Consider these three operational open source risk factors when using open source components: version currency, version proliferation, and project activity.
How should you track open source? It’s almost definitely in your codebase, so the question is not whether to track it but what could happen if you don’t.
Learn how to drive your software security initiative with metrics, and get practical advice for open source security with Red Hat, in our new webinars.
Technical due diligence on the target’s SDLC is a must for acquirers in software M&A. What you don’t know about their process and tools could hurt you.
Synopsys and Red Hat have established a world-class partnership to enable open source management and application security testing in container environments.
An open source audit digs into a codebase to see what’s inside. Find out what our audit services team unearthed in the 1,200+ codebases we reviewed in 2018.
Learn about the magic of IAST, how to uncover the risks of APIs and web services in M&A, and how DoD and government agencies can mitigate software risks.
Posted in Interactive Application Security Testing (IAST), Mergers & Acquisitions, Open Source Security, Security Standards and Compliance, Webinars | Comments Off on [Webinars] Tech due diligence, IAST, and government software
Our 2019 OSSRA infographic shows trends and key findings from the latest Synopsys Open Source Security and Risk Analysis report. Download the free PDF.
Posted in Open Source Security | Comments Off on [Infographic] Findings from the 2019 OSSRA report
In our BinAuthz webinar, Sandra Guo (Google) and Tomas Gonzalez (Synopsys) explain Black Duck’s role in the software signing process. Available on demand.
Building our new Synopsys Operator took some effort, but the results are impressive! Read our tips for creating your own Operator for Red Hat OpenShift.