In a study by (ISC)2, all executives and M&A professionals surveyed agreed that cyber security audits have become standard practice in tech due diligence.
What sets Black Duck apart from other SCA solutions? Industry-leading innovation, extensive vulnerability detection, and a broad range of integrations.
Learn about a better, faster alternative to NVD vulnerability data feeds and how to measure software security effectiveness and use metrics to drive change.
Learn about software due diligence and how to answer your clients’ open source questions in our Black Duck Legal Certification Course.
To support the launch of Binary Authorization, we’re releasing Black Duck for Google Cloud Build to help ensure your images are free of policy violations.
The Black Duck Jira Cloud integration is based on a flexible, customizable model, backed by the same exemplary Black Duck software composition product.
We found that 24 Apache Struts Security Advisories incorrectly list impacted versions and that previously disclosed vulns affect an additional 61 versions.
The use of Node.js is rising. But many organizations don’t know about the potential license and security risks that Node.js can pose for their applications.
Learn how to adopt a cloud-native model for application security and how to mitigate legal risk by better understanding open source licensing obligations.
Binary code analysis tools are essential when you don’t have access to a build environment or source code. Here are some use cases for scanning binary code.
Posted in Open Source Security | Comments Off on 3 use cases where source code scanning doesn’t cut it