Black Duck is among platforms that lead the pack, cited for “very strong policy management and SDLC integrations and strong proactive vulnerability management.”
Posted in Featured, Open Source Security, Software Composition Analysis | Comments Off on Forrester recognizes Synopsys as a leader in software composition analysis
Software audits are the best way to uncover open source license risks before you go to production. Here’s how our audit group categorizes license risks.
Posted in Open Source Security | Comments Off on Sorting through open source license risks
Open source is eating software, but Red Hat and Synopsys help you build and deploy containers more securely and at scale.
Posted in Container Security, Open Source Security | Comments Off on New Synopsys Polaris platform optimized for Red Hat OpenShift Container Platform
SCA tools are an essential part of your AppSec toolkit, because free and open source software—just like free puppies—comes with hidden costs and risks.
Posted in Maturity Model (BSIMM), Open Source Security, Software Composition Analysis | Comments Off on The hidden costs and risks of free puppies (and open source)
Managing open source risk is essential today, when open source use is abundant but can threaten your business. Here are three key points from our webinar.
Posted in General, Open Source Security, Webinars | Comments Off on 3 takeaways from “Managing the Business Risks of Open Source” webinar
With containers, we’ve changed the way we deploy applications. Now it’s time to change the way we secure them, with container scanning tools for open source.
Posted in Container Security, Open Source Security | Comments Off on Announcing Black Duck OpsSight 2.2—Container security at scale
In an open source software audit, you should scan all software assets required to build your applications. But how do you identify and locate them?
Posted in Open Source Security | Comments Off on Preparing for an open source audit: Which software assets are worth analyzing?
The past decade charts the reach of open source into every industry. But what does the future of open source hold? Here are some open source predictions.
Posted in Open Source Security | Comments Off on The future of open source software: More of everything
2018 saw developments in many free and open source software legal issues, including copyright, license compliance, patent nonaggression, and antitrust law.
Posted in General, Open Source Security, Webinars | Comments Off on Top 10 FOSS legal developments in 2018
Hacking Security is a monthly podcast on emerging trends in application security. Episode 3 explores key findings from the 2018 OSSRA report.
Podcast: Play in new window | Download
Posted in General, Open Source Security, Software Composition Analysis | Comments Off on Hacking Security Episode 3: OSSRA report findings
Get the latest AppSec news and trends sent directly to you.
