Discovery capabilities: A core differentiator for Black Duck SCA
Stay on top of open source vulnerabilities and license obligations with discovery capabilities from Black Duck.
Posted in Open Source Security, Software Composition Analysis (SCA)
Stay on top of open source vulnerabilities and license obligations with discovery capabilities from Black Duck.
Posted in Open Source Security, Software Composition Analysis (SCA)
The Common Vulnerability Scoring System (CVSS) can help you navigate the constantly growing ocean of open source vulnerabilities. But it’s difficult to lend your trust and put the security of your organization and your customers into the hands of a system that you may know very little about. Let’s take a closer look at the CVSS to see what it’s all about.
Posted in Open Source Security
Synopsys surveyed 1,500 IT professionals working in cyber security to analyze the DevSecOps practices used to address open source vulnerability management.
Posted in Open Source Security
Most applications contain open source code, which can expose companies to risks if left unchecked. Make the most of your open source vulnerability management with the right approach and tooling.
Posted in Open Source Security
Understand the three common scenarios for why unlicensed open source is found in the codebase and the implications of it being embedded in commercial apps.
Posted in Open Source Security
Open source projects can become victims of their own success. What can developers do to secure their open source software?
Posted in Application Security, Open Source Security
Learn what OpenChain is, how it works, and how companies around the world are using it to secure their software supply chains and reduce open source risk.
Posted in Open Source Security, Webinars
Hear about the state of open source in our Red Hat partner webinar, discover our approach to threat modeling, and learn how to secure Node.js applications.
Posted in Open Source Security, Software Architecture & Design, Web Application Security, Webinars
In this week’s webinars, we’ll talk about binary scanning techniques and challenges, and how to reduce your risk with software supply chain management.
Posted in Open Source Security, Webinars
Identifying open source in the target’s codebase is essential to M&A transactions involving software. Open source audits go far beyond what SCA can provide.
Posted in Mergers & Acquisitions, Open Source Security