Learn how vulnerability reports can help you fix critical vulnerabilities effectively, and the essentials of application security for DevOps and CI/CD.
Posted in Agile, CI/CD & DevOps, Open Source Security, Software Composition Analysis (SCA), Software Security Program, Webinars | Comments Off on [Webinars] Vulnerability reports, application security for DevOps and CI/CD
Our 2020 OSSRA infographic shows key findings and open source trends from the Synopsys Open Source Security and Risk Analysis report. Download the free PDF.
Posted in Open Source Security | Comments Off on [Infographic] Key findings from the 2020 OSSRA report
Our analysis of 1,250+ codebases reveals trends in open source use, security, and license compliance that affect development, security, and legal teams.
Posted in Featured, Open Source Security | Comments Off on 5 key takeaways from the 2020 Open Source Security and Risk Analysis report
Learn more about the 2020 OSSRA report, guidelines and solutions for remote security testing, and why all software development should be secure development.
Posted in Developer Enablement, Open Source Security, Software Security Program, Webinars | Comments Off on [Webinars] Open source security, remote security testing, secure development
Different types of software licenses require you to meet certain obligations if you want to reuse the code. Here are 5 common types of software licenses.
Posted in Open Source Security | Comments Off on 5 types of software licenses you need to understand
Ghostcat (CVE-2020-1938) is an Apache Tomcat vulnerability that allows remote code execution in some circumstances. Here’s how to find and mitigate it.
Posted in Application Security, Open Source Security | Comments Off on What is the Ghostcat vulnerability (CVE-2020-1938)?
Are you releasing software with legacy vulnerabilities that you put aside to address later but forgot about—or that you didn’t even know were in your code?
Posted in Application Security, Open Source Security | Comments Off on How to deal with legacy vulnerabilities
A new report from Bitkom reveals that among companies that use open source, many aren’t sure of the best way to approach open source risk management.
Posted in Open Source Security | Comments Off on Open source software use grows in Germany, but compliance and risk management need improvement
With applications containing more and more open source, and 40+ vulnerabilities disclosed daily, how do you prioritize your remediation efforts?
Posted in Application Security, Open Source Security, Software Composition Analysis (SCA) | Comments Off on How do you effectively remediate the increasing sea of vulnerabilities?
Modern software is a bit like manufacturing: gluing open source components together using proprietary code and tracking everything with a bill of materials.
Posted in Open Source Security, Software Composition Analysis (SCA) | Comments Off on How to Cyber Security: Software is manufacturing
