find GDPR data, as well as answers to your most-frequently-asked GDPR questions. Synopsys Principal Scientist Sammy Migues explores why enterprises must have a software security program while Synopsys Technology Evangelist, Tim Mackey, […]

Continue Reading...

Posted in Application Security, DevOps, GDPR


SEC and CyberSec risks, GDPR looms, what’s going on with the NVD?

In this week’s open source security and cybersecurity news: Free software comes with a price. Learn how a PE firm wraps open source due diligence into its tech investing. The SEC provides guidance on public cybersecurity. The Defense Department (re)launches its open source portal. A look at cybersecurity through the (virtual) lens of video gaming. […]

Continue Reading...

Posted in GDPR, Vulnerability Assessment


So, you want to be a data protection officer

The General Data Protection Regulation (GDPR) will be enforced starting on May 25, 2018. One of the requirements of the GDPR is that many companies who handle personal data of EU citizens will need to appoint either an employee or contractor to be their Data Protection Officer.

Continue Reading...

Posted in GDPR


Happy birthday open source and AppSec for 2018

Opinions differ on exactly when, but open source turned twenty this year. Most security breaches in 2017 were preventable (you hear that, Equifax?), and it’s time to take a look back to prevent similar breaches in 2018. iPhone source code gets leaked (for a short time). And keeping medical devices, voting machines, automobiles, and critical […]

Continue Reading...

Posted in Application Security, Data Breach, GDPR, Open Source Security


IoT security, tech due diligence, software security training

A grab-bag of open source security and cybersecurity news is in this week’s edition of Open Source Insight.  Is “many eyeballs” not enough? Some security researchers think Linus’ Law doesn’t work anymore. Black Duck by Synopsys kicks off a new video series with MITRE IoT expert, Bob Martin, covering IoT security. Learn how open source […]

Continue Reading...

Posted in DevOps, GDPR, Internet of Things, Open Source Security


Open source banking, 2018 CISO Report, GDPR looming

Cybercriminals are expected to extend their threat deeper into ransomware and IoT. In a just-released report, Synopsys examines the four “tribes” of CISOs, and the characteristics of each.  A link to the complimentary report is below. And with the GDPR going into force in just four months, businesses are scrambling for compliance.

Continue Reading...

Posted in GDPR, Internet of Things, Open Source Security


GDPR Readiness Summit: Preparing for May 2018

There has been much buzz about the GDPR (Global Data Protection Regulation) set to go into effect in May of 2018. Black Duck discussed the topic in our legal track at the Black Duck FLIGHT 2017 user conference, where Daniel Hedley from Irwin Mitchell looked at how European companies are preparing for GDPR.

Continue Reading...

Posted in GDPR, Open Source Security, Security Standards and Compliance