Software Integrity

Archive for the 'Open Source Licenses' Category

 

Open source issues in an M&A target’s code: How do you know?

Until you ask, you don’t know how much open source a target has used, what components it uses, or what open source issues might be latent therein. That’s why open source questions are on the checklist of virtually every acquirer in a tech transaction. And the unfortunate reality is that even asking good questions doesn’t […]

Continue Reading...

Posted in Black Duck by Synopsys, Featured, Open Source Governance, Open Source Licenses | Comments Off on Open source issues in an M&A target’s code: How do you know?

 

North Korea hacking, JScript RCE, World Cup a cyberthreat target?

Software Integrity Insight is your resource on the cyber security and open source security news that made headlines this week, including news on North Korea hacking, the remote code execution vulnerability exposed in JScript, and how the World Cup 2018 might be a ripe target for cybercrime. Read on! The Cybersecurity 202: North Korea is […]

Continue Reading...

Posted in Application Security, DevOps, Open Source Licenses, Open Source Security | Comments Off on North Korea hacking, JScript RCE, World Cup a cyberthreat target?

 

Open source security risk on the rise owing to unpatched software

A slight change of pace for this week’s issue of Software Integrity Insight, as we focus on the release of the 2018 Open Source Security and Risk Analysis, which analyzes the audit results of over 1,100 commercial codebases from over 500 organizations and examines the open source security and licensing news of 2017. We think […]

Continue Reading...

Posted in Application Security, Open Source Licenses, Open Source Security | Comments Off on Open source security risk on the rise owing to unpatched software

 

Open source report exposes management gaps after turbulent 2017

2017 was a tumultuous year in the world of open source software. A massive data breach at Equifax exposed millions of U.S., U.K., and Canadian residents’ sensitive personal and financial information and gained widespread media attention. As open source software becomes embedded in our everyday lives, not only through our phones and computers but through […]

Continue Reading...

Posted in Open Source Licenses, Open Source Security | Comments Off on Open source report exposes management gaps after turbulent 2017

 

Fine-tuning roles, controlling licenses, and matching code snippets in Hub 4.5

Any tradesperson, specialist, expert, aficionado, or technologist will tell you that the key to a quality outcome is a set of tools specific to the project and oriented to the goal. The realm of software security and secure DevOps is no exception to this truth, and in Black Duck Hub’s version 4.5 release, we further […]

Continue Reading...

Posted in Black Duck by Synopsys, Open Source Licenses | Comments Off on Fine-tuning roles, controlling licenses, and matching code snippets in Hub 4.5

 

Black Duck On-Demand and Synopsys: Running the walk

Soon after Black Duck merged with Synopsys, I wrote about my initial impressions of the company, specifically as a home for the Black Duck On-Demand audit business. By way of update, in short, my initial, positive impressions hold. This is the right place for Black Duck and the audit business that so many in the […]

Continue Reading...

Posted in Open Source Licenses | Comments Off on Black Duck On-Demand and Synopsys: Running the walk

 

What it takes to be an Open Source Rookie

The spirit of open source can be summarized as trust in the development community to work together to create, evolve, and maintain software products with such transparency that others can leverage these accomplishments for further innovation. It is this spirit that Black Duck by Synopsys seeks to recognize each year with its Open Source Rookies of the […]

Continue Reading...

Posted in Open Source Licenses, Open Source Security | Comments Off on What it takes to be an Open Source Rookie

 

Who owns Linux?

On 7 March 2018, an appeal hearing in a GPLv2 enforcement case took place before the Higher Regional Court of Cologne (docket no. 6 U 162/17). In October 2017, the plaintiff Patrick McHardy had been successful in obtaining a very broad preliminary injunction covering the entire Linux kernel against Geniatech, the producer of the EyeTV […]

Continue Reading...

Posted in Open Source Licenses | Comments Off on Who owns Linux?

 

Building standout projects with the open source community

Developing an open source project can seem daunting at times. Finding time to dedicate to a project can be difficult, and when it finds success, reported issues and proposed changes to review can seem endless. Selecting open source libraries to use is no easier — you must make a choice between multiple options, and short […]

Continue Reading...

Posted in Open Source Licenses, Open Source Security | Comments Off on Building standout projects with the open source community

 

Enhanced legal tab in Black Duck On-Demand audit reports

If you have reviewed any Black Duck On-Demand audit reports recently, you may have noticed improvements in the legal tab and the way we report on findings. The new report format has received some very positive reviews, the theme being that it makes reported results more actionable.

Continue Reading...

Posted in Legal, Open Source Licenses | Comments Off on Enhanced legal tab in Black Duck On-Demand audit reports